kali-dmitry 域名信息收集

DMirty：用来收集以下信息：

1. 端口扫描

2. whois主机IP和域名信息

3. 从Netcraft.com获取主机信息

4. 子域名

5. 域名中包含的邮件地址

1、使用方法：

 Deepmagic Information Gathering Tool
 "There be some deep magic going on"

 dmitry: invalid option -- '-'
 Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host
   -o     Save output to %host.txt or to file specified by -o file
   -i     Perform a whois lookup on the IP address of a host
   -w     Perform a whois lookup on the domain name of a host
   -n     Retrieve Netcraft.com information on a host
   -s     Perform a search for possible subdomains
   -e     Perform a search for possible email addresses
   -p     Perform a TCP port scan on a host
 * -f     Perform a TCP port scan on a host showing output reporting filtered ports
 * -b     Read in the banner received from the scanned port
 * -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
 *Requires the -p flagged to be passed

2、收集信息：

 root@shenlan-qianlan:/home/shell# dmitry -winse www.baidu.com
 Deepmagic Information Gathering Tool
 "There be some deep magic going on"

 HostIP:220.181.111.188
 HostName:www.baidu.com

 Gathered Inet-whois information for 220.181.111.188
 ---------------------------------

 inetnum:        220.181.0.0 - 220.181.255.255
 netname:        CHINANET-IDC-BJ
 country:        CN
 descr:          CHINANET Beijing province network
 descr:          China Telecom
 descr:          No.31,jingrong street
 descr:          Beijing 100032
 admin-c:        CH93-AP
 tech-c:         HC55-AP
 remarks:        hostmaster is not for spam complaint,
 remarks:        please send spam complaint to anti-spam@ns.chinanet.cn.net
 mnt-by:         MAINT-CHINANET
 mnt-lower:      MAINT-CHINATELECOM-BJ
 status:         ALLOCATED NON-PORTABLE
 changed:        hostmaster@ns.chinanet.cn.net 20030620
 changed:        hm-changed@apnic.net 20050715
 source:         APNIC

 person:         Chinanet Hostmaster
 nic-hdl:        CH93-AP
 e-mail:         anti-spam@ns.chinanet.cn.net
 address:        No.31 ,jingrong street,beijing
 address:        100032
 phone:          +86-10-58501724
 fax-no:         +86-10-58501724
 country:        CN
 changed:        dingsy@cndata.com 20070416
 changed:        zhengzm@gsta.com 20140227
 mnt-by:         MAINT-CHINANET
 source:         APNIC

 person:         Hostmaster of Beijing Telecom corporation CHINA   TELECOM
 nic-hdl:        HC55-AP
 e-mail:         bjnic@bjtelecom.net
 address:        Beijing Telecom
 address:        No. 107 XiDan Beidajie, Xicheng District Beijing
 phone:          +86-010-58503461
 fax-no:         +86-010-58503054
 country:        cn
 changed:        bjnic@bjtelecom.net 20040115
 mnt-by:         MAINT-CHINATELECOM-BJ
 source:         APNIC

 % This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)

 Gathered Inic-whois information for baidu.com
 ---------------------------------
    Domain Name: BAIDU.COM
    Registrar: MARKMONITOR INC.
    Sponsoring Registrar IANA ID: 292
    Whois Server: whois.markmonitor.com
    Referral URL: http://www.markmonitor.com
    Name Server: DNS.BAIDU.COM
    Name Server: NS2.BAIDU.COM
    Name Server: NS3.BAIDU.COM
    Name Server: NS4.BAIDU.COM
    Name Server: NS7.BAIDU.COM
    Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
    Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
    Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
    Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
    Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
    Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
    Updated Date: 10-sep-2015
    Creation Date: 11-oct-1999
    Expiration Date: 11-oct-2017

 >>> Last update of whois database: Mon, 10 Oct 2016 01:05:12 GMT <<<

 For more information on Whois status codes, please visit https://icann.org/epp

 NOTICE: The expiration date displayed in this record is the date the
 registrar's sponsorship of the domain name registration in the registry is
 currently set to expire. This date does not necessarily reflect the expiration
 date of the domain name registrant's agreement with the sponsoring
 registrar.  Users may consult the sponsoring registrar's Whois database to
 view the registrar's reported date of expiration for this registration.

 TERMS OF USE: You are not authorized to access or query our Whois
 database through the use of electronic processes that are high-volume and
 automated except as reasonably necessary to register domain names or
 modify existing registrations; the Data in VeriSign Global Registry
 Services' ("VeriSign") Whois database is provided by VeriSign for
 information purposes only, and to assist persons in obtaining information
 about or related to a domain name registration record. VeriSign does not
 guarantee its accuracy. By submitting a Whois query, you agree to abide
 by the following terms of use: You agree that you may use this Data only
 for lawful purposes and that under no circumstances will you use this Data
 to: (1) allow, enable, or otherwise support the transmission of mass
 unsolicited, commercial advertising or solicitations via e-mail, telephone,
 or facsimile; or (2) enable high volume, automated, electronic processes
 that apply to VeriSign (or its computer systems). The compilation,
 repackaging, dissemination or other use of this Data is expressly
 prohibited without the prior written consent of VeriSign. You agree not to
 use electronic processes that are automated and high-volume to access or
 query the Whois database except as reasonably necessary to register
 domain names or modify existing registrations. VeriSign reserves the right
 to restrict your access to the Whois database in its sole discretion to ensure
 operational stability.  VeriSign may restrict or terminate your access to the
 Whois database for failure to abide by these terms of use. VeriSign
 reserves the right to modify these terms at any time.

 The Registry database contains ONLY .COM, .NET, .EDU domains and
 Registrars.

 Gathered Netcraft information for www.baidu.com
 ---------------------------------

 Retrieving Netcraft.com information for www.baidu.com
 Netcraft.com Information gathered

 Gathered Subdomain information for baidu.com
 ---------------------------------
 Searching Google.com:80...
 Searching Altavista.com:80...
 Found 0 possible subdomain(s) for host baidu.com, Searched 0 pages containing 0 results

 Gathered E-Mail information for baidu.com
 ---------------------------------
 Searching Google.com:80...
 Searching Altavista.com:80...
 Found 0 E-Mail(s) for host baidu.com, Searched 0 pages containing 0 results

 All scans completed, exiting