Kali Infiltration (i)----information collection domain name (WHOIS)

Source: Internet
Author: User
Tags domain name registration icann icann whois

I. Classification of information collection


The methods of information collection can be grouped into two categories:


1. Active Collection: Active collection is to obtain relevant information, such as ICMP ping or TCP port scan, by directly initiating interaction with the target network being tested.

2. Passive collection: Passive collection is through Third-party services to obtain information on the target network, such as the use of Google search engine.


second, the domain name information collection


Whios is a standard Internet protocol, which can be used to collect information about network registration, domain name, IP address and autonomous system, Whios database records DNS server information of the domain name and contact information of registrant.


third, the example


The client with WHOIS in the default installed Kali can use the following WHOIS commands in the terminal if you want to query whois information for a domain name:


root@kali:~# whois baidu.com whois Server Version 2.0 Domain names in the. com and. NET domains can now registered WI Th many different competing registrars.

   Go to http://www.internic.net for detailed information.
   Domain Name:BAIDU.COM Registrar:markmonitor Inc. Sponsoring Registrar IANA id:292 Whois Server:whois.markmonitor.com Referral url:http://www.markmonitor.com Na Me Server:dns. Baidu.com Name Server:ns2. Baidu.com Name server:ns3. Baidu.com Name server:ns4. Baidu.com Name Server:ns7. Baidu.com status:clientdeleteprohibited https://icann.org/epp#clientDeleteProhibited Status:clienttransferprohibi Ted Https://icann.org/epp#clientTransferProhibited status:clientupdateprohibited https://icann.org/epp# clientupdateprohibited status:serverdeleteprohibited https://icann.org/epp#serverDeleteProhibited STATUS:SERVERTR ansferprohibited https://icann.org/epp#serverTransferProhibited status:serverupdateprohibited https://icann.org/epp#serverupdateprohibited Updated date:10-sep-2015 creation date:11-oct-1999 expiration date:11-oct-2017 &G  t;>> last update of whois database:wed, April Apr 2017 02:56:21 GMT <<< For more information on WHOIS status Codes, please visit Https://icann.org/epp notice:the expiration the date displayed to the the date the Registrar ' s sponsorship of the domain name registration in the registry be currently set to expire. This date does is not necessarily reflect the expiration date of the domain name registrant ' s agreement with the sponsoring R  Egistrar. Users may consult the sponsoring Registrar's Whois database to view the Registrar's reported date of expiration for this R

Egistration. TERMS of Use:you are not authorized to access or query our Whois database through the use of electronic processes that AR e High-volume and automated except as reasonably necessary to register domain names or modify existing; The Data in VeriSign Global registRy Services ' ("VeriSign") Whois database is provided by VeriSign for information purposes only, and to assist persons in O Btaining information about or related to a domain name registration the record. VeriSign does not guarantee its accuracy. By submitting a Whois query, your agree to abide by the following terms of use:you agree-you-only F or lawful purposes and that under no circumstances'll you with this Data to: (1) Allow, enable, or otherwise support the Transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes which apply to VeriSign (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written CO Nsent of VeriSign. You are not agree with use electronic processes, are automated and high-volume to access or query the Whois database except As reasonably necessary to registER domain names or modify existing registrations. VeriSign reserves the right to restrict your access to the Whois database in its sole discretion to ensure operational STA  Bility. VeriSign may restrict or terminate your access to the Whois database for failure to abide by this terms of use.

