ICode9

精准搜索请尝试: 精确搜索
首页 > 其他分享> 文章详细

小白KALI渗透(二)

2021-02-23 18:02:54  阅读:189  来源: 互联网

标签:渗透 KALI ttl bytes 小白 ms time com 114.114


小白KALI渗透(二)

菜鸡下饭慢慢来——道爷低血糖

四、搭建vps

……危、略

五、DNS

1)DNS信息收集——nslookup

使用nslookup查看域名

root@kali:/# ping baidu.com
PING baidu.com (39.156.69.79) 56(84) bytes of data.
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=1 ttl=46 time=87.1 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=2 ttl=46 time=83.0 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=3 ttl=46 time=74.4 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=4 ttl=46 time=69.5 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=5 ttl=46 time=79.0 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=6 ttl=46 time=75.2 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=7 ttl=46 time=69.4 ms
^C
--- baidu.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6026ms
rtt min/avg/max/mdev = 69.457/76.858/87.114/6.165 ms
root@kali:/# ^C
root@kali:/# nslookup www.baidu.com
Server:		192.168.0.1
Address:	192.168.0.1#53

Non-authoritative answer:
www.baidu.com	canonical name = www.a.shifen.com.
Name:	www.a.shifen.com
Address: 14.215.177.39
Name:	www.a.shifen.com
Address: 14.215.177.38

2)DNS信息收集——DIG

dig 查域名信息

dig xuegod.cn
dig @114.114.114.114 xuegod.cn
dig @114.114.114.114 xuegod.cn any #any表示查询所有

root@kali:/# dig xuegod.cn

; <<>> DiG 9.10.3-P4-Debian <<>> xuegod.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11807
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 19

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;xuegod.cn.			IN	A

;; ANSWER SECTION:
xuegod.cn.		600	IN	A	101.200.128.35

;; AUTHORITY SECTION:
xuegod.cn.		86399	IN	NS	dns7.hichina.com.
xuegod.cn.		86399	IN	NS	dns8.hichina.com.

;; ADDITIONAL SECTION:
dns8.hichina.com.	2406	IN	A	106.11.141.114
dns8.hichina.com.	2406	IN	A	106.11.141.124
dns8.hichina.com.	2406	IN	A	106.11.211.54
dns8.hichina.com.	2406	IN	A	106.11.211.64
dns8.hichina.com.	2406	IN	A	140.205.41.14
dns8.hichina.com.	2406	IN	A	140.205.41.24
dns8.hichina.com.	2406	IN	A	140.205.81.14
dns8.hichina.com.	2406	IN	A	140.205.81.24
dns7.hichina.com.	1426	IN	A	140.205.41.23
dns7.hichina.com.	1426	IN	A	140.205.81.13
dns7.hichina.com.	1426	IN	A	140.205.81.23
dns7.hichina.com.	1426	IN	A	106.11.141.113
dns7.hichina.com.	1426	IN	A	106.11.141.123
dns7.hichina.com.	1426	IN	A	106.11.211.53
dns7.hichina.com.	1426	IN	A	106.11.211.63
dns7.hichina.com.	1426	IN	A	140.205.41.13
dns8.hichina.com.	2815	IN	AAAA	2400:3200:2000:27::1
dns7.hichina.com.	715	IN	AAAA	2400:3200:2000:26::1

;; Query time: 48 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Tue Feb 23 16:35:04 CST 2021
;; MSG SIZE  rcvd: 415
root@kali:/# dig @114.114.114.114 xuegod.cn

; <<>> DiG 9.10.3-P4-Debian <<>> @114.114.114.114 xuegod.cn
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62678
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;xuegod.cn.			IN	A

;; ANSWER SECTION:
xuegod.cn.		38	IN	A	101.200.128.35

;; Query time: 73 msec
;; SERVER: 114.114.114.114#53(114.114.114.114)
;; WHEN: Tue Feb 23 16:34:43 CST 2021
;; MSG SIZE  rcvd: 54

root@kali:/# dig @114.114.114.114 xuegod.cn any

; <<>> DiG 9.10.3-P4-Debian <<>> @114.114.114.114 xuegod.cn any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46432
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;xuegod.cn.			IN	ANY

;; ANSWER SECTION:
xuegod.cn.		600	IN	MX	10 mxbiz2.qq.com.
xuegod.cn.		600	IN	MX	5 mxbiz1.qq.com.
xuegod.cn.		484	IN	A	101.200.128.35
xuegod.cn.		2808	IN	NS	dns8.hichina.com.
xuegod.cn.		2808	IN	NS	dns7.hichina.com.

