切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
308 dnsrecon.py[复制链接]
发表于 2012-10-11 23:40:41 | 显示全部楼层 |!read_mode!
安装
  1. root@Dis9Team:~# apt-get install python-setuptools
  2. root@Dis9Team:~# easy_install netaddr
  3. root@Dis9Team:~# easy_install dnspython
  4. root@Dis9Team:~# mkdir /pen/dns
  5. root@Dis9Team:~# cd /pen/dns/
  6. root@Dis9Team:/pen/dns# git clone git://github.com/darkoperator/dnsrecon.git
复制代码
TEST GOOGLEGG搜索
  1. root@Dis9Team:/pen/dns/dnsrecon# ./dnsrecon.py -t goo -d google.com -w
  2. [*] Performing Google Search Enumeration against google.com
  3. [*]          A www.google.com 74.125.128.147
  4. [*]          A www.google.com 74.125.128.103
  5. [*]          A www.google.com 74.125.128.105
  6. [*]          A www.google.com 74.125.128.104
  7. [*]          A www.google.com 74.125.128.106
  8. [*]          A www.google.com 74.125.128.99
  9. [*]          AAAA www.google.com 2404:6800:4005:c00::6a
  10. [*]          CNAME plusone.google.com plus.l.google.com
  11. [*]          A plus.l.google.com 74.125.128.100
  12. [*]          A plus.l.google.com 74.125.128.101
  13. [*]          A plus.l.google.com 74.125.128.113
  14. [*]          A plus.l.google.com 74.125.128.139
  15. [*]          A plus.l.google.com 74.125.128.138
  16. [*]          A plus.l.google.com 74.125.128.102
  17. [*]          CNAME plusone.google.com plus.l.google.com
  18. [*]          AAAA plus.l.google.com 2404:6800:4005:c00::8b
  19. [*]          CNAME maps.google.com maps.l.google.com
  20. [*]          A maps.l.google.com 74.125.128.139
  21. [*]          A maps.l.google.com 74.125.128.100
  22. [*]          A maps.l.google.com 74.125.128.101
  23. [*]          A maps.l.google.com 74.125.128.102
  24. [*]          A maps.l.google.com 74.125.128.113
  25. [*]          A maps.l.google.com 74.125.128.138
  26. [*]          CNAME maps.google.com maps.l.google.com
  27. [*]          AAAA maps.l.google.com 2404:6800:4005:c00::71
  28. [*]          CNAME play.google.com www3.l.google.com
  29. [*]          A www3.l.google.com 74.125.128.139
  30. [*]          A www3.l.google.com 74.125.128.100
  31. [*]          A www3.l.google.com 74.125.128.101
  32. [*]          A www3.l.google.com 74.125.128.102
  33. [*]          A www3.l.google.com 74.125.128.113
  34. [*]          A www3.l.google.com 74.125.128.138
  35. [*]          CNAME play.google.com www3.l.google.com
  36. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::71
  37. [*]          CNAME news.google.com news.l.google.com
  38. [*]          A news.l.google.com 74.125.128.102
  39. [*]          A news.l.google.com 74.125.128.138
  40. [*]          A news.l.google.com 74.125.128.113
  41. [*]          A news.l.google.com 74.125.128.101
  42. [*]          A news.l.google.com 74.125.128.139
  43. [*]          A news.l.google.com 74.125.128.100
  44. [*]          CNAME news.google.com news.l.google.com
  45. [*]          AAAA news.l.google.com 2404:6800:4005:c00::8b
  46. [*]          CNAME mail.google.com googlemail.l.google.com
  47. [*]          A googlemail.l.google.com 74.125.128.17
  48. [*]          A googlemail.l.google.com 74.125.128.19
  49. [*]          A googlemail.l.google.com 74.125.128.18
  50. [*]          A googlemail.l.google.com 74.125.128.83
  51. [*]          CNAME mail.google.com googlemail.l.google.com
  52. [*]          AAAA googlemail.l.google.com 2404:6800:4005:c00::13
  53. [*]          A docs.google.com 74.125.128.139
  54. [*]          A docs.google.com 74.125.128.113
  55. [*]          A docs.google.com 74.125.128.100
  56. [*]          A docs.google.com 74.125.128.102
  57. [*]          A docs.google.com 74.125.128.101
  58. [*]          A docs.google.com 74.125.128.138
  59. [*]          AAAA docs.google.com 2404:6800:4005:c00::65
  60. [*]          CNAME translate.google.com www3.l.google.com
  61. [*]          A www3.l.google.com 74.125.128.138
  62. [*]          A www3.l.google.com 74.125.128.113
  63. [*]          A www3.l.google.com 74.125.128.102
  64. [*]          A www3.l.google.com 74.125.128.101
