DNSMap Tutorial
This tutorial will show you how to use DNSMap
Background: Dnsmap is a small C based tool that perform brute-forcing of
domains. The tool can use an internal wordlist, or work with an
external dictionary file.
Info: http://ikwt.dyndns.org/ This site seems to be down.
(Source http://backtrack.offensive-security....p/Tools#dnsmap )
Ok now to acccess the tool go to K Menu | Backtrack | Information Gathering | DNS| DNSMap
Ok it will open a shell and show you
===========================
Code:
dnsmap - DNS Network Mapper by pagvac
(http://ikwt.com, http://foro.elhacker.net)
Usage: dnsmap <target-domain> [dictionary-file]
Examples:
dnsmap yourtarget.com
dnsmap yourtarget.com yourwordlist.txt
bt dnsmap #
==================================================
Once you have it open you can check the readme by doing a nano README This will provide lots more info.
Be sure to read it there are some limitations when using this tool.
Next we need to give dnsmap a target to search again we will use http://www.victimluser.com
so
Code:
=====================
bt dnsmap # victimluser.com
=========================================
This will return us with:
Code:
==========================
dnsmap - DNS Network Mapper by pagvac
(http://ikwt.com, http://foro.elhacker.net)
Searching subhosts on domain victimluser.com
forum.victimluser.com
IP Address #1:192.168.1.1
mail.victimluser.com
IP Address #1:192.168.1.2
ftp.victimluser.com
IP Address #1:192.168.1.3
pop.victimluser.org
IP Address #1:192.168.1.4
==========================
Also you can create a wordlist.txt that you can supply at the command line like this
Code:
================================
bt dnsmap # dnsmap targetdomain.com wordlist.txt
=============================================================
This will force dnsmap to use a supplied wordlist to bruteforce subdomains if you do not supply a wordlist then dnsmap
will use the built in one by default.
The readme also give links to a few wordlist you can download.
Have fun using this tool! 
0 comments:
Post a Comment