Saturday, November 25, 2017

Information မ်ားကို တူးဆြၾကည့္ျခင္း



Kali Linux

Information Gathering
1. Using dig command
Terminal ကို ဖြင့္ျပီး dig လို႔ ရိုက္ enter ၾကည့္လိုက္ပါ။ dig ရဲ႕ info ေတြ ထြက္လာမွာျဖစ္ပါတယ္။ Example အေနနဲ႔ ေအာက္မွာ စမ္းျပထားပါတယ္။ ၾကည့္ၾကည့္ပါ။


root@kali:~# dig facebook.com

; <<>> DiG 9.10.3-P4-Debian <<>> facebook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- 19245="" id:="" noerror="" opcode:="" p="" query="" status:="">;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;facebook.com. IN A

;; ANSWER SECTION:
facebook.com. 237 IN A 157.240.7.35

;; Query time: 49 msec
;; SERVER: 192.168.43.1#53(192.168.43.1)
;; WHEN: Mon Mar 27 03:12:04 EDT 2017
;; MSG SIZE  rcvd: 57
..............................................................................................
..............................................................................................

root@kali:~# dig google.com

; <<>> DiG 9.10.3-P4-Debian <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- 54522="" id:="" noerror="" opcode:="" p="" query="" status:="">;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 119 IN A 216.58.196.14

;; Query time: 462 msec
;; SERVER: 192.168.43.1#53(192.168.43.1)
;; WHEN: Mon Mar 27 03:12:23 EDT 2017
;; MSG SIZE  rcvd: 55

..............................................................................................
..............................................................................................
ေအာက္ဆံုးမွာ စုေပးထားတဲ့ အခ်က္အလက္ေတြက အဓိက လိုရင္းျဖစ္ပါတယ္။
..............................................................................................
..............................................................................................





2. Using Dmitry
All programs >> Infomation Gathering>> dmitry ဆိုျပီး အစဥ္လိုက္ဖြင့္ၾကည့္လို႔ရသလို Applications>> 01. Information Gathering >> dmitry  ကေနလည္း ဖြင့္ႏိုင္ပါတယ္။ ေနာက္ဆံုးအခ်က္အေနနဲ႔ Terminal မွာ dmitry ဆိုျပီး ရိုက္ေခၚလို႔လည္း ရပါတယ္။ ကဲ သံုးနည္းလံုးနဲ႔ စမ္းဖြင့္ၾကည့္ပါဗ်ာ။ ခု သင္ခန္းစာမွာပါတဲ့ screenshot ေလးေတြမွာလည္း ပါတာမို႔ အဆင္ေျပလိမ့္မယ္လို႔ ယူဆပါတယ္ဗ်ာ။ ပါလာတဲ့ ပံုေလးေတြ ၾကည့္ၾကည့္ပါ။
ဖြင့္ျပီးျပီလို႔ပဲ ယူဆရေအာင္ဗ်ာ .......................
ဖြင့္လိုက္ျပီးတာနဲ႔ ေအာက္ပါအတိုင္း ျမင္ရမွာျဖစ္ပါတယ္။

root@kali:~# dmitry
Deepmagic Information Gathering Tool
"There be some deep magic going on"

Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host
  -o Save output to %host.txt or to file specified by -o file
  -i Perform a whois lookup on the IP address of a host
  -w Perform a whois lookup on the domain name of a host
  -n Retrieve Netcraft.com information on a host
  -s Perform a search for possible subdomains
  -e Perform a search for possible email addresses
  -p Perform a TCP port scan on a host
* -f Perform a TCP port scan on a host showing output reporting filtered ports
* -b Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
*Requires the -p flagged to be passed

Linux program  တိုင္းမွာ ခုလို ေဖာ္ျပေလးေတြ ရွိၾကပါတယ္။ ဒါမွ ဘာက ဘာအတြက္ သံုးမယ္ဆိုတာ သိမွာမို႔ပါ။ ခု ဒီထဲမွာ ပါဝင္တဲ့  option ေတြကိုပဲ အရင္  ၾကည့္ရေအာင္ပါ။