  65. [*]          A www3.l.google.com 74.125.128.100
  66. [*]          A www3.l.google.com 74.125.128.139
  67. [*]          CNAME translate.google.com www3.l.google.com
  68. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::65
  69. [*]          A wallet.google.com 74.125.128.101
  70. [*]          A wallet.google.com 74.125.128.139
  71. [*]          A wallet.google.com 74.125.128.138
  72. [*]          A wallet.google.com 74.125.128.102
  73. [*]          A wallet.google.com 74.125.128.100
  74. [*]          A wallet.google.com 74.125.128.113
  75. [*]          AAAA wallet.google.com 2404:6800:4005:c00::66
  76. [*]          CNAME picasaweb.google.com picasaweb.l.google.com
  77. [*]          A picasaweb.l.google.com 74.125.128.91
  78. [*]          A picasaweb.l.google.com 74.125.128.190
  79. [*]          A picasaweb.l.google.com 74.125.128.93
  80. [*]          A picasaweb.l.google.com 74.125.128.136
  81. [*]          CNAME picasaweb.google.com picasaweb.l.google.com
  82. [*]          AAAA picasaweb.l.google.com 2404:6800:4005:c00::5b
  83. [*]          CNAME accounts.google.com accounts.l.google.com
  84. [*]          A accounts.l.google.com 74.125.128.84
  85. [*]          CNAME accounts.google.com accounts.l.google.com
  86. [*]          AAAA accounts.l.google.com 2404:6800:4005:c00::54
  87. [*]          CNAME music.google.com www3.l.google.com
  88. [*]          A www3.l.google.com 74.125.128.139
  89. [*]          A www3.l.google.com 74.125.128.113
  90. [*]          A www3.l.google.com 74.125.128.138
  91. [*]          A www3.l.google.com 74.125.128.102
  92. [*]          A www3.l.google.com 74.125.128.100
  93. [*]          A www3.l.google.com 74.125.128.101
  94. [*]          CNAME music.google.com www3.l.google.com
  95. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::64
  96. [*]          CNAME fiber.google.com www3.l.google.com
  97. [*]          A www3.l.google.com 74.125.128.100
  98. [*]          A www3.l.google.com 74.125.128.102
  99. [*]          A www3.l.google.com 74.125.128.139
  100. [*]          A www3.l.google.com 74.125.128.113
  101. [*]          A www3.l.google.com 74.125.128.138
  102. [*]          A www3.l.google.com 74.125.128.101
  103. [*]          CNAME fiber.google.com www3.l.google.com
  104. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::71
  105. [*]          CNAME support.google.com www3.l.google.com
  106. [*]          A www3.l.google.com 74.125.128.101
  107. [*]          A www3.l.google.com 74.125.128.138
  108. [*]          A www3.l.google.com 74.125.128.139
  109. [*]          A www3.l.google.com 74.125.128.113
  110. [*]          A www3.l.google.com 74.125.128.102
  111. [*]          A www3.l.google.com 74.125.128.100
  112. [*]          CNAME support.google.com www3.l.google.com
  113. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::8a
  114. [*]          CNAME developers.google.com www3.l.google.com
  115. [*]          A www3.l.google.com 74.125.128.101
  116. [*]          A www3.l.google.com 74.125.128.139
  117. [*]          A www3.l.google.com 74.125.128.138
  118. [*]          A www3.l.google.com 74.125.128.102
  119. [*]          A www3.l.google.com 74.125.128.100
  120. [*]          A www3.l.google.com 74.125.128.113
  121. [*]          CNAME developers.google.com www3.l.google.com
  122. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::71
  123. [*]          CNAME investor.google.com www3.l.google.com
  124. [*]          A www3.l.google.com 74.125.128.100
  125. [*]          A www3.l.google.com 74.125.128.102
  126. [*]          A www3.l.google.com 74.125.128.139
  127. [*]          A www3.l.google.com 74.125.128.113
  128. [*]          A www3.l.google.com 74.125.128.138
  129. [*]          A www3.l.google.com 74.125.128.101
  130. [*]          CNAME investor.google.com www3.l.google.com
  131. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::8b
  132. [*]          CNAME chrome.google.com www3.l.google.com
  133. [*]          A www3.l.google.com 74.125.128.139
