一、信息收集分类
信息收集的方法可归为两类:
1.主动式收集:主动式收集是通过直接发起与被测目标网络之间的互动来获取相关信息,例如,ICMP ping或者TCP端口扫描。
2.被动式收集:被动式收集则是通过第三方服务来获取目标网络的相关信息,例如使用谷歌搜索引擎等。
二、域名信息收集
whios是个标准的互联网协议,可用于收集网络注册,注册域名,IP地址和自治系统的信息,whios数据库记录有该域名的DNS服务器信息和注册人的联系信息。
三、示例
默认安装的kali中带有whois的客户端,如需查询某一域名的whois信息,可在终端中使用下述whois命令:
[email protected]:~# whois baidu.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: BAIDU.COM
Registrar: MARKMONITOR INC.
Sponsoring Registrar IANA ID: 292
Whois Server: whois.markmonitor.com
Referral URL: http://www.markmonitor.com
Name Server: DNS.BAIDU.COM
Name Server: NS2.BAIDU.COM
Name Server: NS3.BAIDU.COM
Name Server: NS4.BAIDU.COM
Name Server: NS7.BAIDU.COM
Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
Updated Date: 10-sep-2015
Creation Date: 11-oct-1999
Expiration Date: 11-oct-2017
>>> Last update of whois database: Wed, 05 Apr 2017 02:56:21 GMT <<<
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar‘s sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant‘s agreement with the sponsoring
registrar. Users may consult the sponsoring registrar‘s Whois database to
view the registrar‘s reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services‘ ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: baidu.com
Registry Domain ID: 11181110_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.markmonitor.com
Registrar URL: http://www.markmonitor.com
Updated Date: 2017-02-13T01:04:21-0800
Creation Date: 1999-10-11T04:05:17-0700
Registrar Registration Expiration Date: 2017-10-11T00:00:00-0700
Registrar: MarkMonitor, Inc.
Registrar IANA ID: 292
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.2083895740
Domain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)
Domain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)
Domain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)
Domain Status: serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)
Domain Status: serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)
Domain Status: serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: Beijing Baidu Netcom Science Technology Co., Ltd.
Registrant Street: 3F Baidu Campus No.10, Shangdi 10th Street Haidian District
Registrant City: Beijing
Registrant State/Province: Beijing
Registrant Postal Code: 100085
Registrant Country: CN
Registrant Phone: +86.1059928888
Registrant Phone Ext:
Registrant Fax: +86.1059928888
Registrant Fax Ext:
Registrant Email: [email protected]
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: Beijing Baidu Netcom Science Technology Co., Ltd.
Admin Street: 3F Baidu Campus No.10, Shangdi 10th Street Haidian District
Admin City: Beijing
Admin State/Province: Beijing
Admin Postal Code: 100085
Admin Country: CN
Admin Phone: +86.1059928888
Admin Phone Ext:
Admin Fax: +86.1059928888
Admin Fax Ext:
Admin Email: [email protected]
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: Beijing Baidu Netcom Science Technology Co., Ltd.
Tech Street: 3F Baidu Campus No.10, Shangdi 10th Street Haidian District
Tech City: Beijing
Tech State/Province: Beijing
Tech Postal Code: 100085
Tech Country: CN
Tech Phone: +86.1059928888
Tech Phone Ext:
Tech Fax: +86.1059928888
Tech Fax Ext:
Tech Email: [email protected]
Name Server: ns4.baidu.com
Name Server: ns3.baidu.com
Name Server: dns.baidu.com
Name Server: ns7.baidu.com
Name Server: ns2.baidu.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2017-04-04T19:54:32-0700 <<<
The Data in MarkMonitor.com‘s WHOIS database is provided by MarkMonitor.com for
information purposes, and to assist persons in obtaining information about or
related to a domain name registration record. MarkMonitor.com does not guarantee
its accuracy. By submitting a WHOIS query, you agree that you will use this Data
only for lawful purposes and that, under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via e-mail (spam); or
(2) enable high volume, automated, electronic processes that apply to
MarkMonitor.com (or its systems).
MarkMonitor.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
MarkMonitor is the Global Leader in Online Brand Protection.
MarkMonitor Domain Management(TM)
MarkMonitor Brand Protection(TM)
MarkMonitor AntiPiracy(TM)
MarkMonitor AntiFraud(TM)
Professional and Managed Services
Visit MarkMonitor at http://www.markmonitor.com
Contact us at +1.8007459229
In Europe, at +44.02032062220
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
--
可以从这返回的结果中获取DNS服务器的信息以及域名的注册人的联系方式,这些信息会在渗透测试的后续阶段发挥作用,当然也可以通过一些在线的工具进行查询:
站长之家: http://whois.chinaz.com/
全球WHOIS查询:https://www.whois365.com/cn/
阿里云:https://whois.aliyun.com/whois/domain/
时间: 2024-10-08 11:01:46