【Kali渗透全方位实战】子域名的概念与探测(DNSenum工具和Sublist3r脚本的使用)

其他 2020-03-21 09:28:16 阅读次数: 0

文章目录

1 信息收集的重要性

在这里插入图片描述

2 子域名&DNS解析

在这里插入图片描述

3 子域名探测的作用

在这里插入图片描述

4 在线收集子域名的工具

在这里插入图片描述

5 DNSenum

5.1 介绍

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
也可以直接 DNSenum 【目标】

5.2 使用字典进行子域名爆破测试

在这里插入图片描述
-f后是你写入的字典 或者默认的字典 最后加上目标即可
在这里插入图片描述
在这里插入图片描述

6 sublist3r.py

在这里插入图片描述


root@kali:~# git clone https://github.com/aboul3la/Sublist3r
正克隆到 'Sublist3r'...
remote: Enumerating objects: 4, done.
remote: Counting objects: 100% (4/4), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 373 (delta 0), reused 2 (delta 0), pack-reused 369
接收对象中: 100% (373/373), 1.10 MiB | 41.00 KiB/s, 完成.
处理 delta 中: 100% (207/207), 完成.
root@kali:~# ls
Desktop    Downloads  Pictures  Sublist3r  Videos
Documents  Music      Public    Templates  zkaq.org_ips.txt
root@kali:~# pwd
/root
root@kali:~# cd Sublist3r/
root@kali:~/Sublist3r# ls
LICENSE      README.md         setup.py  sublist3r.py
MANIFEST.in  requirements.txt  subbrute
root@kali:~/Sublist3r# cat requirements.txt 
argparse
dnspython
requests
root@kali:~/Sublist3r# sudo pip install -r requirements.txt 
Requirement already satisfied: argparse in /usr/lib/python2.7 (from -r requirements.txt (line 1)) (1.2.1)
Requirement already satisfied: dnspython in /usr/lib/python2.7/dist-packages (from -r requirements.txt (line 2)) (1.16.0)
Requirement already satisfied: requests in /usr/lib/python2.7/dist-packages (from -r requirements.txt (line 3)) (2.22.0)
root@kali:~/Sublist3r# python sublist3r.py -d aqlab.cn

                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|

                # Coded By Ahmed Aboul-Ela - @aboul3la
    
[-] Enumerating subdomains now for aqlab.cn
[-] Searching now in Baidu..
[-] Searching now in Yahoo..
[-] Searching now in Google..
[-] Searching now in Bing..
[-] Searching now in Ask..
[-] Searching now in Netcraft..
[-] Searching now in DNSdumpster..
[-] Searching now in Virustotal..
[-] Searching now in ThreatCrowd..
[-] Searching now in SSL Certificates..
[-] Searching now in PassiveDNS..
[-] Total Unique Subdomains Found: 2
kali01.lab.aqlab.cn
shop.aqlab.cn
root@kali:~/Sublist3r# python sublist3r.py -d aqlab.cn -p 80,443

                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|

                # Coded By Ahmed Aboul-Ela - @aboul3la
    
[-] Enumerating subdomains now for aqlab.cn
[-] Searching now in Baidu..
[-] Searching now in Yahoo..
[-] Searching now in Google..
[-] Searching now in Bing..
[-] Searching now in Ask..
[-] Searching now in Netcraft..
[-] Searching now in DNSdumpster..
[-] Searching now in Virustotal..
[-] Searching now in ThreatCrowd..
[-] Searching now in SSL Certificates..
[-] Searching now in PassiveDNS..

[-] Total Unique Subdomains Found: 2
[-] Start port scan now for the following ports: 80,443
kali01.lab.aqlab.cn - Found open ports: 80, 443
shop.aqlab.cn - Found open ports: 80, 443


root@kali:~# ls
Desktop    Downloads  Pictures  Sublist3r  Videos
Documents  Music      Public    Templates  zkaq.org_ips.txt
root@kali:~# cd Sublist3r/
root@kali:~/Sublist3r# ls
LICENSE      README.md         setup.py  sublist3r.py
MANIFEST.in  requirements.txt  subbrute
root@kali:~/Sublist3r# python sublist3r.py -d qq.com

                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|

                # Coded By Ahmed Aboul-Ela - @aboul3la
    
[-] Enumerating subdomains now for qq.com
[-] Searching now in Baidu..
[-] Searching now in Yahoo..
[-] Searching now in Google..
[-] Searching now in Bing..
[-] Searching now in Ask..
[-] Searching now in Netcraft..
[-] Searching now in DNSdumpster..
[-] Searching now in Virustotal..
[-] Searching now in ThreatCrowd..
[-] Searching now in SSL Certificates..
[-] Searching now in PassiveDNS..