  134. [*]          A www3.l.google.com 74.125.128.113
  135. [*]          A www3.l.google.com 74.125.128.138
  136. [*]          A www3.l.google.com 74.125.128.102
  137. [*]          A www3.l.google.com 74.125.128.100
  138. [*]          A www3.l.google.com 74.125.128.101
  139. [*]          CNAME chrome.google.com www3.l.google.com
  140. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::66
  141. [*]          CNAME books.google.com www3.l.google.com
  142. [*]          A www3.l.google.com 74.125.128.101
  143. [*]          A www3.l.google.com 74.125.128.139
  144. [*]          A www3.l.google.com 74.125.128.138
  145. [*]          A www3.l.google.com 74.125.128.102
  146. [*]          A www3.l.google.com 74.125.128.100
  147. [*]          A www3.l.google.com 74.125.128.113
  148. [*]          CNAME books.google.com www3.l.google.com
  149. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::66
  150. [*]          CNAME code.google.com code.l.google.com
  151. [*]          A code.l.google.com 74.125.128.101
  152. [*]          A code.l.google.com 74.125.128.139
  153. [*]          A code.l.google.com 74.125.128.138
  154. [*]          A code.l.google.com 74.125.128.102
  155. [*]          A code.l.google.com 74.125.128.100
  156. [*]          A code.l.google.com 74.125.128.113
  157. [*]          CNAME code.google.com code.l.google.com
  158. [*]          AAAA code.l.google.com 2404:6800:4005:c00::65
  159. [*]          A plus.google.com 74.125.128.101
  160. [*]          A plus.google.com 74.125.128.139
  161. [*]          A plus.google.com 74.125.128.138
  162. [*]          A plus.google.com 74.125.128.102
  163. [*]          A plus.google.com 74.125.128.100
  164. [*]          A plus.google.com 74.125.128.113
  165. [*]          AAAA plus.google.com 2404:6800:4005:c00::71
  166. [*]          CNAME research.google.com www3.l.google.com
  167. [*]          A www3.l.google.com 74.125.128.101
  168. [*]          A www3.l.google.com 74.125.128.100
  169. [*]          A www3.l.google.com 74.125.128.139
  170. [*]          A www3.l.google.com 74.125.128.102
  171. [*]          A www3.l.google.com 74.125.128.113
  172. [*]          A www3.l.google.com 74.125.128.138
  173. [*]          CNAME research.google.com www3.l.google.com
  174. [*]          AAAA www3.l.google.com 2404:6800:4005:c00::8a
  175. [*]          CNAME video.google.com video.l.google.com
  176. [*]          A video.l.google.com 74.125.128.138
  177. [*]          A video.l.google.com 74.125.128.100
  178. [*]          A video.l.google.com 74.125.128.102
  179. [*]          A video.l.google.com 74.125.128.139
  180. [*]          A video.l.google.com 74.125.128.101
  181. [*]          A video.l.google.com 74.125.128.113
  182. [*]          CNAME video.google.com video.l.google.com
  183. [*]          AAAA video.l.google.com 2404:6800:4005:c00::8b
  184. [*]          CNAME productforums.google.com groups.l.google.com
  185. [*]          A groups.l.google.com 74.125.128.139
  186. [*]          A groups.l.google.com 74.125.128.102
  187. [*]          A groups.l.google.com 74.125.128.101
  188. [*]          A groups.l.google.com 74.125.128.113
  189. [*]          A groups.l.google.com 74.125.128.138
  190. [*]          A groups.l.google.com 74.125.128.100
  191. [*]          CNAME productforums.google.com groups.l.google.com
  192. [*]          AAAA groups.l.google.com 2404:6800:4005:c00::71
  193. [*]          CNAME groups.google.com groups.l.google.com
  194. [*]          A groups.l.google.com 74.125.128.101
  195. [*]          A groups.l.google.com 74.125.128.139
  196. [*]          A groups.l.google.com 74.125.128.100
  197. [*]          A groups.l.google.com 74.125.128.138
  198. [*]          A groups.l.google.com 74.125.128.113
  199. [*]          A groups.l.google.com 74.125.128.102
  200. [*]          CNAME groups.google.com groups.l.google.com
  201. [*]          AAAA groups.l.google.com 2404:6800:4005:c00::65
  202. [*] 199 Records Found
  203. root@Dis9Team:/pen/dns/dnsrecon#
复制代码


