Perform Reverse DNS Lookup using Reverse IP Domain Check and DNSRecon
DNS lookup is used for finding the IP addresses for a given domain name, and the reverse DNS operation is performed to obtain the domain name of a given IP address.
Here, we will perform reverse DNS lookup using you get signal’s Reverse IP Domain Check tool to find the other domains/sites that share the same web server as our target server.
Here, we will also perform a reverse DNS lookup using DNSRecon on IP range in an attempt to locate a DNS PTR record for those IP addresses.
DNSRecon is a Python port of a Ruby script that I wrote to learn the language and about DNS in early 2007. This time I wanted to learn about Python and extend the functionality of the original tool and in the process re-learn how DNS works and how could it be used in the process of a security assessment and network troubleshooting.
Now type ./dnsrecon.py -r 126.96.36.199-188.8.131.52 and press Enter to locate a DNS PTR record for IP addresses between 184.108.40.206-220.127.116.11.255.
Here, we will use the IP address range, which includes the IP address of our
target, that is, the certifiedhacker.com domain (18.104.22.168), which we
acquired in the previous steps.
-r option specifies the range of IP addresses (first-last) for reverse lookup brute
This concludes the demonstration of gathering information about a target organization by performing reverse DNS lookup using “you get signal’s” Reverse IP Domain Check and DNSRecon tool.