Showing posts with label dns. Show all posts
Showing posts with label dns. Show all posts

Bruteforce Subdomains with DNSMap

1 comment

DNSMap

 This one's really quick - if you've ever needed to know some subdomains of a site, consider "dnsmap". It will bruteforce a bunch of subdomains for any domain you give it - and you can customise your own domain. It's pretty simple. Here's the linux instructions:
DOWNLOAD IT

tar xf dnsmap-latest.tar && cd dnsmap

3. Make sure you have a C compiler installed (i.e. GNU C++ Compiler) and compile it:

gcc dnsmap.c -o dnsmap

4. Make it executable:

chmod +x dnsmap

5. Run it:

./dnsmap domain.com

6. View results:

dnsmap - DNS Network Mapper by pagvac
Searching subhosts on domain google.com

ap.google.com
IP Address #1:209.85.173.103
IP Address #2:209.85.173.104
IP Address #3:209.85.173.147
IP Address #4:209.85.173.99

blog.google.com
IP Address #1:72.14.207.191

catalog.google.com
IP Address #1:74.125.19.100
IP Address #2:74.125.19.101
IP Address #3:74.125.19.102
IP Address #4:74.125.19.113

catalogue.google.com
IP Address #1:74.125.19.113
IP Address #2:74.125.19.100
IP Address #3:74.125.19.101
IP Address #4:74.125.19.102

directory.google.com
IP Address #1:209.85.173.103
IP Address #2:209.85.173.104
IP Address #3:209.85.173.147
IP Address #4:209.85.173.99

download.google.com
IP Address #1:209.85.173.99
IP Address #2:209.85.173.103
IP Address #3:209.85.173.104
IP Address #4:209.85.173.147

downloads.google.com
IP Address #1:209.85.173.147
IP Address #2:209.85.173.99
IP Address #3:209.85.173.103
IP Address #4:209.85.173.104

email.google.com
IP Address #1:74.125.19.100
IP Address #2:74.125.19.101
IP Address #3:74.125.19.102
IP Address #4:74.125.19.113

finance.google.com
IP Address #1:209.85.173.104
IP Address #2:209.85.173.147
IP Address #3:209.85.173.99
IP Address #4:209.85.173.103

groups.google.com
IP Address #1:209.85.171.113
IP Address #2:209.85.171.100
IP Address #3:209.85.171.101
IP Address #4:209.85.171.102

images.google.com
IP Address #1:209.85.173.147
IP Address #2:209.85.173.99
IP Address #3:209.85.173.103
IP Address #4:209.85.173.104

labs.google.com
IP Address #1:74.125.19.113
IP Address #2:74.125.19.100
IP Address #3:74.125.19.101
IP Address #4:74.125.19.102

mail.google.com
IP Address #1:209.85.201.18
IP Address #2:209.85.201.19
IP Address #3:209.85.201.83

mobile.google.com
IP Address #1:209.85.173.193

news.google.com
IP Address #1:209.85.171.99
IP Address #2:209.85.171.103
IP Address #3:209.85.171.104
IP Address #4:209.85.171.147

photo.google.com
IP Address #1:74.125.47.91
IP Address #2:74.125.47.93
IP Address #3:74.125.47.136
IP Address #4:74.125.47.190

photos.google.com
IP Address #1:74.125.47.190
IP Address #2:74.125.47.91
IP Address #3:74.125.47.93
IP Address #4:74.125.47.136

proxy.google.com
IP Address #1:64.233.169.4
IP Address #2:64.233.171.4
IP Address #3:64.233.179.4
IP Address #4:64.233.183.4
IP Address #5:64.233.184.4
IP Address #6:64.233.187.4
IP Address #7:66.102.0.4
IP Address #8:66.102.9.4
IP Address #9:66.102.14.225
IP Address #10:66.102.14.241
IP Address #11:216.239.42.4
IP Address #12:216.239.53.4
IP Address #13:216.239.55.5
IP Address #14:216.239.57.4
IP Address #15:216.239.59.4
IP Address #16:64.233.161.4
IP Address #17:64.233.165.4
IP Address #18:64.233.167.4

research.google.com
IP Address #1:74.125.19.102
IP Address #2:74.125.19.113
IP Address #3:74.125.19.100
IP Address #4:74.125.19.101

sandbox.google.com
IP Address #1:209.85.171.81

search.google.com
IP Address #1:209.85.173.99
IP Address #2:209.85.173.103
IP Address #3:209.85.173.104
IP Address #4:209.85.173.147

services.google.com
IP Address #1:209.85.139.110

shopping.google.com
IP Address #1:209.85.171.103
IP Address #2:209.85.171.104
IP Address #3:209.85.171.147
IP Address #4:209.85.171.99

smtp.google.com
IP Address #1:209.85.237.25

sms.google.com
IP Address #1:209.85.173.147
IP Address #2:209.85.173.99
IP Address #3:209.85.173.103
IP Address #4:209.85.173.104

support.google.com
IP Address #1:74.125.19.101
IP Address #2:74.125.19.102
IP Address #3:74.125.19.113
IP Address #4:74.125.19.100

uploads.google.com
IP Address #1:72.14.243.49

vpn.google.com
IP Address #1:64.9.224.69
IP Address #2:64.9.224.70
IP Address #3:64.9.224.68

www.google.com
IP Address #1:209.85.173.104
IP Address #2:209.85.173.147
IP Address #3:209.85.173.99
IP Address #4:209.85.173.103

www2.google.com
IP Address #1:64.233.179.104

www3.google.com
IP Address #1:64.233.179.104

31 subhost(s) found


Enjoy, and use it legally in your penetration tests.
Read more »

DNS poisoning using Cain

5 comments

Hey guys Smile this Tutorial is about DNS poisoning on your network using Cain & Abel.

Download Cain here http://www.oxid.it/cain.html

This Tutorial Will be limited to just redirecting the traffic to another website.



Note: This Tutorial is for educational purposes only (you’ll be responsible for your own actions)



First What is the DNS ? (wikipedia.org)

The Domain Name System (DNS) is a hierarchical naming system for
computers, services, or any resource connected to the internet or a
private network. It associates various information with domain names
assigned to each of the participants. Most importantly, it translates
domain names meaningful to humans into the numerical (binary)
identifiers associated with networking equipment for the purpose of
locating and addressing these devices worldwide. An often used analogy
to explain the Domain Name System is that it serves as the "phone book"
for the Internet by translating human-friendly computer hostnames into
IP addresses. For example, http://www.example.com translates to 208.77.188.166.



What does poisoning the DNS allow us to do ?

It allows us to redirect the traffic to another website.



First This is the structure of the network :


Board Image

1 , 2 and 3 are computers



1 is the computer being the gateway (could be a router) (172.128.254.1)



2 is the target computer (172.128.254.10)



3 is the attacker using cain



Note : IPs are just used for this tutorial and chosen randomly.



Our work is on computer number 3.

__________________________________________________  ______



1-After you install cain , open it and go to the sniffer tab



2-Click on configure and choose your adapter

Board Image

3-Enable the sniffer (click on the second icon in the toolbar next to the open icon)



4-Right click in the empty area and choose scan MAC addresses. We get the results above.



5-Click on the APR Tab

Board Image

6-Click on the + sign in the toolbar to add a new ARP poison routing

Board Image

7-choose the gateway which is 172.128.254.1 , in the next list you’ll
get the IP of the computer 2 which is 172.128.254.10 and click ok

Board Image

8-now click on the APR-DNS tab

Board Image



9-click on the + sign



10-enter the web address that you want to spoof , (in this case when the
user goes to facebook he’ll be redirected to myspace) click on resolve
type the web address that you want to redirect the user to it, and click
ok, and you’ll get the IP of the web address, then click ok

Board Image

you'll get something like this:

Board Image

11-now to make this work we have to enable APR poisoning , click on the
icon next to the sniffer icon, and everything should work as we expect.



Now the computer 2 will get the routes poisoned and when the user requests http://www.facebook.com he will be redirected to http://www.myspace.com .

Imagine what you can do with this technique.



I hope this was a good tutorial for you guys , and please leave your feedback.
       

-----------------------
Read more »

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | coupon codes