Hacking is always fun but only when you know to do the things. All websites available on Net teaches only basic stuff or simple novice level stuff. There is one website which provides Elite level tutorials and Concepts. To strengthen our Name, we are starting a sub-level Campaign KYB (Know your Backtrack) under BEHC (Born Ethical hackers Club) campaign. In KYB campaign, we will teach all the Backtrack Hacking Tools to Hackers. This is the First tutorial in this series. Today we will learn DNSDICT6 Hacking Tool. So lets begin our learning..
DNSDICT6 is a Information Gathering tool provided with Backtrack. This tool is used to find all the sub-domains of a website or web server. The most advanced use of DSNDICT6 is to enumerate all IPv4 and IPv6 addresses and extract the dumps like sub-domains, IP information. This tool is quite a powerful tool because it also extracts those sub domains which are restricted or invisible for users.
For example :
There are certain Parameters that we can use with dnsdict6 :
1. First of all start your Backtrack Linux. Now to start DNSDICT6 we have multiple ways.
a. Go by GUI Menu Based options :
Applications --> BackTrack --> Information Gathering --> Network Analysis --> DNS Analysis --> DNSDICT6
b. Open the terminal and type DNSDICT6 to open the tool.
2. After doing above step we will see something like :
The below snap shot shows the output of above command :
Now for advanced usage, we can also incorporate the Dictionary in our DNSDICT6 command.
First of all we need to locate the dictionary file. If don't have create a sample dictionary file on your Virtual Machine Backtrack Desktop say dictionary.txt is file name on desktop.
Now the command will be :
Now it will only extract those sub-domains whose keywords match with dictionary words. Below is the output of above execution :
DNSDICT6 : BASICS
Basic Syntax of DNSDICT6 is :
For example :
dnsdict6 -d4 google.com ( This will extract all sub-domains of google and their IPv4 and IPv6 information.
There are certain Parameters that we can use with dnsdict6 :
- -d is used to display information on Name Servers and MX Records
- -4 is used to dump IPv4 addresses.
- There are four types of dictionary which are already inbuilt in this tool. -s(mall=50), -m(edium=796) (DEFAULT) -l(arge=1416), or -x(treme=3211).
- -t is used to specify no. of threads.
Advanced Example of DNSDICT6:
dnsdict6 -d46 -x -s -t 10 google.com ( This will extract all the sub-domains of Google with their IPv4 and IPv6 information).
Now lets learn How to use DNSDICT6.
DNSDICT6 (Know your Backtrack [KYB]) Tutorial :
1. First of all start your Backtrack Linux. Now to start DNSDICT6 we have multiple ways.
a. Go by GUI Menu Based options :
Applications --> BackTrack --> Information Gathering --> Network Analysis --> DNS Analysis --> DNSDICT6
b. Open the terminal and type DNSDICT6 to open the tool.
2. After doing above step we will see something like :
DNSDICT6 Tutorial Step 2 |
Above snapshot shows the basic structure of DNSDICT6 syntax and parameters that we can use on it.
3.Now say we want to Enumerate all the sub-domains on a website say google.com. Then type the command :
3.Now say we want to Enumerate all the sub-domains on a website say google.com. Then type the command :
dnsdict6 -d46 -s -t 20 google.com
The above command will enumerate all IPv4 and IPv6 information of all sub-domains of google.com and -s will perform service guessing and 20 is the number of threads running simultaneously to achieve it.
Sample DNSDICT6 Query |
The below snap shot shows the output of above command :
Output of DNSDICT6 Sample Query Execution |
Now for advanced usage, we can also incorporate the Dictionary in our DNSDICT6 command.
First of all we need to locate the dictionary file. If don't have create a sample dictionary file on your Virtual Machine Backtrack Desktop say dictionary.txt is file name on desktop.
Now the command will be :
dnsdict6 -d46 -s -t 20 google.com ~/Desktop/dictionary.txt
Now it will only extract those sub-domains whose keywords match with dictionary words. Below is the output of above execution :
DNSDICT6 Dictionary Brute Force Attack |
The dictionary based attack is also known as DNSDICT6 Dictionary Brute force attack. This extract only that information that we wish to extract. So its the best attack but for this we need to make our dictionary most powerful. There are several Hacking Database dictionaries available online. You can give them a try.
That's all about DNSDICT6 Information Gathering Tool.
We hope you all appreciate Hackingloops BEHC campaign and its sub campaign KYB ( Know you Backtrack). If you have any queries or doubts ask us in form of comments.
That's all about DNSDICT6 Information Gathering Tool.
We hope you all appreciate Hackingloops BEHC campaign and its sub campaign KYB ( Know you Backtrack). If you have any queries or doubts ask us in form of comments.
0 comments:
Post a Comment