std
  1. root@Dis9Team:/pen/dns/dnsrecon# ./dnsrecon.py -t std -d google.com
  2. [*] Performing General Enumeration of Domain:
  3. [-] DNSSEC is not configured for google.com
  4. [*]          SOA ns1.google.com 216.239.32.10
  5. [*]          NS ns2.google.com 216.239.34.10
  6. [*]          NS ns1.google.com 216.239.32.10
  7. [*]          NS ns4.google.com 216.239.38.10
  8. [*]          NS ns3.google.com 216.239.36.10
  9. [*]          MX aspmx.l.google.com 74.125.25.26
  10. [*]          MX alt2.aspmx.l.google.com 74.125.45.26
  11. [*]          MX alt4.aspmx.l.google.com 74.125.131.26
  12. [*]          MX alt1.aspmx.l.google.com 74.125.142.26
  13. [*]          MX alt3.aspmx.l.google.com 173.194.68.26
  14. [*]          MX aspmx.l.google.com 2607:f8b0:400e:c03::1a
  15. [*]          MX alt2.aspmx.l.google.com 2001:4860:800a::1a
  16. [*]          MX alt4.aspmx.l.google.com 2607:f8b0:400c:c03::1a
  17. [*]          MX alt1.aspmx.l.google.com 2a00:1450:4010:c04::1b
  18. [*]          MX alt3.aspmx.l.google.com 2607:f8b0:400d:c00::1b
  19. [*]          A google.com 74.125.128.138
  20. [*]          A google.com 74.125.128.100
  21. [*]          A google.com 74.125.128.102
  22. [*]          A google.com 74.125.128.139
  23. [*]          A google.com 74.125.128.101
  24. [*]          A google.com 74.125.128.113
  25. [*]          AAAA google.com 2404:6800:4005:c00::8b
  26. [*]          TXT google.com v=spf1 include:_netblocks.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all
  27. [*] Enumerating SRV Records
  28. [*]          SRV _jabber._tcp.google.com alt2.xmpp-server.l.google.com 74.125.142.125 5269 0
  29. [*]          SRV _jabber._tcp.google.com alt3.xmpp-server.l.google.com 74.125.137.125 5269 0
  30. [*]          SRV _jabber._tcp.google.com xmpp-server.l.google.com 74.125.128.125 5269 0
  31. [*]          SRV _jabber._tcp.google.com alt4.xmpp-server.l.google.com 173.194.76.125 5269 0
  32. [*]          SRV _jabber._tcp.google.com alt1.xmpp-server.l.google.com 74.125.141.125 5269 0
  33. [*]          SRV _xmpp-client._tcp.google.com alt3.xmpp.l.google.com 74.125.137.125 5222 0
  34. [*]          SRV _xmpp-client._tcp.google.com alt3.xmpp.l.google.com 2404:6800:4005:c00::7d 5222 0
  35. [*]          SRV _xmpp-client._tcp.google.com alt4.xmpp.l.google.com 173.194.68.125 5222 0
  36. [*]          SRV _xmpp-client._tcp.google.com alt4.xmpp.l.google.com 2607:f8b0:400d:c00::7d 5222 0
  37. [*]          SRV _xmpp-client._tcp.google.com alt1.xmpp.l.google.com 74.125.141.125 5222 0
  38. [*]          SRV _xmpp-client._tcp.google.com alt1.xmpp.l.google.com 2607:f8b0:400e:c00::7d 5222 0
  39. [*]          SRV _xmpp-client._tcp.google.com alt2.xmpp.l.google.com 74.125.142.125 5222 0
  40. [*]          SRV _xmpp-client._tcp.google.com alt2.xmpp.l.google.com 2404:6800:4005:c00::7d 5222 0
  41. [*]          SRV _xmpp-client._tcp.google.com xmpp.l.google.com 74.125.128.125 5222 0
  42. [*]          SRV _xmpp-client._tcp.google.com xmpp.l.google.com 2404:6800:4005:c00::7d 5222 0
  43. [*]          SRV _xmpp-server._tcp.google.com alt4.xmpp-server.l.google.com 173.194.76.125 5269 0
  44. [*]          SRV _xmpp-server._tcp.google.com xmpp-server.l.google.com 74.125.128.125 5269 0
  45. [*]          SRV _xmpp-server._tcp.google.com alt1.xmpp-server.l.google.com 74.125.141.125 5269 0
  46. [*]          SRV _xmpp-server._tcp.google.com alt3.xmpp-server.l.google.com 74.125.137.125 5269 0
  47. [*]          SRV _xmpp-server._tcp.google.com alt2.xmpp-server.l.google.com 74.125.142.125 5269 0
  48. [*]          SRV _jabber-client._tcp.google.com xmpp.l.google.com 74.125.128.125 5222 0
  49. [*]          SRV _jabber-client._tcp.google.com xmpp.l.google.com 2404:6800:4005:c00::7d 5222 0
  50. [*]          SRV _jabber-client._tcp.google.com alt1.xmpp.l.google.com 74.125.141.125 5222 0
  51. [*]          SRV _jabber-client._tcp.google.com alt1.xmpp.l.google.com 2607:f8b0:400e:c00::7d 5222 0
  52. [*]          SRV _jabber-client._tcp.google.com alt2.xmpp.l.google.com 74.125.142.125 5222 0
  53. [*]          SRV _jabber-client._tcp.google.com alt2.xmpp.l.google.com 2404:6800:4005:c00::7d 5222 0
  54. [*]          SRV _jabber-client._tcp.google.com alt3.xmpp.l.google.com 74.125.137.125 5222 0
  55. [*]          SRV _jabber-client._tcp.google.com alt3.xmpp.l.google.com 2404:6800:4005:c00::7d 5222 0
  56. [*]          SRV _jabber-client._tcp.google.com alt4.xmpp.l.google.com 173.194.68.125 5222 0
  57. [*]          SRV _jabber-client._tcp.google.com alt4.xmpp.l.google.com 2607:f8b0:400d:c00::7d 5222 0
  58. [*] 30 Records Found
  59. root@Dis9Team:/pen/dns/dnsrecon#
复制代码


