SlideShare a Scribd company logo

Information gathering using windows command line utility

Download as PPTX, PDF
Vishal Kumar
Vishal Kumar

Information Gathering using Windows Command Line Utility. advance uses of command prompt, ping, trace route, finding the frame size, TTL, etc.

Education
1 of 22
Information Gathering using Windows Command Line Utility By: Vishal Kumar (CEH | CHFI | CISE | MCP) Lab - 1
Windows offers several powerful command line utilities that help attackers as well as Ethical Hackers and pen testers to gather open source information about the target of the evaluation. Overview of Window’s Command Line Utility.
 As a professional Ethical Hacker or Pen Tester, your first step will be to check for the reachability of a computer in the target network. Operating systems offers serval utilities that you can readily use for primary information-gathering. Windows command-line utilities such as Ping, Nslookup, and tracert gather important information like IP address, maximum Packet Frame size, etc. about a target network or system that form a base of security assessment and pen test. Lab Scenario
 This lab demonstrate how to use ping, Nslookup, and tracert utilities to gather information about a target. The lab teaches how to:  Use ping utilities to find the IP address of a target domain.  Use ping utility to emulate the tracert (traceroute) command  Find the maximum frame size for the network .  Identify Internet Control Message (ICMP) type and code for echo request and echo reply packets. Lab Objective
 Open the command prompt and type the following command: Ping www.theprohackers.in  Here you can see the response of ping command and the IP address of the target that is: 184.168.221.33 1. Finding IP Address of Target Domain
 PING stand for Packet Internet Groper.  Ping command syntax: ping [-q] [-v] [-R] [-c count] [-i Ward] [-s PacketSize] Host.  For the command, ping –c count, specify the number of echo request to send. 2. Finding the Maximum Frame Size of the Target Domain.  Now, find the maximum frame size on the network using the command utility.  Open the command prompt and type the command: ping www.theprohackers.in –f –l 1500
 The response, Packet needs to be fragmented but the DF set, means that the frame is too large to be on the network and need to be fragmented. Since we use the –f switch with the ping command, the packet was not sent, and return this error. Note:- -f switch sets the Do Not Fragment bit on the ping packet. By default, the ping packets allows fragmentation.  Try the different combination of packet size with the ping command until you get the echo reply. Note:- in the ping command, the –l size option means to send the buffer size.
 Observe the maximum packet size is less then 1500 bytes.  Now, try different values until you find the maximum frame size. Note:- The maximum frame size will differ depending upon the target network.
 Every frame on the network has TTL (Time to Live) defined. If TTL reach's 0, the router discard the packets. This mechanism prevents the loss of packets.  Type the command: ping www.theprohackers.in –i 3. this option sets Time to Live (-i) value as 3. Note:- The maximum value you can set for TTL is 255. 3. Now find what happen when the TTL (Time to Live) expires.
 Reply from the target: TTL expired in transit means the router (10.228.21.22) discard the frame, because the TTL has expired (reached 0).  Try the different value of TTL until you get the echo reply from the target.
 Here I find the echo reply when the TTL value in 50. try the different combination of TTL value until you can find the maximum value of TTL on the target network. Note:- In the ping command –n switch used to specify the number of packets to be sent (i.e. -n 2). 4. Emulate Tracert.
 Launch the command prompt and type the command: tracert www.theprohackers.in 
 So here is the output of the tracert command.  As you can see in the above snapshot, tracert command displays the complete route from the attacker machine to the target machine with the IP address and location. 5. Finding the Details using Nslookup command.
 Open the Run and type Nslookup and press Enter. This will open the command prompt with the nslooup with the Default server (DNS) name and Default Address (Address of DNS). 5.1 Obtaining IP Address of the Target Domain.  In the nslookup interactive mode, type set type=a and press Enter. Setting the type a configures nslookup to query for the IP address of a given domain.  Type the target domain www.theprohackers.in and press enter. This resolve the IP address and displays the result as shown.
5.2 Finding Cname of the Target Domain.  Type set type=cname and press enter. Note:-The CNAME lookup is done directly against the domain’s authoritative name server and list the CNAME records for the domain.
 Type the target domain www.theprohackers.in and hit enter. This will return the domain's authoritative name servers, along with the mail server address as shown in the below screenshot.
 Open the nslookup interactive mode and type set type=soa and hit enter.  Now the type the target domain that is www.theprohackers.in and press enter. This command will displays the Primary name server, mail server details. 5.3 Finding SoA (start of Authority) records of the Target Domain.
 In the above screenshot the primary name server is: ns47.domaincontrol.com and the mail address is: dns.jomax.net.
 Open the command prompt on the nslookup mode and type set type=a and press enter.  Now type the primary name server address of the target domain that is ns47.domaincontrol.com and hit enter. This command will display the name and IP address of the primary name server. 5.4 Finding the IP addr. of primary name server of the Target Domain
 In the above screenshot we can see the IP address of the primary name server the is xxx.xxx.xxx.xxx
 The authoritative name server store the records associated with the domain. So, if an attacker can determine the authoritative name server (primary name server) and obtain the associated IP address. He/she might attempt to exploit the sever to perform attacks which includes DoS, DDoS, URL redirection and so on… The conclusion…
For the videos relating to the Hacking please subscribe my YouTube channel: https://www.youtube.com/channel/UCcyYSi1sh1 SmyMlGfB-Vq6A For any query please mail us at theprohackers2017@gmail.com