;; Query time: 82 msec
;; SERVER: 114.114.114.114#53(114.114.114.114)
;; WHEN: Tue Feb 23 16:36:40 CST 2021
;; MSG SIZE  rcvd: 141

利用-x参数IP反查域名

root@kali:/# dig -x 114.114.114.114

; <<>> DiG 9.10.3-P4-Debian <<>> -x 114.114.114.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16515
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4

;; QUESTION SECTION:
;114.114.114.114.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
114.114.114.114.in-addr.arpa. 600 IN	PTR	public1.114dns.com.

;; AUTHORITY SECTION:
114.114.114.in-addr.arpa. 57806	IN	NS	ns100.114dns.com.
114.114.114.in-addr.arpa. 57806	IN	NS	ns100.114dns.net.

;; ADDITIONAL SECTION:
ns100.114dns.net.	169	IN	A	58.217.249.158
ns100.114dns.net.	169	IN	A	114.114.119.119
ns100.114dns.com.	169	IN	A	114.114.118.118
ns100.114dns.com.	169	IN	A	60.215.138.254

;; Query time: 166 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Tue Feb 23 16:29:16 CST 2021
;; MSG SIZE  rcvd: 192

验证

root@kali:/# ping public1.114dns.com
PING public1.114dns.com (114.114.114.114) 56(84) bytes of data.
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=1 ttl=65 time=60.6 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=2 ttl=90 time=61.8 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=3 ttl=67 time=60.6 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=4 ttl=93 time=58.4 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=5 ttl=65 time=59.7 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=6 ttl=62 time=58.6 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=7 ttl=66 time=68.2 ms
64 bytes from public1.114dns.com (114.114.114.114): icmp_seq=8 ttl=69 time=59.3 ms
^C
--- public1.114dns.com ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7029ms
rtt min/avg/max/mdev = 58.496/60.954/68.253/2.969 ms
```bash
root@kali:/# dig public1.114dns.com

; <<>> DiG 9.10.3-P4-Debian <<>> public1.114dns.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16467
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 4

;; QUESTION SECTION:
;public1.114dns.com.		IN	A

;; ANSWER SECTION:
public1.114dns.com.	600	IN	A	114.114.114.114

;; AUTHORITY SECTION:
114dns.com.		55809	IN	NS	ns1000.114dns.com.
114dns.com.		55809	IN	NS	ns1000.114dns.net.

;; ADDITIONAL SECTION:
ns1000.114dns.com.	71	IN	A	114.114.116.116
ns1000.114dns.com.	71	IN	A	60.215.138.254
ns1000.114dns.net.	71	IN	A	114.114.117.117
ns1000.114dns.net.	71	IN	A	58.217.249.158

;; Query time: 49 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Tue Feb 23 16:31:42 CST 2021
;; MSG SIZE  rcvd: 168

查询DNS服务器bind版本信息

root@kali:/# dig txt chaos VERSION.BIND @ns3.dnsv4.com
;; Warning: query response not set
;; Warning: Message parser reports malformed message packet.

; <<>> DiG 9.10.3-P4-Debian <<>> txt chaos VERSION.BIND @ns3.dnsv4.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54463
;; flags: rd ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;VERSION.BIND.			CH	TXT

;; ANSWER SECTION:
VERSION.BIND.		0	CH	TXT	"DNSPod AUTHORITY DNS 6.0.2011.00 patch1"

;; Query time: 72 msec
;; SERVER: 61.129.8.140#53(61.129.8.140)
;; WHEN: Tue Feb 23 17:00:53 CST 2021
;; MSG SIZE  rcvd: 93

在这里插入图片描述
查询网站的域名注册信息和备案信息

网站
whois

root@kali:/# whois xuegod.cn
Domain Name: xuegod.cn
ROID: 20140908s10001s72166376-cn
Domain Status: ok
Registrant: 北京学神科技有限公司
Registrant Contact Email: jianmingbasic@163.com
Sponsoring Registrar: 阿里云计算有限公司(万网)
Name Server: dns7.hichina.com
Name Server: dns8.hichina.com
Registration Time: 2014-09-08 10:52:31
Expiration Time: 2021-09-08 10:52:31
DNSSEC: unsigned

备案信息
beianbeian.com
天眼查

标签:渗透,KALI,ttl,bytes,小白,ms,time,com,114.114
来源: https://blog.csdn.net/weixin_42077203/article/details/113964580

本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享;
2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关;
3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关;
4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除;
5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

专注分享技术,共同学习,共同进步。侵权联系[81616952@qq.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有