[-] Total Unique Subdomains Found: 199
0.qq.com
021.qq.com
1.qq.com
10.qq.com
100.qq.com
1000.qq.com
pick.101.qq.com
110.qq.com
111.qq.com
1111.qq.com
2020.qq.com
3gimg.qq.com
51.qq.com
520.qq.com
81.qq.com
ac.qq.com
adsgroup.qq.com
adshmct.qq.com
adsqqclick.qq.com
adstextview.qq.com
adsview2.qq.com
analy.qq.com
app.qq.com
appimg.qq.com
aps0040.qq.com
aps0550.qq.com
aq.qq.com
btrace.qq.com
chwl.qq.com
client.qq.com
connect.qq.com
coral.qq.com
ct10000.qq.com
dc.qq.com
dldir1.qq.com
dldir3.qq.com
dlied6.qq.com
docs.qq.com
down.qq.com
down-update.qq.com
dp3.qq.com
e.qq.com
esales.qq.com
ex.qq.com
fodder.qq.com
fs-conn-doctor.qq.com
fs_bt.qq.com
fw.qq.com
gamecredit.qq.com
games.qq.com
gamesafe.qq.com
gas-storage-1.qq.com
graph.qq.com
hudong.qq.com
i.qq.com
id.qq.com
ied-tqosdl.qq.com
imgcache.qq.com
ireader.qq.com
is.qq.com
iwan.qq.com
kf.qq.com
l.qq.com
map.qq.com
masterconn11.qq.com
mb.qq.com
msdk.qq.com
mtrace.qq.com
muse.qq.com
mx0.qq.com
mx3.qq.com
mxbiz1.qq.com
my2010.qq.com
nd.qq.com
news.qq.com
now.qq.com
omgid.qq.com
onedata.qq.com
openmobile.qq.com
pdlxf.qq.com
pick101.qq.com
pingfore.qq.com
pingma.qq.com
pingmid.qq.com
pingtas.qq.com
qb.qq.com
qbquery.qq.com
qm.qq.com
qqlogo.qq.com
qqun.qq.com
sharechain.qq.com
sl.qq.com
smtpbg10.qq.com
smtpbg100.qq.com
smtpbg11.qq.com
smtpbg140.qq.com
smtpbg141.qq.com
smtpbg150.qq.com
smtpbg151.qq.com
smtpbg160.qq.com
smtpbg161.qq.com
smtpbg170.qq.com
smtpbg171.qq.com
smtpbg180.qq.com
smtpbg181.qq.com
smtpbg20.qq.com
smtpbg200.qq.com
smtpbg201.qq.com
smtpbg220.qq.com
smtpbg221.qq.com
smtpbg251.qq.com
smtpbg260.qq.com
smtpbg261.qq.com
smtpbg270.qq.com
smtpbg280.qq.com
smtpbg290.qq.com
smtpbg30.qq.com
smtpbg301.qq.com
smtpbg31.qq.com
smtpbg320.qq.com
smtpbg321.qq.com
smtpbg330.qq.com
smtpbg331.qq.com
smtpbg340.qq.com
smtpbg341.qq.com
smtpbg350.qq.com
smtpbg351.qq.com
smtpbg360.qq.com
smtpbg361.qq.com
smtpbg370.qq.com
smtpbg371.qq.com
smtpbg380.qq.com
smtpbg401.qq.com
smtpbg410.qq.com
smtpbg411.qq.com
smtpbg420.qq.com
smtpbg421.qq.com
smtpbg430.qq.com
smtpbg431.qq.com
smtpbg440.qq.com
smtpbg441.qq.com
smtpbg450.qq.com
smtpbg451.qq.com
smtpbg460.qq.com
smtpbg461.qq.com
smtpbg470.qq.com
smtpbg471.qq.com
smtpbg480.qq.com
smtpbg501.qq.com
smtpbg510.qq.com
smtpbg511.qq.com
smtpbg520.qq.com
smtpbg550.qq.com
smtpbg551.qq.com
smtpbg560.qq.com
smtpbg561.qq.com
smtpbg570.qq.com
smtpbg571.qq.com
smtpbg590.qq.com
smtpbg600.qq.com
smtpbg601.qq.com
smtpbg701.qq.com
smtpproxy10.qq.com
smtpproxy11.qq.com
smtpproxy20.qq.com
smtpproxy21.qq.com
smtpproxy30.qq.com
smtpproxy31.qq.com
stun-a1.qq.com
support.qq.com
syzs.qq.com
t.qq.com
tajs.qq.com
tcc.qq.com
tcss.qq.com
tdc.qq.com
tmapp.qq.com
tongba.qq.com
tpns.qq.com
u0.qq.com
upload_data.qq.com
v.qq.com
vip.qq.com
vmp.qq.com
walk.qq.com
weixin110.qq.com
wifi.qq.com
win.qq.com
wp.qq.com
wpa.qq.com
wspeed.qq.com
wtlogin1.qq.com
wuxia.qq.com
wx.qq.com
x10.qq.com
xw.qq.com
ysdk.qq.com
yybcoupon.qq.com
zc.qq.com
root@kali:~/Sublist3r# 
root@kali:~/Sublist3r# python sublist3r.py -d qq.com -o qq.txt

