-
Notifications
You must be signed in to change notification settings - Fork 23
/
课时18 DNS区域传输、DNS字典爆破、DNS注册信息.txt
executable file
·847 lines (728 loc) · 31.3 KB
/
课时18 DNS区域传输、DNS字典爆破、DNS注册信息.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
课时18 DNS区域传输、DNS字典爆破、DNS注册信息
╋━━━━━━━━━━━━━━━━━━━━╋
┃DNS区域传输 ┃
┃ dig @ns1.example.com example.com axfr ┃
┃ host -T -l sina.com 8.8.8.8 ┃
╋━━━━━━━━━━━━━━━━━━━━╋
root@kali:~# dig @ns2.sina.com sina.com axfr
;; Connection to 114.134.80.145#53(114.134.80.145) for sina.com failed: connection refused.
root@kali:~# dig @ns4.sina.com sina.com axfr
; <<>> DiG 9.9.5-9+deb8u3-Debian <<>> @ns4.sina.com sina.com axfr
; (1 server found)
;; global options: +cmd
; Transfer failed.
root@kali:~# host -T -l sina.com 8.8.8.8 ns3.sina.com
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
Host sina.com not found: 2(SERVFAIL)
; Transfer failed.
root@kali:~# host -h
host: illegal option -- h
Usage: host [-aCdlriTwv] [-c class] [-N ndots] [-t type] [-W time]
[-R number] [-m flag] hostname [server]
-a is equivalent to -v -t ANY
-c specifies query class for non-IN data
-C compares SOA records on authoritative nameservers
-d is equivalent to -v
-l lists all hosts in a domain, using AXFR
-i IP6.INT reverse lookups
-N changes the number of dots allowed before root lookup is done
-r disables recursive processing
-R specifies number of retries for UDP packets
-s a SERVFAIL response should stop query
-t specifies the query type
-T enables TCP/IP mode
-v enables verbose output
-w specifies to wait forever for a reply
-W specifies how long to wait for a reply
-4 use IPv4 query transport only
-6 use IPv6 query transport only
-m set memory debugging flag (trace|record|usage)
root@kali:~# man host //查看该命令的基础用法
root@kali:~# info host //查看该命令的基础用法
╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋
┃DNS字典爆破 ┃
┃ firece -desserver 8.8.8.8 -dns sina.com.cn -wordlist a.txt ┃
┃ dnsdict6 -d4 -t 16 -x sina.com ┃
┃ dnsenum -f dnsbig.txt -dnsserver 8.8.8.8 sina.com -o sina.xml ┃
┃ dnsmap sina.com -w dns.txt ┃
┃ dnsrecon -d sina.com --lifetime 10 -t brt -D dnsbig.txt ┃
┃ dnsrecon -t std -d sina.com ┃
╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋
root@kali:~# fierce -dnsserver 8.8.8.8 -dns sina.com.cn wordlist a.txt
DNS Servers for sina.com.cn:
ns4.sina.com.cn
ns2.sina.com.cn
ns3.sina.com.cn
ns1.sina.com.cn
Trying zone transfer first...
Unsuccessful in zone transfer (it was worth a shot)
Okay, trying the good old fashioned way... brute force
Checking for wildcard DNS...
** Found 93723043017.sina.com.cn at 202.102.110.204.
** High probability of wildcard DNS.
Now performing 2280 test(s)...
123.125.29.250 8.sina.com.cn
58.63.236.239 a1.sina.com.cn
58.63.236.237 a1.sina.com.cn
58.63.236.230 a1.sina.com.cn
58.63.236.239 a2.sina.com.cn
58.63.236.237 a2.sina.com.cn
58.63.236.230 a2.sina.com.cn
121.14.1.189 ad.sina.com.cn
121.14.1.190 ad.sina.com.cn
58.63.236.248 ad.sina.com.cn
……
root@kali:~# dpkg -L fierce
/.
