• Slack Space
    Slack space is a form of internal fragmentation, i.e. wasted space, on a hard disk. When a file is written to disk it’s stored at the “begin...
  • Attack Vector BeEF + Metasploit
    Hey guys,, In the night, i will be writting tutorial about Attack Vektor on BeEF+Metasploit. Yesterday, i was written first about BeEF and ...
  • Vulnerability Assessment with Nessus + Exploit
    1. first you have to search or scan host that will be targeted 2. Start the the nessus, make sure the service has gone the way of open th...

1/25/12

Information Gathering


I. spentera.com

#DNS Information
dnsmap

root@bt:/pentest/enumeration/dns/dnsmap# ./dnsmap spentera.com
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for spentera.com using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests

cpanel.spentera.com
IP address #1: 74.81.66.104

ftp.spentera.com
IP address #1: 74.81.66.104

localhost.spentera.com
IP address #1: 127.0.0.1
[+] warning: domain might be vulnerable to "same site" scripting (http://snurl.com/etbcv)

mail.spentera.com
IP address #1: 74.125.31.121

webmail.spentera.com
IP address #1: 74.81.66.104

www.spentera.com
IP address #1: 74.81.66.104

[+] 6 (sub)domains and 6 IP address(es) found
[+] completion time: 947 second(s)

#Route Information
dmitry

root@bt:~# dmitry -wnspb spentera.com
Deepmagic Information Gathering Tool
"There be some deep magic going on"

HostIP:74.81.66.104
HostName:spentera.com

Gathered Inic-whois information for spentera.com
---------------------------------
Domain Name: SPENTERA.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: DNS1.NAMECHEAPHOSTING.COM
Name Server: DNS2.NAMECHEAPHOSTING.COM
Status: ok
Updated Date: 12-may-2011
Creation Date: 15-feb-2011
Expiration Date: 15-feb-2012

>>> Last update of whois database: Wed, 25 Jan 2012 20:46:21 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the d�n naistrat
ion in th�ne regis��g��u��Dtry is�
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
ter�N doamai�g�w��n names� or��� ecessary to regis
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submi�g a o abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or ot�use is ex
pressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
s o�Nf use.�g��v�� VeriSi�gn ����ide by these term
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and

Gathered Netcraft information for spentera.com
---------------------------------

Retrieving Netcraft.com information for spentera.com
No uptime reports available for host: spentera.com
Netcraft.com Information gathered

Gathered Subdomain information for spentera.com
---------------------------------
Searching Google.com:80...
HostName:www.spentera.com
HostIP:74.81.66.104
Searching Altavista.com:80...
Found 1 possible subdomain(s) for host spentera.com, Searched 0 pages containing 0 results

Gathered TCP Port information for 74.81.66.104
---------------------------------

Port State


Portscan Finished: Scanned 150 ports, 0 ports were in state closed


All scans completed, exiting


#Network Mapping

nmap

root@bt:~# nmap 74.81.66.104

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-26 05:11 WIT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.23 seconds





II. is2c-dojo.net

#DNS Information

dnsmap

root@bt:/pentest/enumeration/dns/dnsmap# ./dnsmap is2c-dojo.net
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for is2c-dojo.net using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests

www.is2c-dojo.net
IP address #1: 72.14.203.121

[+] 1 (sub)domains and 1 IP address(es) found
[+] completion time: 1094 second(s)


#Route Information

dmitry

root@bt:~# dmitry -wnspb is2c-dojo.net
Deepmagic Information Gathering Tool
"There be some deep magic going on"

HostIP:216.239.38.21
HostName:is2c-dojo.net

Gathered Inic-whois information for is2c-dojo.net
---------------------------------

