Welcome to my Forth tutorial on Information Gathering
In this tutorial we ll use gather DNS information about our target.
But before starting with basics of DIG we must know different types of DNS records.
The following list describes the common DNS record types and their use:
Maps a hostname to an IP address
SOA (Start of Authority)
Identifies the DNS server responsible for the domain information
CNAME (Canonical Name)
Provides additional names or aliases for the address record
MX (Mail Exchange)
Identifies the mail server for the domain
Identifies services such as directory services
Maps IP addresses to hostnames
NS (Name Server)
Identifies other name servers for the domain
AXFR (Zone Tranfer)
Can leak all the Sub-Domain Names registered for the domain
To install it on Windows:
1) Go to ftp://ftp.isc.org/isc/bind9/9.5.0-P2/
2) Download BIND9.5.0-P2.zip
3) Open the archive with WinZip
4) Extract dig.exe, libbind9.dll, libdns.dll, libisc.dll, libisccfg.dll, liblwres.dll to c:\\windows\\system32
Now to get the information on all of these records at once we can use ANY keyword. As shown below
DIG ANY <domain>
If you want to get NS records for the domain then you can go for the given query
DIG NS <domain>
In the same manner you have to change the option to get different records.
DIG <option> <domain>
This is all for this tutorial see you in the next tutorial of Information Gathering.
Author : Zenodermus Javanicus
Date : 2014-02-23