/usr
/usr/share
/usr/share/doc
/usr/share/doc/fierce
/usr/share/doc/fierce/copyright
/usr/share/doc/fierce/changelog.Debian.gz
/usr/share/fierce
/usr/share/fierce/hosts.txt
/usr/bin
/usr/bin/fierce
more命令,功能类似 cat ,cat命令是整个文件的内容从上到下显示在屏幕上。 more会以一页一页的显示方便使用者逐页阅读,而最基本的指令就是按空白键(space)就往下一页显示,按 b 键就会往回(back)一页显示,而且还有搜寻字串的功能 。more命令从前向后读取文件,因此在启动时就加载整个文件。
more命令和cat的功能一样都是查看文件里的内容,但有所不同的是more可以按页来查看文件的内容,还支持直接跳转行等功能。
root@kali:~# more /usr/share/fierce/hosts.txt
root@kali:~# cat /usr/share/fierce/hosts.txt | grep www
www
www-
www-01
www-02
www-1
www-2
www-int
www0
www01
www02
www1
www2
www3
www_
wwwchat
wwwdev
wwwmail
root@kali:~# fierce -dnsserver 8.8.8.8 -dns sina.com.cn wordlist a.txt /usr/share/fierce/hosts.txt
DNS Servers for sina.com.cn:
ns3.sina.com.cn
ns2.sina.com.cn
ns4.sina.com.cn
ns1.sina.com.cn
Trying zone transfer first...
Unsuccessful in zone transfer (it was worth a shot)
Okay, trying the good old fashioned way... brute force
Checking for wildcard DNS...
** Found 97704271057.sina.com.cn at 202.102.110.204.
** High probability of wildcard DNS.
Now performing 2280 test(s)...
123.125.29.250 8.sina.com.cn
58.63.236.239 a1.sina.com.cn
58.63.236.237 a1.sina.com.cn
58.63.236.230 a1.sina.com.cn
58.63.236.230 a2.sina.com.cn
58.63.236.239 a2.sina.com.cn
58.63.236.237 a2.sina.com.cn
58.63.236.248 ad.sina.com.cn
121.14.1.189 ad.sina.com.cn
121.14.1.190 ad.sina.com.cn
121.14.1.190 ads.sina.com.cn
……
安装dnsdict6
wget http://www.thc.org/releases/thc-ipv6-2.7.tar.gz
使用上面的命令会出现证书错误,在本机下载然后拖进虚拟,最后打开终端开始安装!
tar zvxf thc-ipv6-2.7.tar.gz
cd thc-ipv6-2.7
sudo apt-get install libpcap-dev libssl-dev
make
sudo cp dnsdict6 /usr/bin/
【课外拓展】说明: 用来枚举域服务器的,它使用你提供的一个字典或者内置的列表来枚举
语法:dnsdict6 [-d46] [-s|-m|-l|-x] [-t 线程] [-D] 域名 [字典路径]
参数说明:
-4 显示ipv4
-t 指定要使用的线程 默认:8 最大:32
-D =================[只显示字典不扫描]====
-d 显示在DNS服务器上的NS(一种服务记录类型)MX(邮件服务器) ipv6 的域名信息
-e 忽略没有NS域错误
-S 执行SRV服务名称猜测
-[smlx] 选择字典大小[内置的] -s 小型是50条 -m 中等是796条[默认] -l 大型1416条 -x 最大3211条
root@kali:~# dnsdict6 -d4 -t 16 -x sina.com //枚举域服务器,显示6行,线程16,最大,域名
Starting DNS enumeration work on sina.com. ...
Gathering NS and MX information...
NS of sina.com. is ns4.sina.com.cn => 121.14.1.22
NS of sina.com. is ns2.sina.com. => 114.134.80.145
NS of sina.com. is ns1.sina.com. => 114.134.80.144
NS of sina.com. is ns4.sina.com. => 123.125.29.29
NS of sina.com. is ns2.sina.com.cn => 61.172.201.254
NS of sina.com. is ns3.sina.com.cn => 123.125.29.99
NS of sina.com. is ns1.sina.com.cn => 202.106.184.166
NS of sina.com. is ns.sina.com. => 61.172.201.254
No IPv6 address for NS entries found in DNS for domain sina.com.
MX of sina.com is freemx2.sinamil.sina.com.cn => 218.30.115.106
root@kali:~# dnsdict6 -h
dnsdict6 v2.7 (c) 2014 by van Hauser / THC <[email protected]> www.thc.org
Syntax: dnsdict6 [-d4] [-s|-m|-l|-x|-u] [-t THREADS] [-D] domain [dictionary-file]
Enumerates a domain for DNS entries, it uses a dictionary file if supplied
or a built-in list otherwise. This tool is based on dnsmap by gnucitizen.org.
Options:
-4 do also dump IPv4 addresses
-t NO specify the number of threads to use (default: 8, max: 32).
-D dump the selected built-in wordlist, no scanning.
-d display IPv6 information on NS and MX DNS domain information.
