Dmitry信息收集工具
功能:它可以收集以下信息
根据IP或者域名来查询主机上的whois信息在(提供安全服务)的网站上挖掘主机信息查找目标域中的子域查找目标域中的邮件地址探测目标主机打开的端口、被屏蔽的的端口和关闭的端口
Dmitry的用法
Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host
-o Save output to %host.txt or to file specified by -o file /将输出保存到%host.txt或由-o保存到指定文件
-i Perform a whois lookup on the IP address of a host /对主机的IP地址执行whols查找
-w Perform a whois lookup on the domain name of a host /对主机的域名进行whols查找
-n Retrieve information on a host /在主机上检索信息
-s Perform a search for possible subdomains /执行搜索可能的子域
-e Perform a search for possible email addresses /执行搜索可能的电子邮件
-p Perform a TCP port scan on a host /在主机上执行TCP端口扫描
* -f Perform a TCP port scan on a host showing output reporting filtered ports /在显示输出报告过滤端口的主机上执行TCP端口扫描
* -b Read in the banner received from the scanned port /读取从扫描端口接受的banner
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 ) /0-9扫描TCP端口时设置TTL(默认2)
* Requires the -p flagged to be passed /需要-p标记才能传递
dmitry IP/域名 -o /mnt/xz (将这个IP或域名的信息输出保存到/mnt/xz.txt)
我这里查看的时
root@kali:/mnt# cat xz.txt HostIP:220.181.38.150 HostName:Gathered Inet-whois information for 220.181.38.150---------------------------------inetnum: 220.158.200.0 - 255.255.255.255netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCKdescr:IPv4 address block not managed by the RIPE NCCremarks: ------------------------------------------------------remarks:remarks: For registration information,remarks: you can consult the following sources:remarks:remarks: IANAremarks: /assignments/ipv4-address-spaceremarks: /assignments/iana-ipv4-special-registryremarks: /assignments/ipv4-recovered-address-spaceremarks:remarks: AFRINIC (Africa)remarks: / remarks:remarks: APNIC (Asia Pacific)remarks: / remarks:remarks: ARIN (Northern America)remarks: / remarks:remarks: LACNIC (Latin America and the Carribean)remarks: / remarks:remarks: ------------------------------------------------------country: EU # Country is really world wideadmin-c: IANA1-RIPEtech-c: IANA1-RIPEstatus: ALLOCATED UNSPECIFIEDmnt-by: RIPE-NCC-HM-MNTcreated: -01-07T10:46:25Zlast-modified: -01-07T10:46:25Zsource: RIPErole: Internet Assigned Numbers Authorityaddress: see .admin-c: IANA1-RIPEtech-c: IANA1-RIPEnic-hdl: IANA1-RIPEremarks: For more information on IANA servicesremarks: go to IANA web site at .mnt-by: RIPE-NCC-MNTcreated: 1970-01-01T00:00:00Zlast-modified: 2001-09-22T09:31:27Zsource: RIPE # Filtered% This query was served by the RIPE Database Query Service version 1.94.1 (WAGYU)Gathered Inic-whois information for ---------------------------------Domain Name: Registry Domain ID: 11181110_DOMAIN_COM-VRSNRegistrar WHOIS Server: Registrar URL: Updated Date: -05-09T04:30:46ZCreation Date: 1999-10-11T11:05:17ZRegistry Expiry Date: 2026-10-11T11:05:17ZRegistrar: MarkMonitor Inc.Registrar IANA ID: 292Registrar Abuse Contact Email: abusecomplaints@Registrar Abuse Contact Phone: +1.2083895740Domain Status: clientDeleteProhibited /epp#clientDeleteProhibitedDomain Status: clientTransferProhibited /epp#clientTransferProhibitedDomain Status: clientUpdateProhibited /epp#clientUpdateProhibitedDomain Status: serverDeleteProhibited /epp#serverDeleteProhibitedDomain Status: serverTransferProhibited /epp#serverTransferProhibitedDomain Status: serverUpdateProhibited /epp#serverUpdateProhibitedName Server: Name Server: Name Server: Name Server: Name Server: DNSSEC: unsignedURL of the ICANN Whois Inaccuracy Complaint Form: /wicf/>>> Last update of whois database: -07-30T04:08:18Z <<<
对主机的IP进行whols查找
对主机的域名进行whols查找
对主机进行检索
对主机执行可能搜索到的子域
执行搜索可能的电子邮件地址(可能!人家不让你搜到你当然无法搜索到)
在主机上进行TCP端口扫描(全连接扫描)
在显示输出报告过滤端口的主机上执行TCP端口扫描
读取从扫描端口接收的banner(横幅)
探寻主机扫描TCP端口时设置的TTL(默认2)
如果觉得《Kali信息收集工具Dmitry》对你有帮助,请点赞、收藏,并留下你的观点哦!