Domain Name: IS2C-DOJO.NET
Registrar: CV. JOGJACAMP
Whois Server: whois.resellercamp.com
Referral URL: http://www.resellercamp.com
Name Server: PARTNERIT1.EARTH.ORDERBOX-DNS.COM
Name Server: PARTNERIT1.MARS.ORDERBOX-DNS.COM
Name Server: PARTNERIT1.MERCURY.ORDERBOX-DNS.COM
Name Server: PARTNERIT1.VENUS�.ORDERBOX-DNS.COM
Status: clientTransferProhibited
Updated Date: 22-dec-2011
Creation Date: 22-dec-2011
Expiration Date: 22-dec-2012

>>> Last update of whois database: Wed, 25 Jan 2012 22:21:22 UTC <<<

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
sp�NonsioriYi� 徿ng me registra� agrment with the
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Sig�Nn for Yi� 徿ign") Whois dat�e isvided by Veri
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
vi�Na ee-maYi�徿il, tel�eph���one, solicitations
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
riS�Nign reYi��便serves �the��� right���ations. Ve
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and

Gathered Netcraft information for is2c-dojo.net
---------------------------------

Retrieving Netcraft.com information for is2c-dojo.net
Netcraft.com Information gathered

Gathered Subdomain information for is2c-dojo.net
---------------------------------
Searching Google.com:80...
HostName:www.is2c-dojo.net
HostIP:74.125.31.121
Searching Altavista.com:80...
Found 1 possible subdomain(s) for host is2c-dojo.net, Searched 0 pages containing 0 results

Gathered TCP Port information for 216.239.38.21
---------------------------------

Port State

80/tcp open

Portscan Finished: Scanned 150 ports, 1 ports were in state closed


All scans completed, exiting

#Network Mapping

nmap

root@bt:~# nmap 72.14.203.121

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-26 05:31 WIT
Nmap scan report for 72.14.203.121
Host is up (0.083s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
113/tcp closed ident

Nmap done: 1 IP address (1 host up) scanned in 170.31 seconds






III. is2c-dojo.com

#Route Information

dmitry

root@bt:~# dmitry -wnspb is2c-dojo.com
Deepmagic Information Gathering Tool
"There be some deep magic going on"

HostIP:67.222.154.106
HostName:is2c-dojo.com

Gathered Inic-whois information for is2c-dojo.com
---------------------------------

Domain Name: IS2C-DOJO.COM
Registrar: CV. JOGJACAMP
Whois Server: whois.resellercamp.com
Referral URL: http://www.resellercamp.com
Name Server: NS1.PARTNERIT.US
Name Server: NS2.PARTNERIT.US
Status: clientTransferProhibited
Updated Date: 14-jan-2012
Creation Date: 14-jan-2012
Expiration Date: 14-jan-2013

>>> Last update of whois database: Wed, 25 Jan 2012 22:14:18 UTC <<<

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
or �Nthis r�{�@ˍ�egistra�tio���n.e of expiration f

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
. V�NeriSig�{�@ˍ�n does �not��� �gistration record
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
Th�Ne comp�{�@ˍ�ilation�, its c�omputer systems).
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
ter�Nminate�{�[ʍ� your a�cce���ss to ��heAʍ� t or
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and

Gathered Netcraft information for is2c-dojo.com
---------------------------------

Retrieving Netcraft.com information for is2c-dojo.com
Netcraft.com Information gathered

Gathered Subdomain information for is2c-dojo.com
---------------------------------
Searching Google.com:80...
Searching Altavista.com:80...
Found 0 possible subdomain(s) for host is2c-dojo.com, Searched 0 pages containing 0 results

Gathered TCP Port information for 67.222.154.106
---------------------------------

Port State


Portscan Finished: Scanned 150 ports, 0 ports were in state closed


All scans completed, exiting

#Network Mapping

nmap

root@bt:~# nmap 67.222.154.106

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-26 05:37 WIT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.20 seconds
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Slack Space

Slack space is a form of internal fragmentation, i.e. wasted space, on a hard disk. When a file is written to disk it’s stored at the “begin...