-e ignore no NS for domain errors
-S perform SRV service name guessing
-[smlxu] choose the dictionary size by -s(mall=100), -m(edium=1419) (DEFAULT)
-l(arge=2601), -x(treme=5886) or -u(ber=16724)
root@kali:~# dnsenum -f dnsbig.txt -dnsserver 8.8.8.8 sina.com -o sina.xml
dnsenum.pl VERSION:1.2.3
----- sina.com -----
Host's addresses:
__________________
sina.com. 47 IN A 66.102.251.33
Name Servers:
______________
ns2.sina.com.cn. 12328 IN A 61.172.201.254
ns3.sina.com.cn. 21599 IN A 123.125.29.99
ns1.sina.com.cn. 12449 IN A 202.106.184.166
ns1.sina.com. 21519 IN A 114.134.80.144
ns3.sina.com. 14250 IN A 61.172.201.254
ns4.sina.com. 20263 IN A 123.125.29.99
ns2.sina.com. 20931 IN A 114.134.80.145
ns4.sina.com.cn. 15452 IN A 121.14.1.22
Mail (MX) Servers:
___________________
freemx2.sinamail.sina.com.cn. 167 IN A 218.30.115.106
freemx3.sinamail.sina.com.cn. 1194 IN A 60.28.2.248
freemx1.sinamail.sina.com.cn. 11 IN A 202.108.3.242
Trying Zone Transfers and getting Bind Versions:
_________________________________________________
Trying Zone Transfer for sina.com on ns2.sina.com.cn ...
AXFR record query failed: connection failed
Trying Zone Transfer for sina.com on ns3.sina.com.cn ...
AXFR record query failed: RCODE from server: REFUSED
Trying Zone Transfer for sina.com on ns1.sina.com.cn ...
AXFR record query failed: connection failed
Trying Zone Transfer for sina.com on ns1.sina.com ...
AXFR record query failed: truncated zone transfer
Trying Zone Transfer for sina.com on ns3.sina.com ...
AXFR record query failed: connection failed
Trying Zone Transfer for sina.com on ns4.sina.com ...
AXFR record query failed: RCODE from server: REFUSED
Trying Zone Transfer for sina.com on ns2.sina.com ...
AXFR record query failed: connection failed
Trying Zone Transfer for sina.com on ns4.sina.com.cn ...
AXFR record query failed: connection failed
Brute forcing with dnsbig.txt:
_______________________________
Error: make sure that the file dnsbig.txt exists and has a size greater than zero.
root@kali:~# dpkg -L dnsenum
/.
/usr
/usr/share
/usr/share/doc
/usr/share/doc/dnsenum
/usr/share/doc/dnsenum/README.md
/usr/share/doc/dnsenum/copyright
/usr/share/doc/dnsenum/changelog.Debian.gz
/usr/share/dnsenum
/usr/share/dnsenum/dns.txt
/usr/bin
/usr/bin/dnsenum
root@kali:~# dnsenum -f www -dnsserver 8.8.8.8 sina.com -o sina.xml
dnsenum.pl VERSION:1.2.3
----- sina.com -----
Host's addresses:
__________________
sina.com. 14 IN A 66.102.251.33
Name Servers:
______________
ns3.sina.com.cn 13896 IN A 123.125.29.99
ns1.sina.com 7721 IN A 202.106.184.166
ns2.sina.com 4482 IN A 114.134.80.145
ns4.sina.com 16316 IN A 123.125.29.99
ns3.sina.com 177728 IN A 61.172.201.254
ns1.sina.com 7274 IN A 114.134.80.144
root@kali:~# find / -name dnsenum
/usr/bin/dnsenum
/usr/share/doc/dnsenum
/usr/share/dnsenum
root@kali:~# dnsmap sina.com -w dns.txt
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
root@kali:~# dnsrecon -d sina.com --lifetime 10 -t brt -D dnsbig.txt
[-] File dnsbig.txt does not exist!
root@kali:~# dpkg -L dnsrecon
/.