VeriSign reserves the right to modify this terms at any time.
The Registry database contains only. COM,. NET,. EDU domains and registrars. Domain Name:baidu.com Registry domain id:11181110_domain_com-vrsn Registrar WHOIS Server:whois.markmonitor.com registr
AR url:http://www.markmonitor.com Updated date:2017-02-13t01:04:21-0800 creation date:1999-10-11t04:05:17-0700 Registrar registration Expiration date:2017-10-11t00:00:00-0700 Registrar:markmonitor, Inc. Registrar IANA id:292 Regis Trar Abuse Contacts email:abusecomplaints@markmonitor.com Registrar abuse contact Phone: +1.2083895740 Domain Status:clie Ntupdateprohibited (https://www.icann.org/epp#clientUpdateProhibited) Domain status:cLienttransferprohibited (https://www.icann.org/epp#clientTransferProhibited) Domain status:clientdeleteprohibited
(https://www.icann.org/epp#clientDeleteProhibited) Domain status:serverupdateprohibited (https://www.icann.org/epp#serverUpdateProhibited) domain Status: Servertransferprohibited (https://www.icann.org/epp#serverTransferProhibited) Domain Status: Serverdeleteprohibited (https://www.icann.org/epp#serverDeleteProhibited) Registry registrant id:registrant Name:  Domain Admin Registrant organization:beijing Baidu Netcom Science Technology Co., Ltd. registrant street:3f Baidu Campus  No.10, Shangdi 10th Street Haidian District Registrant city:beijing registrant state/province:beijing registrant, Postal code:100085 registrant COUNTRY:CN Registrant Phone: +86.1059928888 registrant Phone ext:registrant Fax: +86.105992888 8 registrant Fax ext:registrant email:domainmaster@baidu.com Registry admin id:admin name:domain Admin Admin organiz Ation:beijing Baidu Netcom ScienCe Technology Co., Ltd. Admin street:3f Baidu Campus No.10 Shangdi 10th Street Haidian District Admin city:beijing admi N state/province:beijing Admin Postal code:100085 admin COUNTRY:CN Admin Phone: +86.1059928888 Admin Phone ext:admin Fax: +86.1059928888 Admin Fax ext:admin email:domainmaster@baidu.com Registry Tech id:tech name:domain Admin Tech Or ganization:beijing Baidu Netcom Science Technology Co., Ltd. Tech street:3f Baidu Campus No.10, Shangdi 10th Street Haid Ian District Tech city:beijing Tech state/province:beijing Tech postal code:100085 Tech country:cn Tech Phone: +86.105 9928888 Tech Phone ext:tech Fax: +86.1059928888 Tech fax ext:tech email:domainmaster@baidu.com Name Server:ns4.baidu . com name Server:ns3.baidu.com name Server:dns.baidu.com name Server:ns7.baidu.com name Server:ns2.baidu.com dnssec:u  nsigned URL of the ICANN whois Data Problem Reporting system:http://wdprs.internic.net/>>> last update of whois database:2017-04-04t19: 54:32-0700 <<< The Data in markmonitor.com ' WHOIS database are provided by markmonitor.com for information purp  OSes, and to assist persons in obtaining information about or related to a domain name registration the record.  MarkMonitor.com does not guarantee its accuracy. By submitting a WHOIS query, you agree so you'll use this Data to lawful purposes and that, under no Circumstanc ES would you use this Data to: (1) Allow, enable, or otherwise support the transmission of mass unsolicited, commerci Al advertising or solicitations via e-mail (spam);
or (2) enable high volume, automated, electronic processes which apply to markmonitor.com (or its systems).
MarkMonitor.com reserves the right to modify this terms at no time.

By submitting this query, your agree to abide by this policy.

MarkMonitor is the Global Leader in Online Brand Protection. MarkMonitor Domain Management (tm) MarkMonitor Brand Protection (tm) MarkMonitor Antipiracy (tm) MarkMonitor AntiFraud (TM) Professional and Managed Services Visit markmonitor at http://www.markmonitor.com contacts us at +1.8007459229 in Europ E, at +44.02032062220 for more information on Whois status codes, please visit Https://www.icann.org/resources/pages/epp
 -status-codes-2014-06-16-en--

You can obtain information about the DNS server and how to contact the registrant of the domain name from the results returned, which will work in the subsequent stages of the penetration test and, of course, through some online tools:

Home of stationmaster: http://whois.chinaz.com/

Global whois query: https://www.whois365.com/cn/

Love Station: http://www.aizhan.com/

Ali Yun: https://whois.aliyun.com/whois/domain/


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.