1
00:00:02,270 --> 00:00:06,310
In this lecture, you will manipulate the domain name system the and.

2
00:00:07,430 --> 00:00:15,770
Hackers can find a treasure trove of information on a target in its domain name system DNS, so DNS

3
00:00:15,770 --> 00:00:18,350
is a critical component of the internet.

4
00:00:18,680 --> 00:00:27,740
So and although it's designed to translate domain names to IP addresses so A. can use it to garner information

5
00:00:27,740 --> 00:00:28,430
on the target.

6
00:00:30,310 --> 00:00:36,910
And Dennis is a service that translates a domain name like, for example.

7
00:00:38,710 --> 00:00:46,750
Let's open their browser, and they will, for example, Google that come to appropriate IP address.

8
00:00:48,510 --> 00:00:56,670
So I will show you an installation of the end this year will come here.

9
00:00:58,110 --> 00:01:04,320
Actually, our internet is disconnected because I log out our.

10
00:01:06,380 --> 00:01:10,070
Network adapter here, and I will fix it now here.

11
00:01:11,850 --> 00:01:14,210
Let's see if I see a doctor go.

12
00:01:14,670 --> 00:01:15,510
Uh, we will.

13
00:01:16,560 --> 00:01:23,130
Conduct a core here, and I will search here the in this, uh.

14
00:01:23,430 --> 00:01:27,630
And I want to show you an illustration here for better understanding.

15
00:01:28,660 --> 00:01:31,150
Uh, so actually.

16
00:01:32,180 --> 00:01:32,840
In this.

17
00:01:35,030 --> 00:01:35,530
War.

18
00:01:42,200 --> 00:01:47,480
Here, as you can see here, the uh, let me open here.

19
00:01:48,540 --> 00:01:54,330
So, um, this is them our possible attacks here.

20
00:01:55,560 --> 00:02:01,290
So first, I want to talk about, uh uh, is, uh, Google here, for example.

21
00:02:02,070 --> 00:02:09,870
Um, it DNS is a service that translates a domain name, uh, for example, like, uh, Google dot com

22
00:02:10,500 --> 00:02:12,180
to IP address.

23
00:02:13,250 --> 00:02:20,780
So the way your system knows how to get to do it, so without Dennis, we will all have to remember

24
00:02:20,780 --> 00:02:24,290
thousands of IP addresses like that.

25
00:02:24,290 --> 00:02:29,960
For example, in Google, it might be Google Dot com, for example.

26
00:02:29,960 --> 00:02:44,450
It might be one hundred sixty two point eight five eight two here and one hundred thirty two, for example.

27
00:02:44,630 --> 00:02:46,790
So we talked in this.

28
00:02:46,790 --> 00:02:54,260
You have to remember all of these IP addresses without is, uh, logically of the alphabet.

29
00:02:54,260 --> 00:02:59,120
The numbers ordinance converts your domain name to IP address.

30
00:02:59,780 --> 00:03:02,840
So and.

31
00:03:05,800 --> 00:03:10,260
One of the most useful commands for the aspiring hacker is a thick.

32
00:03:11,080 --> 00:03:16,150
Which offers a way to gather DNS information about the target domain.

33
00:03:16,630 --> 00:03:23,320
So the sturdiness information can be a key piece of eerie reconnaissance to obtain before attacking.

34
00:03:23,990 --> 00:03:30,760
So this information called include the IP address of the targets, name servers or the server that translates

35
00:03:31,360 --> 00:03:38,170
to Target's name to an IP address, so the target's email server and potential and its subdomains and

36
00:03:38,170 --> 00:03:38,950
IP addresses.

37
00:03:39,370 --> 00:03:45,430
For instance, let's open our terminal here and enter the big league.

38
00:03:46,120 --> 00:03:55,210
For example, Google Dot Com, you know, as you can see here and we got information from Google here,

39
00:03:55,210 --> 00:03:56,620
as you can see here.

40
00:03:59,570 --> 00:03:59,960
So.

41
00:04:03,310 --> 00:04:09,360
Here and also, as you can see here, we have additional section here.