/usr
/usr/share
/usr/share/man
/usr/share/man/man1
/usr/share/man/man1/dnsrecon.1.gz
/usr/share/doc
/usr/share/doc/dnsrecon
/usr/share/doc/dnsrecon/README.md.gz
/usr/share/doc/dnsrecon/copyright
/usr/share/doc/dnsrecon/changelog.Debian.gz
/usr/share/dnsrecon
/usr/share/dnsrecon/tools
/usr/share/dnsrecon/tools/parser.py
/usr/share/dnsrecon/lib
/usr/share/dnsrecon/lib/mdnsenum.py
/usr/share/dnsrecon/lib/__init__.py
/usr/share/dnsrecon/lib/dnshelper.py
/usr/share/dnsrecon/lib/msf_print.py
/usr/share/dnsrecon/lib/gooenum.py
/usr/share/dnsrecon/lib/whois.py
/usr/share/dnsrecon/namelist.txt
/usr/share/dnsrecon/msf_plugin
/usr/share/dnsrecon/msf_plugin/dnsr_import.rb
/usr/share/dnsrecon/dnsrecon.py
/usr/bin
/usr/bin/dnsrecon
root@kali:~# dnsrecon -d sina.com --lifetime 10 -t brt -D /usr/share/dnsrecon/namelist.txt
[*] Performing host and subdomain brute force against sina.com
[!] Wildcard resolution is enabled on this domain
[!] It is resolving to 202.102.110.204
[!] All queries will resolve to this address!!
[*] Do you wish to continue? y/n
y
[*] A 1.sina.com 202.102.110.204
[*] A 0.sina.com 202.102.110.204
[*] A 02.sina.com 202.102.110.204
[*] A 03.sina.com 202.102.110.204
[*] A 01.sina.com 202.102.110.204
[*] A 3.sina.com 202.102.110.204
[*] A 18.sina.com 202.102.110.204
[*] A 20.sina.com 202.102.110.204
[*] A abc.sina.com 202.102.110.204
[*] A adam.sina.com 202.102.110.204
[*] A administrador.sina.com 202.102.110.204
[*] A administrators.sina.com 202.102.110.204
[*] A admins.sina.com 202.102.110.204
[*] CNAME ads.sina.com region.sina.usgcac.cdnetworks.net
[*] CNAME region.sina.usgcac.cdnetworks.net n2.panthercdn.com
[*] A n2.panthercdn.com 14.0.35.230
[*] A n2.panthercdn.com 14.0.38.86
[*] A ae.sina.com 202.102.110.204
[*] A affiliate.sina.com 202.102.110.204
[*] A admin.sina.com 202.102.110.204
[*] A administracion.sina.com 202.102.110.204
……
^C[-] You have pressed Ctrl-C. Saving found records.
[*] Waiting for 9 remaining threads to finish.
[*] A distributer.sina.com 202.102.110.204
[*] A dm.sina.com 202.102.110.204
[*] A devserver.sina.com 202.102.110.204
[*] A dns.sina.com 202.102.110.204
[*] A discuss.sina.com 202.102.110.204
[*] 254 Records Found
root@kali:~# dnsrecon -t std -d sina.com
[*] Performing General Enumeration of Domain:
Traceback (most recent call last):
File "./dnsrecon.py", line 1681, in <module>
main()
File "./dnsrecon.py", line 1524, in main
spf_enum, do_whois, zonewalk)
File "./dnsrecon.py", line 956, in general_enum
dns_sec_check(domain, res)
File "./dnsrecon.py", line 859, in dns_sec_check
answer = res._res.query(domain, 'DNSKEY')
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 824, in query
raise NoNameservers
dns.resolver.NoNameservers
╋━━━━━━━━━━━━━━━━━━━━━╋
┃DNS注册信息 ┃
┃Whois ┃
┃Whois -h whois.apnic.net 192.0.43.10 ┃
┃ ┃
┃AFRINIC http://www.afrinic.net ┃
┃APNIC http://www.apnic.net ┃
┃ARIN http://ws.arin.net ┃
┃IANA http://www.iana.com ┃
┃ICANN http://www.icann.org ┃
┃LACNIC http://www.lacnic.net ┃
┃NRO http://www.nro.net ┃
┃RIPE http://www.ripe.net ┃
┃InterNic http://www.internic.net ┃
╋━━━━━━━━━━━━━━━━━━━━━╋
root@kali:~# whois sina.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name: SINA.COM.CN
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Domain Name: SINA.COM
Registrar: NETWORK SOLUTIONS, LLC.