                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|

                # Coded By Ahmed Aboul-Ela - @aboul3la
    
[-] Enumerating subdomains now for qq.com
[-] Searching now in Baidu..
[-] Searching now in Yahoo..
[-] Searching now in Google..
[-] Searching now in Bing..
[-] Searching now in Ask..
[-] Searching now in Netcraft..
[-] Searching now in DNSdumpster..
[-] Searching now in Virustotal..
[-] Searching now in ThreatCrowd..
[-] Searching now in SSL Certificates..
[-] Searching now in PassiveDNS..
HTTPSConnectionPool(host='dnsdumpster.com', port=443): Read timed out. (read timeout=25)
Process DNSdumpster-8:
Traceback (most recent call last):
  File "/usr/lib/python2.7/multiprocessing/process.py", line 267, in _bootstrap
    self.run()
  File "sublist3r.py", line 269, in run
    domain_list = self.enumerate()
  File "sublist3r.py", line 648, in enumerate
    self.extract_domains(post_resp)
  File "sublist3r.py", line 660, in extract_domains
    results_tbl = tbl_regex.findall(resp)[0]
TypeError: expected string or buffer

[-] Saving results to file: qq.txt
[-] Total Unique Subdomains Found: 100
3gimg.qq.com
ac.qq.com
adsgroup.qq.com
adshmct.qq.com
adsqqclick.qq.com
adstextview.qq.com
adsview2.qq.com
analy.qq.com
app.qq.com
appimg.qq.com
aq.qq.com
btrace.qq.com
chwl.qq.com
client.qq.com
connect.qq.com
coral.qq.com
dc.qq.com
dldir1.qq.com
dldir3.qq.com
dlied6.qq.com
docs.qq.com
down.qq.com
down-update.qq.com
dp3.qq.com
e.qq.com
esales.qq.com
ex.qq.com
fodder.qq.com
fs-conn-doctor.qq.com
fs_bt.qq.com
fw.qq.com
gamecredit.qq.com
games.qq.com
gamesafe.qq.com
graph.qq.com
hudong.qq.com
i.qq.com
id.qq.com
ied-tqosdl.qq.com
imgcache.qq.com
ireader.qq.com
is.qq.com
iwan.qq.com
kf.qq.com
l.qq.com
map.qq.com
masterconn11.qq.com
mb.qq.com
msdk.qq.com
mtrace.qq.com
muse.qq.com
mx3.qq.com
mxbiz1.qq.com
nd.qq.com
news.qq.com
now.qq.com
omgid.qq.com
onedata.qq.com
openmobile.qq.com
pdlxf.qq.com
pingfore.qq.com
pingma.qq.com
pingmid.qq.com
pingtas.qq.com
qb.qq.com
qbquery.qq.com
qm.qq.com
qqlogo.qq.com
qqun.qq.com
sharechain.qq.com
sl.qq.com
stun-a1.qq.com
support.qq.com
syzs.qq.com
t.qq.com
tajs.qq.com
tcc.qq.com