Reverse Look-up
  1. root@Dis9Team:/pen/dns/dnsrecon# ./dnsrecon.py -t std -d google.com -s
  2. [*] Performing General Enumeration of Domain:
  3. [-] DNSSEC is not configured for google.com
  4. [*]          SOA ns1.google.com 216.239.32.10
  5. [*]          NS ns2.google.com 216.239.34.10
  6. [*]          NS ns1.google.com 216.239.32.10
  7. [*]          NS ns4.google.com 216.239.38.10
  8. [*]          NS ns3.google.com 216.239.36.10
  9. [*]          MX aspmx.l.google.com 74.125.25.26
  10. [*]          MX alt2.aspmx.l.google.com 74.125.45.26
  11. [*]          MX alt4.aspmx.l.google.com 74.125.131.26
  12. [*]          MX alt1.aspmx.l.google.com 74.125.142.26
  13. [*]          MX alt3.aspmx.l.google.com 173.194.68.26
  14. [*]          MX aspmx.l.google.com 2607:f8b0:400e:c03::1a
  15. [*]          MX alt2.aspmx.l.google.com 2001:4860:800a::1a
  16. [*]          MX alt4.aspmx.l.google.com 2607:f8b0:400c:c03::1a
  17. [*]          MX alt1.aspmx.l.google.com 2a00:1450:4010:c04::1b
  18. [*]          MX alt3.aspmx.l.google.com 2607:f8b0:400d:c00::1b
  19. [*]          A google.com 74.125.128.138
  20. [*]          A google.com 74.125.128.100
  21. [*]          A google.com 74.125.128.102
  22. [*]          A google.com 74.125.128.139
  23. [*]          A google.com 74.125.128.101
  24. [*]          A google.com 74.125.128.113
  25. [*]          AAAA google.com 2404:6800:4005:c00::8b
  26. [*]          TXT google.com v=spf1 include:_netblocks.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all
  27. [*] Expanding IP ranges found in DNS and TXT records for Reverse Look-up
  28. [*] Performing Reverse Look-up of SPF Ranges
  29. [*] Performing Reverse Lookup from 216.73.93.70 to 173.194.255.255
  30. [*]          PTR any-in-2002.1e100.net 216.239.32.2
  31. [*]          PTR any-in-2003.1e100.net 216.239.32.3
  32. [*]          PTR any-in-2004.1e100.net 216.239.32.4
  33. [*]          PTR any-in-2001.1e100.net 216.239.32.1
  34. [*]          PTR any-in-2006.1e100.net 216.239.32.6
  35. [*]          PTR ns1.google.com 216.239.32.10
  36. [*]          PTR ns.google.com 216.239.32.11
  37. [*]          PTR time1.google.com 216.239.32.15
  38. [*]          PTR any-in-2013.1e100.net 216.239.32.19
  39. [*]          PTR any-in-2014.1e100.net 216.239.32.20
  40. [*]          PTR any-in-2015.1e100.net 216.239.32.21
  41. [*]          PTR any-in-2005.1e100.net 216.239.32.5
  42. [*]          PTR any-in-2016.1e100.net 216.239.32.22
  43. [*]          PTR any-in-2017.1e100.net 216.239.32.23
  44. [*]          PTR any-in-201d.1e100.net 216.239.32.29
  45. [*]          PTR any-in-201e.1e100.net 216.239.32.30
  46. [*]          PTR any-in-201f.1e100.net 216.239.32.31
  47. [*]          PTR any-in-201a.1e100.net 216.239.32.26
  48. [*]          PTR any-in-201b.1e100.net 216.239.32.27
  49. [*]          PTR any-in-2018.1e100.net 216.239.32.24
  50. [*]          PTR any-in-201c.1e100.net 216.239.32.28
  51. [*]          PTR any-in-2020.1e100.net 216.239.32.32
  52. [*]          PTR any-in-2021.1e100.net 216.239.32.33