  -o Save output to %host.txt or to file specified by -o file
  -i Perform a whois lookup on the IP address of a host
  -w Perform a whois lookup on the domain name of a host
  -n Retrieve Netcraft.com information on a host
  -s Perform a search for possible subdomains
  -e Perform a search for possible email addresses
  -p Perform a TCP port scan on a host
* -f Perform a TCP port scan on a host showing output reporting filtered ports
* -b Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )

တစ္ေၾကာင္းခ်င္းစီ ရွင္းျပဖို႔ လိုမယ္ထင္ပါတယ္။ သိတဲ့သူေတြလည္း ၾကည့္လိုက္ပါဦး။ ေနာက္ပိုင္း ထပ္မံရွိလာမယ့္ ပရိုဂရမ္ေတြက် ကိုယ့္ဘာသာ လုပ္တတ္လာဖို႔ လိုအပ္ပါတယ္။ တစ္ခုခ်င္းစီကို Eng လို ေဖာ္ျပေပးထားျပီး ဖတ္ရလည္း လြယ္ပါတယ္။

  -o Save output to %host.txt or to file specified by -o file
သူကေတာ့ -o ကို သံုးရင္ output ကို save လုပ္ေပးမွာျဖစ္တယ္။ txt format နဲ႔ သိမ္းမွာပါ။

  -i Perform a whois lookup on the IP address of a host
host ရဲ႕ IP address ကို ၾကည့္ခ်င္တဲ့အခါ whois lookup ကို လုပ္ေဆာင္ေပးတယ္။

  -w Perform a whois lookup on the domain name of a host
host ရဲ႕ Domain name ကို ရွာဖို႔ေပါ့

  -n Retrieve Netcraft.com information on a host
Netcraft.com မွာ ေဖာ္ျပထားတဲ့ အခ်က္အလက္ေတြကို ရယူဖို႔ သံုးတယ္

  -s Perform a search for possible subdomains
ဒိုမိန္း အခြဲကေလးေတြကို ရွာေဖြေပးတဲ့ေနရာမွာ အသံုးျပဳပါတယ္

  -e Perform a search for possible email addresses
ဒါကေတာ့  ေမးလ္ ရွာတာေပါ့။ သူေဖာ္ျပထားတာေလးေတြက ရွင္းပါတယ္။

  -p Perform a TCP port scan on a host
host ကို TCP port scan လုပ္မယ္

* -f Perform a TCP port scan on a host showing output reporting filtered ports
* -b Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
ေအာက္မွာ * နဲ႔ ျပထားတာေတတြကေတာ့ သတိျပဳေစခ်င္တာေတြ ပါရွိလို႔ ျဖစ္ပါတယ္။ ကဲ လက္ေတြ႕ စမ္းသံုးၾကည့္ရေအာင္ေနာ္။

................................................................................................................................
root@kali:~# dmitry -i google.com   #ကြ်န္ေတာ္ ရိုက္လိုက္တာ ဒီတစ္ေၾကာင္းတည္းပါ။ terminal ကေန အခ်ိန္မေရြး တိုက္ရိုက္ ရိုက္သံုးႏိုင္မွာျဖစ္ပါတယ္။
Deepmagic Information Gathering Tool
"There be some deep magic going on"

