Information Gathering:-
It is the first step of Penetration and Testing in which you have to gather all the information about your target and your aim is to find the weakest point in your target so you can exploit that weakness and vulnerability. By Information Gathering you are able to perform your attack more professionally and success rate increases with the information gathering step and almost every Cyber Security professional performs this step and penetration testing OS like Kali and BackTrack provide many tools which are capable to do this more accurately :)
What is dig command?
The ‘dig’ is a command line query used in network administration that queries DNS name servers. It is the part of information gathering.
Well further can’t be discussed much until I give you the definition of name servers…until then everything I say will be moot.
Well further can’t be discussed much until I give you the definition of name servers…until then everything I say will be moot.
Name server :-
A name server is a software or a hardware server that provides provides a network service present at the application layer of the OSI model response the queries against a directory service. The server component of the domain name system is the perfect example of that. Its job is to translate the ip address from the domain names provided.
So, bottom line dig is the shorthand of domain information groper, it uses DNS lockups and gropes the information from the name servers.Why didn’t they use grabber is beyond me!!
So now the usage of this command in
So, bottom line dig is the shorthand of domain information groper, it uses DNS lockups and gropes the information from the name servers.Why didn’t they use grabber is beyond me!!
So now the usage of this command in
Usage of the dig command.
First on the terminal use the command
dig -h
This command would show all the options used in dig
dig -h
This command would show all the options used in dig
In the similar way many of the given commands can be used. For eg, lets use authority now.
dig authority www.google.com
dig authority www.google.com
in the above command, the result indicates that the authoritative search went from ns2->ns1->ns4->ns3, that means name server 2 have more authority over the search according to the context of the domain name over name server 1.
Now lets fool around with some other commands
dig nssearch www.facebook.com **searches for name servers**
Now lets fool around with some other commands
dig nssearch www.facebook.com **searches for name servers**
dig additional www.facebook.com **controls all additional queries **
dig nsid www.facebook.com ** searches for the name servers ID**
So this is one of the tools which kali Linux Provide for the Most Important Step in the Pentesting Process Information Gathering :)
0 comments:
Post a Comment