42
00:04:10,150 --> 00:04:12,910
Degree was the IP address here.

43
00:04:14,610 --> 00:04:20,910
Um, IP address of the DNS server for surfing and Google dot com.

44
00:04:21,120 --> 00:04:28,950
So you can also use that the command to get information on email servers connected to a domain by adding

45
00:04:28,950 --> 00:04:30,480
an X option.

46
00:04:30,780 --> 00:04:35,460
So Amex makes the net short for mail exchange server.

47
00:04:35,460 --> 00:04:40,020
As you can see here, we get so much information about that and for section here.

48
00:04:40,350 --> 00:04:43,110
This is the Google's IP addresses, for example.

49
00:04:43,110 --> 00:04:46,410
Let's get a mix here, right?

50
00:04:46,420 --> 00:04:51,150
A mix here, and we will get, uh, these information here.

51
00:04:51,780 --> 00:04:52,680
So what is this?

52
00:04:54,570 --> 00:05:00,660
This is the information is critical for attacks on and on e-mail systems.

53
00:05:00,930 --> 00:05:09,090
So, for example, info on the Google dot com email servers is shown in the authority sections here.

54
00:05:12,660 --> 00:05:14,070
As you can see here.

55
00:05:16,260 --> 00:05:26,280
Uh, so the most common Linux in a server is the, uh, purple, the internet's named domain b b in

56
00:05:26,280 --> 00:05:26,670
the.

57
00:05:27,000 --> 00:05:37,470
So in some cases, Linux users will refer DNS as B and D, but don't get, uh, B converts or the innocent

58
00:05:37,470 --> 00:05:42,720
B on the be able to map individual domain names to IP addresses.

59
00:05:43,690 --> 00:05:52,320
Uh, we can change our DNS um, server as well, though in some cases you may want to use another adding

60
00:05:52,320 --> 00:05:52,950
a server.

61
00:05:53,370 --> 00:05:56,830
So to do so, you will edit the plain text file names.

62
00:05:56,910 --> 00:05:57,660
Uh, here.

63
00:05:57,700 --> 00:06:04,410
Uh, cut it c uh, restore that Conficker.

64
00:06:05,130 --> 00:06:07,940
Conficker, as you can see here, this is out.

65
00:06:07,950 --> 00:06:10,260
Uh, this is just a small file.

66
00:06:10,260 --> 00:06:18,560
As you can see here we read, uh, it with can't month cut program, so let's open it with leave at

67
00:06:18,750 --> 00:06:19,830
the path.

68
00:06:19,950 --> 00:06:28,260
Actually, it's not mousepad right, must, but it is here so that can here.

69
00:06:29,780 --> 00:06:34,940
So here you will see, and as you can see here, there is a four.

70
00:06:35,540 --> 00:06:44,570
So this is the read, as you can see here for for writing we we have to use sudo command into your college

71
00:06:44,640 --> 00:06:45,170
password.

72
00:06:45,500 --> 00:06:48,260
And as you can see here, this is the variety bill now.

73
00:06:48,980 --> 00:06:58,280
So because of in which our current user, we cannot edit system files, but I used pseudo here.

74
00:06:59,510 --> 00:07:08,600
So now when from the uh, resolv.conf configuration file, the ATC directory directory in my specified

75
00:07:08,600 --> 00:07:12,980
graphical to text editor is, um, musketeer.

76
00:07:13,310 --> 00:07:23,480
So as you can see on Line three here, uh, my name server is set to, uh, a local DNS server, um

77
00:07:24,410 --> 00:07:33,170
uh, one hundred ninety two point one hundred eight, uh, six to eight point fifty eight point two.

78
00:07:35,230 --> 00:07:35,860
And.

79
00:07:38,930 --> 00:07:40,520
And that works fine.

80
00:07:41,210 --> 00:07:49,340
But this, as you can see here, we can use we can use our tool means, for example, if I want to go

81
00:07:49,340 --> 00:07:50,230
to Facebook.

82
00:07:50,900 --> 00:07:52,220
Facebook dot com.

83
00:07:52,580 --> 00:07:54,410
It works, uh, here.

84
00:07:55,400 --> 00:08:01,790
Or if I want to go to Wikipedia here, uh, it works here too, as you can see here.

85
00:08:02,450 --> 00:08:12,950
But if I want to change my DNS server, uh, we we can either replace it with this inside this file

86
00:08:12,950 --> 00:08:13,250
here.

87
00:08:13,280 --> 00:08:22,580
So Google's public DNS server is 8.8.8.8, so I will add the this DNS here.

88
00:08:22,580 --> 00:08:31,910
But first, I want to show you here, uh, Google actually Dr. here.

89
00:08:32,910 --> 00:08:38,400
And go, and this year, I will add Google DNS to my.

90
00:08:40,370 --> 00:08:41,780
Uh, file here.

91
00:08:42,620 --> 00:08:44,690
Google the and as.

92
00:08:47,480 --> 00:08:53,140
Here, and I want to show you what is building this.

93
00:08:54,110 --> 00:08:55,460
As you can see here.

94
00:08:58,860 --> 00:09:00,900
8.8.8.8 here.

95
00:09:04,860 --> 00:09:14,040
As you can see, this is a global city and as, uh, so we we can use Cloudflare seeing this as well

96
00:09:14,040 --> 00:09:14,430
here.

97
00:09:15,270 --> 00:09:22,650
But in this case, I will use the Wall DNS, as you can see here, there's so much being said or see

98
00:09:22,650 --> 00:09:22,800
it.

99
00:09:23,400 --> 00:09:26,940
Quote for DNS is one point one point one point one.

100
00:09:27,810 --> 00:09:31,530
But Google is eight point eight point eight point eight.

101
00:09:32,010 --> 00:09:33,690
So let's change.

102
00:09:35,170 --> 00:09:41,470
Uh, these two 8.8.8.8 here.

103
00:09:41,830 --> 00:09:47,080
And uh, I will add this line to here and.

104
00:09:49,180 --> 00:09:50,850
Just save the file.

105
00:09:52,340 --> 00:10:00,500
So how you can also achieve the same result in exclusively from the common line by entering air.

106
00:10:02,380 --> 00:10:07,920
And call here, name, sir.

107
00:10:10,270 --> 00:10:12,410
8.8.8.8.

108
00:10:13,630 --> 00:10:14,380
And.

109
00:10:17,720 --> 00:10:20,410
Show your cell phone.

110
00:10:20,600 --> 00:10:21,000
Yeah.

111
00:10:21,650 --> 00:10:26,750
Uh, it's uh, we will use pseudo rights because we cannot override.

112
00:10:28,620 --> 00:10:30,400
And if I see her so I want.

113
00:10:31,220 --> 00:10:35,770
Uh, let's check our minds, but as you can see here, we changed it.

114
00:10:36,670 --> 00:10:37,090
So.

115
00:10:45,100 --> 00:10:47,050
If you open them.

116
00:10:48,330 --> 00:10:56,280
It is a resolve configuration file now you shall see that it points DNS requests to Google DNS server

117
00:10:56,280 --> 00:10:59,970
rather than your local DNS server to resolve.

118
00:11:01,440 --> 00:11:09,240
Your system will now go out to the Google public DNS server to resolve domain names to IP addresses.

119
00:11:09,780 --> 00:11:17,100
This can mean domain names take a little longer to resolve problems in milliseconds and therefore to

120
00:11:17,100 --> 00:11:21,690
maintain speed, but to keep the option of using the public server.

121
00:11:22,290 --> 00:11:28,440
You might want to retrain the local DNS server in the install configuration file and follow it with

122
00:11:28,440 --> 00:11:28,600
them.

123
00:11:29,010 --> 00:11:38,930
Public DNS server the operating system and queries each DNS server list and listed in order to order

124
00:11:38,940 --> 00:11:48,150
it appears in its resolve and configuration file, so the system will only refer to the public DNS server

125
00:11:48,150 --> 00:11:52,290
if the domain name can't form in the local DNS server.