Information Security

Backtrack 4: Information Gathering: Search Engine: Goorecon – Find emails and subdomains using Google

During the Information Gathering section of a pentest, we are interested in finding out the various sub-domains of our target domain. In the past few tutorials we queried DNS servers using zone transfer requests or trying to retrieve entries using a dictionary & brute-forcing attacks. Another technique to figure out sub-domains is to query google and check if it has found any sub-domains during it’s web mining exercise on the target. Goorecon can do this. Goorecon was written by Carlos (Darkoperator) Perez.

Details
Technology Errors

How To mv Files With A Dash: mv: invalid option — 1, Try mv –help for more information

Recently I was moving files from one directory to another on a CentOS 5.4 server and ran into an issue. When attempting to move every single file in the directory I received an error which is noted below. It took me a couple minutes but I figured out by trial and error that the issue was related to files starting with a “-“(dash) because the mv command thought that I was attempting to use a switch. The resolution is easy using “./”. Look at the below examples for more information about the error and how it was resolved.

Details
Information Security

Backtrack 4: Information Gathering: DNS: Fierce – locate non-contiguous IP space and hostnames against specified domains

The final tool in the DNS Section is called fierce. It is a perl script written by rsnake. Fierce tries multiple techniques to find all the IP addresses and hostnames used by a target. These include – trying to dump the SOA records, do a zone transfer, searching for commonly used domain names with a dictionary attack, adjacency scan and a few more. Fierce is meant specifically to locate likely targets both inside and outside a corporate network. Only those targets are listed (unless the -nopattern switch is used). No exploitation is performed (unless you do something intentionally malicious with the -connect switch). Fierce is a reconnaissance tool. Fierce is a PERL script that quickly scans domains using several tactics.

Details