  53. [*]          PTR yh-in-f36.1e100.net 216.239.32.36
  54. [*]          PTR any-in-2023.1e100.net 216.239.32.35
  55. [*]          PTR any-in-2022.1e100.net 216.239.32.34
  56. [*]          PTR proxy.google.com 216.239.33.5
  57. [*]          PTR dns1.google.com 216.239.33.12
  58. [*]          PTR esc-out.google.com 216.239.33.20
  59. [*]          PTR transfer.google.com 216.239.33.22
  60. [*]          PTR ns2.google.com 216.239.34.10
  61. [*]          PTR time2.google.com 216.239.34.15
  62. [*]          PTR any-in-2215.1e100.net 216.239.34.21
  63. [*]          PTR any-in-221a.1e100.net 216.239.34.26
  64. [*]          PTR any-in-2223.1e100.net 216.239.34.35
  65. [*]          PTR proxy.google.com 216.239.35.5
  66. [*]          PTR speed-measure.google.com 216.239.35.206
  67. [*]          PTR speed-measure.google.com 216.239.35.228
  68. [*]          PTR speed-measure.google.com 216.239.35.229
  69. [*]          PTR speed-measure.google.com 216.239.35.231
  70. [*]          PTR speed-measure.google.com 216.239.35.230
  71. [*]          PTR ns3.google.com 216.239.36.10
  72. [*]          PTR hedns1.google.com 216.239.36.11
  73. [*]          PTR time3.google.com 216.239.36.15
  74. [*]          PTR any-in-2415.1e100.net 216.239.36.21
  75. [*]          PTR any-in-241a.1e100.net 216.239.36.26
  76. [*]          PTR proxy.google.com 216.239.37.5
  77. [*]          PTR 216-239-37-12.google.com 216.239.37.12
  78. [*]          PTR 216-239-37-14.google.com 216.239.37.14
  79. [*]          PTR testmx1.google.com 216.239.37.25
  80. [*]          PTR testmx2.google.com 216.239.37.26
  81. [*]          PTR 216-239-37-15.google.com 216.239.37.15
  82. [*]          PTR 216-239-37-13.google.com 216.239.37.13
  83. [*]          PTR 216-239-37-81.google.com 216.239.37.81
  84. [*]          PTR 216-239-37-82.google.com 216.239.37.82
  85. [*]          PTR 216-239-37-83.google.com 216.239.37.83
  86. [*]          PTR 216-239-37-84.google.com 216.239.37.84
  87. [*]          PTR ns4.google.com 216.239.38.10
  88. [*]          PTR time4.google.com 216.239.38.15
  89. [*]          PTR any-in-2615.1e100.net 216.239.38.21
  90. [*]          PTR any-in-2658.1e100.net 216.239.38.88
  91. [*]          PTR proxy.google.com 216.239.39.5
  92. [*]          PTR 216-239-39-81.google.com 216.239.39.81
  93. [*]          PTR 216-239-39-83.google.com 216.239.39.83
  94. [*]          PTR 216-239-39-84.google.com 216.239.39.84
  95. [*]          PTR 216-239-39-82.google.com 216.239.39.82
复制代码
Whois lookup
  1. root@Dis9Team:/pen/dns/dnsrecon# ./dnsrecon.py -d google.com -w
  2. [*] Performing Whois lookup against records found.
  3. [*] The following IP Ranges where found:
  4. [*]          0) 216.239.32.0-216.239.63.255 Google Inc.
  5. [*]          1) 74.125.0.0-74.125.255.255 Google Inc.
  6. [*]          2) 173.194.0.0-173.194.255.255 Google Inc.
  7. [*] What Range do you wish to do a Revers Lookup for?
  8. [*] number, comma separated list, a for all or n for none
复制代码