HostIP:216.58.196.14 #ေဖာ္ျပထားတာေတြက ရွင္းပါတယ္ေနာ္
HostName:google.com #

Gathered Inet-whois information for 216.58.196.14
---------------------------------


inetnum:        216.0.0.0 - 216.158.95.255
netname:        NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
descr:          IPv4 address block not managed by the RIPE NCC
remarks:        ------------------------------------------------------
remarks:
remarks:        You can find the whois server to query, or the
remarks:        IANA registry to query on this web page:
remarks:        http://www.iana.org/assignments/ipv4-address-space
remarks:
remarks:        You can access databases of other RIRs at:
remarks:
remarks:        AFRINIC (Africa)
remarks:        http://www.afrinic.net/ whois.afrinic.net
remarks:
remarks:        APNIC (Asia Pacific)
remarks:        http://www.apnic.net/ whois.apnic.net
remarks:
remarks:        ARIN (Northern America)
remarks:        http://www.arin.net/  whois.arin.net
remarks:
remarks:        LACNIC (Latin America and the Carribean)
remarks:        http://www.lacnic.net/ whois.lacnic.net
remarks:
remarks:        IANA IPV4 Recovered Address Space
remarks:        http://www.iana.org/assignments/ipv4-recovered-address-space/ipv4-recovered-address-space.xhtml
remarks:
remarks:        ------------------------------------------------------
country:        EU # Country is really world wide
admin-c:        IANA1-RIPE
tech-c:         IANA1-RIPE
status:         ALLOCATED UNSPECIFIED
mnt-by:         RIPE-NCC-HM-MNT
mnt-lower:      RIPE-NCC-HM-MNT
mnt-routes:     RIPE-NCC-RPSL-MNT
created:        2016-11-16T15:56:23Z
last-modified:  2016-11-16T15:56:23Z
source:         RIPE

role:           Internet Assigned Numbers Authority
address:        see http://www.iana.org.
admin-c:        IANA1-RIPE
tech-c:         IANA1-RIPE
nic-hdl:        IANA1-RIPE
remarks:        For more information on IANA services
remarks:        go to IANA web site at http://www.iana.org.
mnt-by:         RIPE-NCC-MNT
created:        1970-01-01T00:00:00Z
last-modified:  2001-09-22T09:31:27Z
source:         RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.88 (WAGYU)



All scans completed, exiting
........................................................................................................................
root@kali:~# dmitry -n google.com #n  ကို သံုးထားတယ္ေနာ္။
Deepmagic Information Gathering Tool
"There be some deep magic going on"

HostIP:216.58.196.14
HostName:google.com

Gathered Netcraft information for google.com
---------------------------------

Retrieving Netcraft.com information for google.com
Netcraft.com Information gathered
..........................................................................................................................
ဒီတစ္ခါေတာ့ n နဲ႔ o ဆိုတဲ့ option ႏွစ္ခုကို တြဲသံုးရေအာင္
root@kali:~# dmitry -on google.com #o နဲ႔ n နွစ္ခု တြဲသံုးထားတယ္ေနာ္
output ဘာလာမလဲ ကိုယ့္ဘာသာ စမ္းသပ္ၾကည့္ပါ။
..........................................................................................................................
root@kali:~# dmitry -no google.com      #ဒီလို ေရးရင္ေတာ့ txt ဖိုင္အေနနဲ႔ ထြက္လာမွာျဖစ္ျပီး
Deepmagic Information Gathering Tool
"There be some deep magic going on"

Writing output to 'google.com.txt' #ဖိုင္နာမည္ကို ဒီမွာ ေဖာ္ျပထားပါတယ္

HostIP:216.58.196.14
HostName:google.com

Gathered Netcraft information for google.com
---------------------------------

Retrieving Netcraft.com information for google.com
Netcraft.com Information gathered

All scans completed, exiting
root@kmn:~# leafpad google.com.txt #output ဖိုင္ကို ၾကည့္ခ်င္ရင္ ဒီလို ေခၚဖြင့္ၾကည့္ႏိုင္ပါတယ္
..........................................................................................................................

လိုအပ္တာေတြ စုေဆာင္းတဲ့ အပိုင္းပဲမို႔ အေသးစိတ္ မေျပာျပေသးဘူးေနာ္
က်န္တ့ဲ  option အားလံုးကို ကိုယ့္ဘာသာ စမ္းၾကည့္ထားၾကပါ



Thanks


Khit Minnyo

1 comment: