Hi everyone, this is the Termux Hacker of Hackingarise, it’s me, IRISnoir. Bringing another tutorial to you to help with your pentesting skills. Now I will get straight into it, today’s topic will be about… rDNS!
Now I know some of you are asking: What is rDNS?
Answer – I will put this short. Reverse DNS (rDNS) is the opposite of Forward DNS. Forward DNS will peel the domain name to look for its IP (e.g.: hackingarise.com → 18.104.22.168). But Reverse DNS will peel the IP to look for the domain name (e.g.: 22.214.171.124 → hackingarise.com).
The requirements for the procedure are:
dnsutils: A package in Termux containing a set of DNS related commands. Install that.
And that’s about it.
What you wanna do is to obtain an IP (I will use Hackingarise site as an example: 126.96.36.199). Then, to perform rDNS on the Hackingarise site, execute this:
dig -x 188.8.131.52
You can replace the IP with something else. This is merely an example.
Now, it should display this:
; <<>> DiG 9.14.6 <<>> -x 184.108.40.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29091 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;220.127.116.11.in-addr.arpa. IN PTR ;; ANSWER SECTION: 18.104.22.168.in-addr.arpa. 86385 IN PTR server.xpandity.com. ;; Query time: 18 msec ;; SERVER: 22.214.171.124#53(126.96.36.199) ;; WHEN: Tue Oct 29 18:26:28 ICT 2019 ;; MSG SIZE rcvd: 90
At the line where it says 'ANSWER SECTION', it will say something like 'server.xpandity.com'. This is your target.
The reason for it to display this is because Hackingarise is using server.xpandity.com as a domain.
I hope you enjoy this tutorial. If you do, please share it around. Also make sure what you are doing won't cause any trouble as Hackingarise won't be responsible for anything you get into. Thank you, stay safe, stay ethical.