Recommended

Networking Basics
Networking BasicsNetworking Basics
Networking Basics
Carlo Fonda
 
Operating systems linux
Operating systems linuxOperating systems linux
Operating systems linux
william_morg
 
Linux security
Linux securityLinux security
Linux security
trilokchandra prakash
 
Ubuntu
UbuntuUbuntu
Ubuntu
home
 
History Of Linux
History Of LinuxHistory Of Linux
History Of Linux
anand09
 
Computer Networks Lecture Notes
Computer Networks Lecture NotesComputer Networks Lecture Notes
Computer Networks Lecture Notes
FellowBuddy.com
 
Network hardware
Network hardwareNetwork hardware
Network hardware
snoonan
 
Introduction to Computer Networks Lecture slides ppt
Introduction to Computer Networks Lecture slides pptIntroduction to Computer Networks Lecture slides ppt
Introduction to Computer Networks Lecture slides ppt
Osama Yousaf
 

Recommended

Networking Basics
Networking BasicsNetworking Basics
Networking Basics
Carlo Fonda
 
Operating systems linux
Operating systems linuxOperating systems linux
Operating systems linux
william_morg
 
Linux security
Linux securityLinux security
Linux security
trilokchandra prakash
 
Ubuntu
UbuntuUbuntu
Ubuntu
home
 
History Of Linux
History Of LinuxHistory Of Linux
History Of Linux
anand09
 
Computer Networks Lecture Notes
Computer Networks Lecture NotesComputer Networks Lecture Notes
Computer Networks Lecture Notes
FellowBuddy.com
 
Network hardware
Network hardwareNetwork hardware
Network hardware
snoonan
 
Introduction to Computer Networks Lecture slides ppt
Introduction to Computer Networks Lecture slides pptIntroduction to Computer Networks Lecture slides ppt
Introduction to Computer Networks Lecture slides ppt
Osama Yousaf
 
PPT On INTERNET
PPT On INTERNETPPT On INTERNET
PPT On INTERNET
Umesh Kumar
 
Linux OS presentation
Linux OS presentationLinux OS presentation
Linux OS presentation
SahilGothoskar
 
1st assignment introduction to computer
1st assignment introduction to computer1st assignment introduction to computer
1st assignment introduction to computer
Nadeem Hussain Bajkani
 
FYBSC IT Web Programming Unit I Introduction to Web Programming
FYBSC IT Web Programming Unit I Introduction to Web ProgrammingFYBSC IT Web Programming Unit I Introduction to Web Programming
FYBSC IT Web Programming Unit I Introduction to Web Programming
Arti Parab Academics
 
Osi , tcp/ip protocol and Addressing
Osi , tcp/ip protocol and Addressing Osi , tcp/ip protocol and Addressing
Osi , tcp/ip protocol and Addressing
marwan aldulaimy
 
Edge Computing.pptx
Edge Computing.pptxEdge Computing.pptx
Edge Computing.pptx
PriyaMaurya52
 
Introduction of computer network
Introduction of computer networkIntroduction of computer network
Introduction of computer network
Vivek Kumar Sinha
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
Hitesh Mohapatra
 
Server client-presentation.
Server client-presentation.Server client-presentation.
Server client-presentation.
Norvy Villanueva
 
Introduction to linux ppt
Introduction to linux pptIntroduction to linux ppt
Introduction to linux ppt
Omi Vichare
 
Introduction to Linux basic
Introduction to Linux basicIntroduction to Linux basic
Introduction to Linux basic
f114n
 
Introduction to Ubuntu
Introduction to UbuntuIntroduction to Ubuntu
Introduction to Ubuntu
Khairul Aizat Kamarudzzaman
 
comparing windows and linux ppt
comparing windows and linux pptcomparing windows and linux ppt
comparing windows and linux ppt
Shivalik college of engineering
 
Basic unix commands
Basic unix commandsBasic unix commands
Basic unix commands
srinivas damarla
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and Protocols
Abdullah Alfadhly
 
Iot and cloud computing
Iot and cloud computingIot and cloud computing
Iot and cloud computing
eteshagarwal1
 
Computer Networking fundamentals
Computer Networking fundamentals Computer Networking fundamentals
Computer Networking fundamentals
Kirti Verma
 
Cisco Packet Tracer Overview
Cisco Packet Tracer OverviewCisco Packet Tracer Overview
Cisco Packet Tracer Overview
Ali Usman
 
APAN 54: Introducing the IETF
APAN 54: Introducing the IETFAPAN 54: Introducing the IETF
APAN 54: Introducing the IETF
APNIC
 
Linux file system
Linux file systemLinux file system
Linux file system
Midaga Mengistu
 
Pace IT - Admin Tools (Part 3)
Pace IT - Admin Tools (Part 3)Pace IT - Admin Tools (Part 3)
Pace IT - Admin Tools (Part 3)
Pace IT at Edmonds Community College
 
List Command at Run
List Command at RunList Command at Run
List Command at Run
Imam Dermawan
 

More Related Content

What's hot

What's hot (20)

PPT On INTERNET
PPT On INTERNETPPT On INTERNET
PPT On INTERNET
 
Linux OS presentation
Linux OS presentationLinux OS presentation
Linux OS presentation
 
1st assignment introduction to computer
1st assignment introduction to computer1st assignment introduction to computer
1st assignment introduction to computer
 
FYBSC IT Web Programming Unit I Introduction to Web Programming
FYBSC IT Web Programming Unit I Introduction to Web ProgrammingFYBSC IT Web Programming Unit I Introduction to Web Programming
FYBSC IT Web Programming Unit I Introduction to Web Programming
 
Osi , tcp/ip protocol and Addressing
Osi , tcp/ip protocol and Addressing Osi , tcp/ip protocol and Addressing
Osi , tcp/ip protocol and Addressing
 
Edge Computing.pptx
Edge Computing.pptxEdge Computing.pptx
Edge Computing.pptx
 
Introduction of computer network
Introduction of computer networkIntroduction of computer network
Introduction of computer network
 
IoT Networking Part 2
IoT Networking Part 2IoT Networking Part 2
IoT Networking Part 2
 
Server client-presentation.
Server client-presentation.Server client-presentation.
Server client-presentation.
 
Introduction to linux ppt
Introduction to linux pptIntroduction to linux ppt
Introduction to linux ppt
 
Introduction to Linux basic
Introduction to Linux basicIntroduction to Linux basic
Introduction to Linux basic
 
Introduction to Ubuntu
Introduction to UbuntuIntroduction to Ubuntu
Introduction to Ubuntu
 
comparing windows and linux ppt
comparing windows and linux pptcomparing windows and linux ppt
comparing windows and linux ppt
 
Basic unix commands
Basic unix commandsBasic unix commands
Basic unix commands
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and Protocols
 
Iot and cloud computing
Iot and cloud computingIot and cloud computing
Iot and cloud computing
 
Computer Networking fundamentals
Computer Networking fundamentals Computer Networking fundamentals
Computer Networking fundamentals
 
Cisco Packet Tracer Overview
Cisco Packet Tracer OverviewCisco Packet Tracer Overview
Cisco Packet Tracer Overview
 
APAN 54: Introducing the IETF
APAN 54: Introducing the IETFAPAN 54: Introducing the IETF
APAN 54: Introducing the IETF
 
Linux file system
Linux file systemLinux file system
Linux file system
 

Viewers also liked

File management ppt
File management pptFile management ppt
File management ppt
marotti
 

Viewers also liked (6)

Pace IT - Admin Tools (Part 3)
Pace IT - Admin Tools (Part 3)Pace IT - Admin Tools (Part 3)
Pace IT - Admin Tools (Part 3)
 
List Command at Run
List Command at RunList Command at Run
List Command at Run
 
100+ run commands for windows
100+ run commands for windows 100+ run commands for windows
100+ run commands for windows
 
ITE - Chapter 5
ITE - Chapter 5ITE - Chapter 5
ITE - Chapter 5
 
File management ppt
File management pptFile management ppt
File management ppt
 
File management
File managementFile management
File management
 

Similar to Information gathering using windows command line utility

Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdfFigure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
orderfabfirki
 
Please help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdfPlease help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdf
support58
 
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docxWireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
alanfhall8953
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
Wireshark ip sept_15_2009
Wireshark ip sept_15_2009Wireshark ip sept_15_2009
Wireshark ip sept_15_2009
wab030
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
adampcarr67227
 
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
LaticiaGrissomzz
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
carliotwaycave
 

Similar to Information gathering using windows command line utility (20)

Saad baig practical file
Saad baig practical fileSaad baig practical file
Saad baig practical file
 
Intimacy with MSF - Metasploit Framework
Intimacy with MSF - Metasploit FrameworkIntimacy with MSF - Metasploit Framework
Intimacy with MSF - Metasploit Framework
 
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdfFigure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
 
Please help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdfPlease help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdf
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 
Cyber security and ethical hacking 3
Cyber security and ethical hacking 3Cyber security and ethical hacking 3
Cyber security and ethical hacking 3
 
Footprinting LAB SETUP GUIDE.pdf
Footprinting LAB SETUP GUIDE.pdfFootprinting LAB SETUP GUIDE.pdf
Footprinting LAB SETUP GUIDE.pdf
 
ip_spoofing.pdf
ip_spoofing.pdfip_spoofing.pdf
ip_spoofing.pdf
 
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docxWireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
 
Itep
ItepItep
Itep
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
 
80133823 backdor-nectcat-through-smb
80133823 backdor-nectcat-through-smb80133823 backdor-nectcat-through-smb
80133823 backdor-nectcat-through-smb
 
Wireshark ip sept_15_2009
Wireshark ip sept_15_2009Wireshark ip sept_15_2009
Wireshark ip sept_15_2009
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
 
Osi model
Osi modelOsi model
Osi model
 
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
 
introducing PING comand
introducing PING comandintroducing PING comand
introducing PING comand
 
Network and Internet Security.docx
Network and Internet Security.docxNetwork and Internet Security.docx
Network and Internet Security.docx
 
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
 
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docxINFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
INFA 620Laboratory 4 Configuring a FirewallIn this exercise.docx
 

More from Vishal Kumar

More from Vishal Kumar (20)

Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement Matrice
 
The Complete Questionnaires About Firewall
The Complete Questionnaires About FirewallThe Complete Questionnaires About Firewall
The Complete Questionnaires About Firewall
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
 
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolE-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
 
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitPrivileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
 
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionExploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
 
Auditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackAuditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrack
 
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsDumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2
 
The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)
 
Hawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareHawkeye the Credential Theft Maalware
Hawkeye the Credential Theft Maalware
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threats
 
Exploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationExploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web application
 
Mirroring web site using ht track
Mirroring web site using ht trackMirroring web site using ht track
Mirroring web site using ht track
 
Collecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterCollecting email from the target domain using the harvester
Collecting email from the target domain using the harvester
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 
Social engineering
Social engineeringSocial engineering
Social engineering
 

Recently uploaded

The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 
plant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated cropsplant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated crops
parmarsneha2
 
Accounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdfAccounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdf
YibeltalNibretu
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
joachimlavalley1
 

Recently uploaded (20)

PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
 
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
50 ĐỀ LUYỆN THI IOE LỚP 9 - NĂM HỌC 2022-2023 (CÓ LINK HÌNH, FILE AUDIO VÀ ĐÁ...
 
Fish and Chips - have they had their chips
Fish and Chips - have they had their chipsFish and Chips - have they had their chips
Fish and Chips - have they had their chips
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
How to Create Map Views in the Odoo 17 ERP
How to Create Map Views in the Odoo 17 ERPHow to Create Map Views in the Odoo 17 ERP
How to Create Map Views in the Odoo 17 ERP
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
 
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 
plant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated cropsplant breeding methods in asexually or clonally propagated crops
plant breeding methods in asexually or clonally propagated crops
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
Accounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdfAccounting and finance exit exam 2016 E.C.pdf
Accounting and finance exit exam 2016 E.C.pdf
 
NCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdfNCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdf
 
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
 

Information gathering using windows command line utility

  • 1. Information Gathering using Windows Command Line Utility By: Vishal Kumar (CEH | CHFI | CISE | MCP) Lab - 1
  • 2. Windows offers several powerful command line utilities that help attackers as well as Ethical Hackers and pen testers to gather open source information about the target of the evaluation. Overview of Window’s Command Line Utility.
  • 3.  As a professional Ethical Hacker or Pen Tester, your first step will be to check for the reachability of a computer in the target network. Operating systems offers serval utilities that you can readily use for primary information-gathering. Windows command-line utilities such as Ping, Nslookup, and tracert gather important information like IP address, maximum Packet Frame size, etc. about a target network or system that form a base of security assessment and pen test. Lab Scenario
  • 4.  This lab demonstrate how to use ping, Nslookup, and tracert utilities to gather information about a target. The lab teaches how to:  Use ping utilities to find the IP address of a target domain.  Use ping utility to emulate the tracert (traceroute) command  Find the maximum frame size for the network .  Identify Internet Control Message (ICMP) type and code for echo request and echo reply packets. Lab Objective
  • 5.  Open the command prompt and type the following command: Ping www.theprohackers.in  Here you can see the response of ping command and the IP address of the target that is: 184.168.221.33 1. Finding IP Address of Target Domain
  • 6.  PING stand for Packet Internet Groper.  Ping command syntax: ping [-q] [-v] [-R] [-c count] [-i Ward] [-s PacketSize] Host.  For the command, ping –c count, specify the number of echo request to send. 2. Finding the Maximum Frame Size of the Target Domain.  Now, find the maximum frame size on the network using the command utility.  Open the command prompt and type the command: ping www.theprohackers.in –f –l 1500
  • 7.  The response, Packet needs to be fragmented but the DF set, means that the frame is too large to be on the network and need to be fragmented. Since we use the –f switch with the ping command, the packet was not sent, and return this error. Note:- -f switch sets the Do Not Fragment bit on the ping packet. By default, the ping packets allows fragmentation.  Try the different combination of packet size with the ping command until you get the echo reply. Note:- in the ping command, the –l size option means to send the buffer size.
  • 8.  Observe the maximum packet size is less then 1500 bytes.  Now, try different values until you find the maximum frame size. Note:- The maximum frame size will differ depending upon the target network.
  • 9.  Every frame on the network has TTL (Time to Live) defined. If TTL reach's 0, the router discard the packets. This mechanism prevents the loss of packets.  Type the command: ping www.theprohackers.in –i 3. this option sets Time to Live (-i) value as 3. Note:- The maximum value you can set for TTL is 255. 3. Now find what happen when the TTL (Time to Live) expires.
  • 10.  Reply from the target: TTL expired in transit means the router (10.228.21.22) discard the frame, because the TTL has expired (reached 0).  Try the different value of TTL until you get the echo reply from the target.
  • 11.  Here I find the echo reply when the TTL value in 50. try the different combination of TTL value until you can find the maximum value of TTL on the target network. Note:- In the ping command –n switch used to specify the number of packets to be sent (i.e. -n 2). 4. Emulate Tracert.
  • 12.  Launch the command prompt and type the command: tracert www.theprohackers.in 
  • 13.  So here is the output of the tracert command.  As you can see in the above snapshot, tracert command displays the complete route from the attacker machine to the target machine with the IP address and location. 5. Finding the Details using Nslookup command.
  • 14.  Open the Run and type Nslookup and press Enter. This will open the command prompt with the nslooup with the Default server (DNS) name and Default Address (Address of DNS). 5.1 Obtaining IP Address of the Target Domain.  In the nslookup interactive mode, type set type=a and press Enter. Setting the type a configures nslookup to query for the IP address of a given domain.  Type the target domain www.theprohackers.in and press enter. This resolve the IP address and displays the result as shown.
  • 15. 5.2 Finding Cname of the Target Domain.  Type set type=cname and press enter. Note:-The CNAME lookup is done directly against the domain’s authoritative name server and list the CNAME records for the domain.
  • 16.  Type the target domain www.theprohackers.in and hit enter. This will return the domain's authoritative name servers, along with the mail server address as shown in the below screenshot.
  • 17.  Open the nslookup interactive mode and type set type=soa and hit enter.  Now the type the target domain that is www.theprohackers.in and press enter. This command will displays the Primary name server, mail server details. 5.3 Finding SoA (start of Authority) records of the Target Domain.
  • 18.  In the above screenshot the primary name server is: ns47.domaincontrol.com and the mail address is: dns.jomax.net.
  • 19.  Open the command prompt on the nslookup mode and type set type=a and press enter.  Now type the primary name server address of the target domain that is ns47.domaincontrol.com and hit enter. This command will display the name and IP address of the primary name server. 5.4 Finding the IP addr. of primary name server of the Target Domain
  • 20.  In the above screenshot we can see the IP address of the primary name server the is xxx.xxx.xxx.xxx
  • 21.  The authoritative name server store the records associated with the domain. So, if an attacker can determine the authoritative name server (primary name server) and obtain the associated IP address. He/she might attempt to exploit the sever to perform attacks which includes DoS, DDoS, URL redirection and so on… The conclusion…
  • 22. For the videos relating to the Hacking please subscribe my YouTube channel: https://www.youtube.com/channel/UCcyYSi1sh1 SmyMlGfB-Vq6A For any query please mail us at theprohackers2017@gmail.com