MSF
  1. root@Dis9Team:/pen/dns/dnsrecon# ./dnsrecon.py -t std -d google.com --xml /tmp/1.xml
复制代码


启动MSF
  1. root@Dis9Team:/pen/dns/dnsrecon# cd msf_plugin/
  2. root@Dis9Team:/pen/dns/dnsrecon/msf_plugin# ls
  3. dnsr_import.rb
  4. root@Dis9Team:/pen/dns/dnsrecon/msf_plugin# mv dnsr_import.rb /root/.msf4/plugins/
  5. root@Dis9Team:/pen/dns/dnsrecon/msf_plugin# msfconsole -y /1.yml
复制代码


载入
  1. msf > load dnsr_import
  2. [*] dnsr_import plugin loaded.
  3. [*] Successfully loaded plugin: dnsr_import
  4. msf > import_dnsrecon_xml -h

  5. OPTIONS:

  6.     -f <opt>  XML file to import.
  7.     -h        Command Help
复制代码


写入数据


  1. msf > import_dnsrecon_xml -f /tmp/1.xml
  2. [+] Importing host 216.239.32.10
  3. [+] Importing service dns for host 216.239.32.10
  4. [+] Importing host 216.239.34.10
  5. [+] Importing service dns for host 216.239.34.10
  6. [+] Importing host 216.239.32.10
  7. [+] Importing service dns for host 216.239.32.10
  8. [+] Importing host 216.239.38.10
  9. [+] Importing service dns for host 216.239.38.10
  10. [+] Importing host 216.239.36.10
  11. [+] Importing service dns for host 216.239.36.10
  12. [+] Importing host 74.125.25.26
  13. [+] Importing service smtp for host 74.125.25.26
  14. [+] Importing host 74.125.45.26
  15. [+] Importing service smtp for host 74.125.45.26
  16. [+] Importing host 74.125.131.26
  17. [+] Importing service smtp for host 74.125.131.26
  18. [+] Importing host 74.125.142.26
  19. [+] Importing service smtp for host 74.125.142.26
  20. [+] Importing host 173.194.68.26
  21. [+] Importing service smtp for host 173.194.68.26
  22. [+] Importing host 2607:f8b0:400e:c03::1a
  23. [+] Importing service smtp for host 2607:f8b0:400e:c03::1a
  24. [+] Importing host 2001:4860:800a::1a
  25. [+] Importing service smtp for host 2001:4860:800a::1a
  26. [+] Importing host 2607:f8b0:400c:c03::1a
  27. [+] Importing service smtp for host 2607:f8b0:400c:c03::1a
  28. [+] Importing host 2a00:1450:4010:c04::1b
  29. [+] Importing service smtp for host 2a00:1450:4010:c04::1b
  30. [+] Importing host 2607:f8b0:400d:c00::1b
  31. [+] Importing service smtp for host 2607:f8b0:400d:c00::1b
  32. [+] Importing host 74.125.128.138
  33. [+] Importing host 74.125.128.100
  34. [+] Importing host 74.125.128.102
  35. [+] Importing host 74.125.128.139
  36. [+] Importing host 74.125.128.101
  37. [+] Importing host 74.125.128.113
  38. [+] Importing host 2404:6800:4005:c00::8b
  39. [+] Importing host 74.125.142.125
  40. [+] Importing service jabber for host 74.125.142.125
  41. [+] Importing host 74.125.137.125
  42. [+] Importing service jabber for host 74.125.137.125
  43. [+] Importing host 74.125.128.125
  44. [+] Importing service jabber for host 74.125.128.125
  45. [+] Importing host 173.194.76.125
  46. [+] Importing service jabber for host 173.194.76.125
  47. [+] Importing host 74.125.141.125
  48. [+] Importing service jabber for host 74.125.141.125
  49. [+] Importing host 74.125.137.125
  50. [+] Importing service xmpp-client for host 74.125.137.125
  51. [+] Importing host 2404:6800:4005:c00::7d
  52. [+] Importing service xmpp-client for host 2404:6800:4005:c00::7d
  53. [+] Importing host 173.194.68.125
  54. [+] Importing service xmpp-client for host 173.194.68.125
  55. [+] Importing host 2607:f8b0:400d:c00::7d
  56. [+] Importing service xmpp-client for host 2607:f8b0:400d:c00::7d
  57. [+] Importing host 74.125.141.125
  58. [+] Importing service xmpp-client for host 74.125.141.125
  59. [+] Importing host 2607:f8b0:400e:c00::7d
  60. [+] Importing service xmpp-client for host 2607:f8b0:400e:c00::7d
  61. [+] Importing host 74.125.142.125
  62. [+] Importing service xmpp-client for host 74.125.142.125
  63. [+] Importing host 2404:6800:4005:c00::7d
  64. [+] Importing service xmpp-client for host 2404:6800:4005:c00::7d
  65. [+] Importing host 74.125.128.125
  66. [+] Importing service xmpp-client for host 74.125.128.125
  67. [+] Importing host 2404:6800:4005:c00::7d
  68. [+] Importing service xmpp-client for host 2404:6800:4005:c00::7d
  69. [+] Importing host 173.194.76.125
  70. [+] Importing service xmpp-server for host 173.194.76.125
  71. [+] Importing host 74.125.128.125
  72. [+] Importing service xmpp-server for host 74.125.128.125
  73. [+] Importing host 74.125.141.125
  74. [+] Importing service xmpp-server for host 74.125.141.125
  75. [+] Importing host 74.125.137.125
  76. [+] Importing service xmpp-server for host 74.125.137.125
  77. [+] Importing host 74.125.142.125
  78. [+] Importing service xmpp-server for host 74.125.142.125
  79. [+] Importing host 74.125.128.125
  80. [+] Importing service jabber-client for host 74.125.128.125
  81. [+] Importing host 2404:6800:4005:c00::7d
  82. [+] Importing service jabber-client for host 2404:6800:4005:c00::7d
  83. [+] Importing host 74.125.141.125
  84. [+] Importing service jabber-client for host 74.125.141.125
  85. [+] Importing host 2607:f8b0:400e:c00::7d
  86. [+] Importing service jabber-client for host 2607:f8b0:400e:c00::7d
  87. [+] Importing host 74.125.142.125
  88. [+] Importing service jabber-client for host 74.125.142.125
  89. [+] Importing host 2404:6800:4005:c00::7d
  90. [+] Importing service jabber-client for host 2404:6800:4005:c00::7d
  91. [+] Importing host 74.125.137.125
  92. [+] Importing service jabber-client for host 74.125.137.125
  93. [+] Importing host 2404:6800:4005:c00::7d
  94. [+] Importing service jabber-client for host 2404:6800:4005:c00::7d
  95. [+] Importing host 173.194.68.125
  96. [+] Importing service jabber-client for host 173.194.68.125
  97. [+] Importing host 2607:f8b0:400d:c00::7d
  98. [+] Importing service jabber-client for host 2607:f8b0:400d:c00::7d
  99. msf >
复制代码


