|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] slightly off topic: Reverse IP domain lookup
|
On 1/13/09, jim fisher <jedijf@myfisher.org> wrote:
> On 1/13/09, Michael Lazin <microlaser@gmail.com> wrote:
>> I had no luck with nmap and other things. This site seems to work better
>> than most, but it still does not seem to get all the domains. One of my
>> colleagues in Germany sent me the link. The page is in English:
>>
>> http://www.bfk.de/bfk_dnslogger_en.html
>>
>> On Mon, Jan 12, 2009 at 5:04 PM, Stephen Gran <steve@lobefin.net> wrote:
>>
>>> On Mon, Jan 12, 2009 at 03:31:33PM -0500, Michael Lazin said:
>>> > Hi, does anyone know of a tool that can be used to find every domain
>>> > that
>>> is
>>> > pointing to an IP? Website, command line tool, whatever is just fine.
>>>
>>> There is no such tool, almost by defintion. Given a huge number of
>>> domains, and a huge number of RRs within a domain, you have to search
>>> almost all of them to see if they have a record pointing to a given IP.
>>> --
>>>
>>> --------------------------------------------------------------------------
>>> | Stephen Gran | A friend of mine won't get a divorce,
>>> |
>>> | steve@lobefin.net | because he hates lawyers more than he
>>> |
>>> | http://www.lobefin.net/~steve <http://www.lobefin.net/%7Esteve> |
>>> hates
>>> his wife. |
>>>
>>> --------------------------------------------------------------------------
>>>
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1.4.6 (GNU/Linux)
>>>
>>> iD8DBQFJa76ESYIMHOpZA44RAmeCAKClJMnWTxip8liSav3H4/NbFcqq+ACgxdxt
>>> AAVj1J/WN1jTocCPe31VqcY=
>>> =zi42
>>> -----END PGP SIGNATURE-----
>>>
>>> ___________________________________________________________________________
>>> Philadelphia Linux Users Group --
>>> http://www.phillylinux.org
>>> Announcements -
>>> http://lists.phillylinux.org/mailman/listinfo/plug-announce
>>> General Discussion --
>>> http://lists.phillylinux.org/mailman/listinfo/plug
>>>
>>>
>>
>>
>> --
>> Michael Lazin
>> To gar auto estin noein te kai enai
>>
>
> A little script - I think this may be what you are looking for:
>
> jimf@dell6000:~$ cat rev_dns.sh
> #!/bin/bash
>
> echo "ip range to reverse :"
> echo "ie. 192.168.1"
>
> read ip_range
>
> for ip in `seq 1 254`;do ##assumes class c - change as needed
> host $ip_range.$ip | grep "name pointer" | cut -d " " -f5
> done
>
>
> --
> jim fisher
> Jedijf
>
> irc freenode #ubuntu-us-pa
> www.myfisher.org
>
> "Do, or do not. There is no 'try.'"
> -- Jedi Master Yoda
>
Upon further review of your question, that's not what you really wanted.
The best way to achieve what you want is through a forward brute force lookup.
make a file with any known or good guess dns names like mail pop3 smtp
ns1 ns2 yada yada yada - the more the merrier, then loop thru using
host dns_name.site.com and grep 'has address' and sort and find the ip
you are looking for and as many pointers as are verified by your
dns_name file.
like this:
#!/bin/bash
for name in $(cat dns-names.txt);do
host $name.jedijf.com |grep "has address"
done
Won't find 'all' unless your name file nails them all.
--
jim fisher
Jedijf
irc freenode #ubuntu-us-pa
www.myfisher.org
"Do, or do not. There is no 'try.'"
-- Jedi Master Yoda
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|