tcss.qq.com
tdc.qq.com
tmapp.qq.com
tongba.qq.com
tpns.qq.com
upload_data.qq.com
v.qq.com
vip.qq.com
vmp.qq.com
walk.qq.com
weixin110.qq.com
wifi.qq.com
win.qq.com
wp.qq.com
wpa.qq.com
wspeed.qq.com
wtlogin1.qq.com
wuxia.qq.com
wx.qq.com
xw.qq.com
ysdk.qq.com
yybcoupon.qq.com
zc.qq.com
root@kali:~/Sublist3r# 
root@kali:~/Sublist3r# cat qq.txt
3gimg.qq.com
ac.qq.com
adsgroup.qq.com
adshmct.qq.com
adsqqclick.qq.com
adstextview.qq.com
adsview2.qq.com
analy.qq.com
app.qq.com
appimg.qq.com
aq.qq.com
btrace.qq.com
chwl.qq.com
client.qq.com
connect.qq.com
coral.qq.com
dc.qq.com
dldir1.qq.com
dldir3.qq.com
dlied6.qq.com
docs.qq.com
down.qq.com
down-update.qq.com
dp3.qq.com
e.qq.com
esales.qq.com
ex.qq.com
fodder.qq.com
fs-conn-doctor.qq.com
fs_bt.qq.com
fw.qq.com
gamecredit.qq.com
games.qq.com
gamesafe.qq.com
graph.qq.com
hudong.qq.com
i.qq.com
id.qq.com
ied-tqosdl.qq.com
imgcache.qq.com
ireader.qq.com
is.qq.com
iwan.qq.com
kf.qq.com
l.qq.com
map.qq.com
masterconn11.qq.com
mb.qq.com
msdk.qq.com
mtrace.qq.com
muse.qq.com
mx3.qq.com
mxbiz1.qq.com
nd.qq.com
news.qq.com
now.qq.com
omgid.qq.com
onedata.qq.com
openmobile.qq.com
pdlxf.qq.com
pingfore.qq.com
pingma.qq.com
pingmid.qq.com
pingtas.qq.com
qb.qq.com
qbquery.qq.com
qm.qq.com
qqlogo.qq.com
qqun.qq.com
sharechain.qq.com
sl.qq.com
stun-a1.qq.com
support.qq.com
syzs.qq.com
t.qq.com
tajs.qq.com
tcc.qq.com
tcss.qq.com
tdc.qq.com
tmapp.qq.com
tongba.qq.com
tpns.qq.com
upload_data.qq.com
v.qq.com
vip.qq.com
vmp.qq.com
walk.qq.com
weixin110.qq.com
wifi.qq.com
win.qq.com
wp.qq.com
wpa.qq.com
wspeed.qq.com
wtlogin1.qq.com
wuxia.qq.com
wx.qq.com
xw.qq.com
ysdk.qq.com
yybcoupon.qq.com
zc.qq.com
root@kali:~/Sublist3r#
Li xiang007
发布了877 篇原创文章 · 获赞 237 · 访问量 9万+
私信 关注

猜你喜欢

转载自blog.csdn.net/weixin_43838785/article/details/104873461
今日推荐
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
GCC 14.1 发布
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
Java自定义时间格式
同步整形电路
在开发中最最最常用的字符串的属性大集合
Linux 查看端口占用并杀掉
Java基础四:ArrayList
多线程之死锁就是这么简单
mysql 基础命令集
awk 命令详解
Centos6.3编译安装nginx+php步骤
OCR (Optical Character Recognition,光学字符识别)
每日归档
更多
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022