Sunday, January 13, 2008

How To Using DNS-Ptr

How To Using DNS-Ptr

Disclaimer: This information is for educational purposes only and not to commit a crime!
If you do something that causes you to hose your box don't come kicking and screaming on the forums!
All IP Address' MAC Address' etc. have been munged!


DNS-PTR Is a tool that allows you to learn DNS names of IP address' This is like doing a reverse DNS lookup.
You have the IP address but want to know if there is a domain name associated with it.
Using this tool will allow us to do mass lookups rather quickly.
This is a very simple tool to use.

To access this tool K>Backtrack>InformationGathering>All>DNS-Ptr

OK opening this will give the following
Code:
Usage : ./Allhosts  
Mass DNS Query program for vicy, by crisk
bt dns-ptr #
OK so for some background for those that don't know. DNS the Domain Name System translates Domain Names like www.yourexampleofadomain.com into 192.168.1.100
Of course this address is for "internal or private use only".
Now we can use lots of tools to gain this info I will leave that alone.
If you have maybe the IP address and want to find a domain name that may be associated with the IP we can use DNS-Ptr
Using the IP to find an associated Domain name is called a Reverse DNS lookup.

To use the tool on the command line type the IP address that you want to lookup.

Code:
Usage : ./Allhosts  
Mass DNS Query program for vicy, by crisk
bt dns-ptr # dns-ptr 192.168.1.1

The output will show us.

Code:
Beginning DNS lookups
192.1.168.1.1
Ending DNS lookups.
bt dns-ptr #
If we want to see if other IP address' close to our start IP are associated then we can set the End IP and run it again.

In this example I used 5 (remember leave a space)

Code:
Usage : ./Allhosts  
Mass DNS Query program for vicy, by crisk
bt dns-ptr # dns-ptr 192.168.1.1 5
Code:
Beginning DNS lookups
192.1.168.1.1  : fac34-7-yourexampleofadomain.com
192.1.168.1.2  : fac34-7-yourexampleofadomain.com
192.1.168.1.3  : fac34-7-yourexampleofadomain.com
192.1.168.1.4  : fac34-7-yourexampleofadomain.com
192.1.168.1.5  : someotherexampleofadomain.com
Ending DNS lookups.
bt dns-ptr #
As you can see the first 4 IPs belong to www.yourexampleofadomain.com, but the 5th one belongs to someone else.
Again this is a simple tool to use.
Posted by at
Labels: , , , , , ,

2 comments:

Lord Epzylon said...

Download?

May 18, 2008 at 3:40 PM
Unknown said...

If you are looking for a download for the link then check here
http://www.google.com/search?hl=en&q=dns-ptr&btnG=Google+Search

The tool is also included in the Back Track pen-testing distro.
http://www.remote-exploit.org/

June 15, 2008 at 10:53 AM

Post a Comment

Subscribe to: Post Comments (Atom)