Sponsoring Registrar IANA ID: 2
Whois Server: whois.networksolutions.com
Referral URL: http://networksolutions.com
Name Server: NS1.SINA.COM
Name Server: NS1.SINA.COM.CN
Name Server: NS2.SINA.COM
Name Server: NS2.SINA.COM.CN
Name Server: NS3.SINA.COM
Name Server: NS3.SINA.COM.CN
Name Server: NS4.SINA.COM
Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Updated Date: 26-nov-2014
Creation Date: 16-sep-1998
Expiration Date: 15-sep-2019
>>> Last update of whois database: Fri, 18 Sep 2015 16:00:27 GMT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
Domain Name: SINA.COM
Registry Domain ID: 2243615_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2015-01-28T23:23:26Z
Creation Date: 1998-09-16T04:00:00Z
Registrar Registration Expiration Date: 2019-09-15T04:00:00Z
Registrar: NETWORK SOLUTIONS, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +1.8003337680
Reseller:
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: SINA.COM TECHNOLOGY(CHINA)CO.,LTD
Registrant Organization: SINA.COM TECHNOLOGY(CHINA)CO.,LTD
Registrant Street: BEIJING IDEAL PLAZA,20F NO.58
Registrant City: beijing
Registrant State/Province: CN
Registrant Postal Code: 100080
Registrant Country: CN
Registrant Phone: +86.1058983009
Registrant Phone Ext:
Registrant Fax: +86.1082607527
Registrant Fax Ext:
Registrant Email: [email protected]
Registry Admin ID:
Admin Name: Xie, Guomin
Admin Organization: SINA.COM TECHNOLOGY(CHINA)CO.,LTD
Admin Street: BEIJING IDEAL PLAZA,20F NO.58
Admin City: beijing
Admin State/Province: CN
Admin Postal Code: 100080
Admin Country: CN
Admin Phone: +86.1058983078
Admin Phone Ext:
Admin Fax: +86.1082607527
Admin Fax Ext:
Admin Email: [email protected]
Registry Tech ID:
Tech Name: Xie, Guomin
Tech Organization: SINA.COM TECHNOLOGY(CHINA)CO.,LTD
Tech Street: BEIJING IDEAL PLAZA,20F NO.58
Tech City: beijing
Tech State/Province: CN
Tech Postal Code: 100080
Tech Country: CN
Tech Phone: +86.1058983078
Tech Phone Ext:
Tech Fax: +86.1082607527
Tech Fax Ext:
Tech Email: [email protected]
Name Server: NS1.SINA.COM
Name Server: NS2.SINA.COM
Name Server: NS1.SINA.COM.CN
Name Server: NS2.SINA.COM.CN
Name Server: NS3.SINA.COM.CN
Name Server: NS3.SINA.COM
Name Server: NS4.SINA.COM
DNSSEC: Unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of whois database: Fri, 18 Sep 2015 16:00:27 GMT <<<
The data in Networksolutions.com's WHOIS database is provided to you by
Networksolutions.com for information purposes only, that is, to assist you in
obtaining information about or related to a domain name registration
record. Networksolutions.com makes this information available "as is," and
does not guarantee its accuracy. By submitting a WHOIS query, you
agree that you will use this data only for lawful purposes and that,
under no circumstances will you use this data to: (1) allow, enable,
or otherwise support the transmission of mass unsolicited, commercial
advertising or solicitations via direct mail, electronic mail, or by
telephone; or (2) enable high volume, automated, electronic processes
that apply to Networksolutions.com (or its systems). The compilation,
repackaging, dissemination or other use of this data is expressly
prohibited without the prior written consent of Networksolutions.com.
Networksolutions.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.
root@kali:~# whois wooyun.org
Domain Name:WOOYUN.ORG
Domain ID: D159099935-LROR
Creation Date: 2010-05-06T08:50:48Z
Updated Date: 2015-01-07T03:37:41Z
Registry Expiry Date: 2024-05-06T08:50:48Z
Sponsoring Registrar:Hichina Zhicheng Technology Limited (R1373-LROR)
Sponsoring Registrar IANA ID: 420
WHOIS Server:
Referral URL:
Domain Status: clientDeleteProhibited -- http://www.icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited -- http://www.icann.org/epp#clientTransferProhibited
Registrant ID:hc556860480-cn
Registrant Name:Fang Xiao Dun
Registrant Organization:Fang Xiao Dun
Registrant Street: Haidian District JuYuan Road 6# 502
Registrant City:Beijing
Registrant State/Province:Beijing
Registrant Postal Code:100080
Registrant Country:CN
Registrant Phone:+86.18610137578
Registrant Phone Ext:
Registrant Fax: +86.18610137578
Registrant Fax Ext:
Registrant Email:[email protected]
Admin ID:HC-009652962-CN
Admin Name:Fang Xiaodun
Admin Organization:Beijing Bigfish Technology
Admin Street: Haidian District JuYuan Road 6# 502
Admin City:Beijing
Admin State/Province:Beijing
Admin Postal Code:100080
Admin Country:CN
