Dmitry or Deepmagic Information Gathering Tool is an all in one host information tool included in Backtrack 4’s Information Gathering section. Personally I prefer doing most info gathering using tools built into Linux however it is nice to run a tool like this in the background and come back later if you are multi-tasking. Before getting into the details of Dmitry please see this article relating to a Segmentation Fault that can occur with Dmitry on Backtrack 4.
Dmitry – Deepmagic Information Gathering Tool Details:
So Dmitry can perform numerous tasks based on the switches provided including a couple whois lookups, netcraft.com data (OS info, uptime info, web server info), subdomain search, email address search, and various TCP port scan options. As you can see letting this fly against a target host will return various information in one swoop. Below is an example using Dmitry against the louisville.edu domain/host.
Dmitry Example Against Louisville.edu Domain/Host:
- root@bt:~# dmitry -wnsepb louisville.edu
- Deepmagic Information Gathering Tool
- "There be some deep magic going on"
- HostIP:136.165.238.241
- HostName:louisville.edu
- Gathered Inic-whois information for louisville.edu
- ---------------------------------
- Domain Name: LOUISVILLE.EDU
- Registrant:
- University of Louisville
- Information Technology - Communications Services
- 109 Miller Info Tech Center
- Louisville, KY 40292
- UNITED STATES
- Administrative Contact:
- Domain Admin
- University of Louisville
- 109 Miller Info Tech Center
- Information Technology Communications Services
- Louisville, KY 40292
- UNITED STATES
- (502) 852-1776
- domain.admin@hermes.louisville.edu
- Technical Contact:
- Domain Tech
- University of Louisville
- 109 Miller Info Tech Center
- Information Technology Communications Services
- Louisville, KY 40292
- UNITED STATES
- (502) 852-1776
- domain.tech@hermes.louisville.edu
- Name Servers:
- HERMES.LOUISVILLE.EDU 136.165.253.10
- PAN.LOUISVILLE.EDU 136.165.253.89
- HERMES.IPV6.LOUISVILLE.EDU 2610:1e0:1800:f1::1
- PAN.IPV6.LOUISVILLE.EDU 2610:1e0:1800:af1::1
- MIDNIGHT.STATE.KY.US
- Domain record activated: 11-Sep-1989
- Domain record last updated: 17-Feb-2009
- Domain expires: 31-Jul-2011
- Gathered Netcraft information for louisville.edu
- ---------------------------------
- Retrieving Netcraft.com information for louisville.edu
- No uptime reports available for host: louisville.edu
- Netcraft.com Information gathered
- Gathered Subdomain information for louisville.edu
- ---------------------------------
- Searching Google.com:80...
- HostName:blackboard.louisville.edu
- HostIP:136.165.229.56
- HostName:louisville.louisville.edu
- HostIP:67.215.65.132
- HostName:ulink.louisville.edu
- HostIP:136.165.229.26
- HostName:www.law.louisville.edu
- HostIP:136.165.33.26
- HostName:ksdc.louisville.edu
- HostIP:136.165.30.162
- HostName:business.louisville.edu
- HostIP:136.165.235.106
- HostName:graduate.louisville.edu
- HostIP:136.165.238.236
- HostName:delphi.louisville.edu
- HostIP:136.165.238.157
- HostName:art.louisville.edu
- HostIP:136.165.238.157
- HostName:supa.louisville.edu
- HostIP:136.165.30.162
- HostName:n-acetyltransferasenomenclature.louisville.edu
- HostIP:136.165.238.157
- HostName:www.alumni.louisville.edu
- HostIP:136.165.238.157
- HostName:www.louisville.edu
- HostIP:136.165.238.157
- HostName:sun.louisville.edu
- HostIP:136.165.30.162
- HostName:cepm.louisville.edu
- HostIP:136.165.30.162
- HostName:modernlanguages.louisville.edu
- HostIP:136.165.238.64
- HostName:www.ece.louisville.edu
- HostIP:136.165.48.40
- HostName:www.chse.louisville.edu
- HostIP:136.165.238.157
- HostName:www.cs.louisville.edu
- HostIP:136.165.238.157
- HostName:minerva.louisville.edu
- HostIP:136.165.237.48
- HostName:www.math.louisville.edu
- HostIP:136.165.82.1
- HostName:pediatrics.louisville.edu
- HostIP:136.165.238.64
- HostName:www.physics.louisville.edu
- HostIP:136.165.83.56
- HostName:reach.louisville.edu
- HostIP:136.165.238.64
- HostName:gwweb.louisville.edu
- HostIP:136.165.228.2
- HostName:www.med.louisville.edu
- HostIP:136.165.238.133
- HostName:ci.louisville.edu
- HostIP:136.165.40.22
- HostName:pso.louisville.edu
- HostIP:136.165.30.162
- HostName:digital.library.louisville.edu
- HostIP:136.165.115.187
- HostName:www.starautism.louisville.edu
- HostIP:136.165.238.157
- HostName:document.louisville.edu
- HostIP:67.215.65.132
- Searching Altavista.com:80...
- Found 31 possible subdomain(s) for host louisville.edu, Searched 0 pages containing 0 results
- Gathered E-Mail information for louisville.edu
- ---------------------------------
- Searching Google.com:80...
- Danna.Morrison@louisville.edu
- price.foster@louisville.edu
- macgroup@erdos.math.louisville.edu
- sc8cc3fd.049@louisville.edu
- sovanc01@louisville.edu
- dsteis01@louisville.edu
- Searching Altavista.com:80...
- Found 6 E-Mail(s) for host louisville.edu, Searched 0 pages containing 0 results
- Gathered TCP Port information for 136.165.238.241
- ---------------------------------
- Port State
- 80/tcp open
- Portscan Finished: Scanned 150 ports, 1 ports were in state closed
- All scans completed, exiting
As you can see there is a wealth of information regarding he louisville.edu domain as well as the specific host we hit serving the louisville.edu domain. There isn’t a whole lot to write about such a tool since it really just requires reading what he switches do and letting it fly. For more information on Dmitry type “man dmitry” from a Backtrack terminal window.
Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab (Paperback)
|
||||||||
Gray Hat Hacking, Second Edition: The Ethical Hacker’s Handbook (Paperback)
|
||||||||
ITS GOOD………BT NOT MUCH INTERESTING…
Hello Sheetal,
The application or the article? Regardless thanks for leaving feedback.
Thanks.
alex