查看信息
  1. msf > services

  2. Services
  3. ========

  4. host                    port  proto  name           state  info
  5. ----                    ----  -----  ----           -----  ----
  6. 74.125.25.26            25    tcp    smtp           open   
  7. 74.125.45.26            25    tcp    smtp           open   
  8. 74.125.128.125          5269  tcp    xmpp-server    open   
  9. 74.125.128.125          5222  tcp    jabber-client  open   
  10. 74.125.131.26           25    tcp    smtp           open   
  11. 74.125.137.125          5269  tcp    xmpp-server    open   
  12. 74.125.137.125          5222  tcp    jabber-client  open   
  13. 74.125.141.125          5222  tcp    jabber-client  open   
  14. 74.125.141.125          5269  tcp    xmpp-server    open   
  15. 74.125.142.26           25    tcp    smtp           open   
  16. 74.125.142.125          5222  tcp    jabber-client  open   
  17. 74.125.142.125          5269  tcp    xmpp-server    open   
  18. 173.194.68.26           25    tcp    smtp           open   
  19. 173.194.68.125          5222  tcp    jabber-client  open   
  20. 173.194.76.125          5269  tcp    xmpp-server    open   
  21. 216.239.32.10           53    udp    dns            open   
  22. 216.239.34.10           53    udp    dns            open   
  23. 216.239.36.10           53    udp    dns            open   
  24. 216.239.38.10           53    udp    dns            open   
  25. 2001:4860:800a::1a      25    tcp    smtp           open   
  26. 2404:6800:4005:c00::7d  5222  tcp    jabber-client  open   
  27. 2607:f8b0:400c:c03::1a  25    tcp    smtp           open   
  28. 2607:f8b0:400d:c00::1b  25    tcp    smtp           open   
  29. 2607:f8b0:400d:c00::7d  5222  tcp    jabber-client  open   
  30. 2607:f8b0:400e:c00::7d  5222  tcp    jabber-client  open   
  31. 2607:f8b0:400e:c03::1a  25    tcp    smtp           open   
  32. 2a00:1450:4010:c04::1b  25    tcp    smtp           open   

  33. msf >
复制代码




操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-10-2 07:18

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部