Perform Reverse DNS Lookup using Reverse IP Domain Check and DNSRecon

DNS lookup is used for finding the IP addresses for a given domain name, and the reverse DNS operation is performed to obtain the domain name of a given IP address.

Here, we will perform reverse DNS lookup using you get signal’s Reverse IP Domain Check tool to find the other domains/sites that share the same web server as our target server.

Here, we will also perform a reverse DNS lookup using DNSRecon on IP range in an attempt to locate a DNS PTR record for those IP addresses.

DNSRecon is a Python port of a Ruby script that I wrote to learn the language and about DNS in early 2007. This time I wanted to learn about Python and extend the functionality of the original tool and in the process re-learn how DNS works and how could it be used in the process of a security assessment and network troubleshooting.

Now type ./dnsrecon.py -r 23.32.5.0-23.32.5.255 and press Enter to locate a DNS PTR record for IP addresses between 23.32.5.0-162.23.32.5.255.

Here, we will use the IP address range, which includes the IP address of our

target, that is, the certifiedhacker.com domain (162.241.216.11), which we

acquired in the previous steps.

-r option specifies the range of IP addresses (first-last) for reverse lookup brute

force.

This concludes the demonstration of gathering information about a target organization by performing reverse DNS lookup using “you get signal’s” Reverse IP Domain Check and DNSRecon tool.