Admin Phone:+86.18610137578
Admin Phone Ext:
Admin Fax: +86.18610137578
Admin Fax Ext:
Admin Email:[email protected]
Tech ID:HC-844637505-CN
Tech Name:Fang Xiaodun
Tech Organization:Beijing Bigfish Technology
Tech Street: Haidian District JuYuan Road 6# 502
Tech City:Beijing
Tech State/Province:Beijing
Tech Postal Code:100080
Tech Country:CN
Tech Phone:+86.18610137578
Tech Phone Ext:
Tech Fax: +86.18610137578
Tech Fax Ext:
Tech Email:[email protected]
Name Server:NS1.DNSV2.COM
Name Server:NS2.DNSV2.COM
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
DNSSEC:Unsigned
Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to(a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy. For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
root@kali:~# whois www.google.com
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Server Name: WWW.GOOGLE.COM.AR
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: WWW.GOOGLE.COM.AU
Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE
Whois Server: whois.melbourneit.com
Referral URL: http://www.melbourneit.com
Server Name: WWW.GOOGLE.COM.BR
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: WWW.GOOGLE.COM.CO
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: WWW.GOOGLE.COM.DO
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: WWW.GOOGLE.COM.GERRYGOULD.COM
IP Address: 8.8.4.4
IP Address: 8.8.8.8
IP Address: 2001:4860:4860:0:0:0:0:8844
IP Address: 2001:4860:4860:0:0:0:0:8888
Registrar: GOOGLE INC.
Whois Server: whois.rrpproxy.net
Referral URL: http://domains.google.com
Server Name: WWW.GOOGLE.COM.HK
Registrar: GKG.NET, INC.
Whois Server: whois.gkg.net
Referral URL: http://www.gkg.net
Server Name: WWW.GOOGLE.COM.INFO-MADA.COM
IP Address: 216.239.32.21
IP Address: 216.239.38.21
IP Address: 216.239.36.21
IP Address: 216.239.34.21
Registrar: GODADDY.COM, LLC
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Server Name: WWW.GOOGLE.COM.MX
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: WWW.GOOGLE.COM.NAPLESCABS.COM
IP Address: 216.239.32.21
IP Address: 216.239.34.21
IP Address: 216.239.36.21
IP Address: 216.239.38.21
Registrar: GODADDY.COM, LLC
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Server Name: WWW.GOOGLE.COM.PE
Registrar: DELUXE SMALL BUSINESS SALES, INC. D/B/A APLUS.NET
Whois Server: whois.names4ever.com
Referral URL: http://www.aplus.net
Server Name: WWW.GOOGLE.COM.PK
Registrar: INTERNET.BS CORP.
Whois Server: whois.internet.bs
Referral URL: http://www.internet.bs
Server Name: WWW.GOOGLE.COM.SA
Registrar: OMNIS NETWORK, LLC
Whois Server: whois.omnis.com
Referral URL: http://www.omnis.com
Server Name: WWW.GOOGLE.COM.TR
Registrar: TUCOWS DOMAINS INC.
Whois Server: whois.tucows.com
Referral URL: http://www.tucowsdomains.com
Server Name: WWW.GOOGLE.COM.TW
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Server Name: WWW.GOOGLE.COM.VN
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
>>> Last update of whois database: Fri, 18 Sep 2015 16:10:03 GMT <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
For more information on Whois status codes, please visit
https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en.
root@kali:~# whois 202.106.0.20
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '202.106.0.0 - 202.106.255.255'
inetnum: 202.106.0.0 - 202.106.255.255
netname: UNICOM-BJ
descr: China Unicom Beijing province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: SY21-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-BJ
mnt-routes: MAINT-CNCGROUP-RR
mnt-irt: IRT-CU-CN
changed: [email protected] 20031017
status: ALLOCATED PORTABLE
changed: [email protected] 20060124
changed: [email protected] 20090507
changed: [email protected] 20090508
source: APNIC
irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: [email protected] 20101110
changed: [email protected] 20101116
source: APNIC
person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: [email protected]
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: [email protected] 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC
person: sun ying
address: fu xing men nei da jie 97, Xicheng District
address: Beijing 100800
country: CN
phone: +86-10-66030657
fax-no: +86-10-66078815
e-mail: [email protected]
nic-hdl: SY21-AP
mnt-by: MAINT-CNCGROUP-BJ
changed: [email protected] 19980824
changed: [email protected] 20060717
changed: [email protected] 20090630
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r6 (WHOIS1)