1
00:00:00,960 --> 00:00:08,280
Hello, everyone, and welcome to this video and this video we are going to understand about what is

2
00:00:08,280 --> 00:00:08,910
DNS.

3
00:00:10,050 --> 00:00:18,270
Why are we going to learn about DNS, DNS is a very, very important to understand how the communication

4
00:00:18,270 --> 00:00:25,450
is happening between the client and the server or how the client is actually able to reach to the server.

5
00:00:26,280 --> 00:00:30,870
There are many different records that are listed into a DNS.

6
00:00:32,090 --> 00:00:40,460
And for subdomain take-over types of attack, we need to understand actually how DNS works, because

7
00:00:40,460 --> 00:00:47,320
that will make this process much more simpler to understand subdomain tekoa when liabilities.

8
00:00:48,650 --> 00:00:51,020
So first, clearing the basics about DNS.

9
00:00:51,950 --> 00:00:55,660
DNS stands for domain name system or domain name service.

10
00:00:56,390 --> 00:01:05,010
It runs on port number 53 and DNS itself has multiple records, as you can see on the screen.

11
00:01:05,720 --> 00:01:10,610
So let's start with the first record, which is the A record, as you can see here.

12
00:01:11,300 --> 00:01:17,190
So A record means the hostname will point to an IP address.

13
00:01:17,780 --> 00:01:19,370
What does this mean actually?

14
00:01:20,090 --> 00:01:22,050
So into any server.

15
00:01:22,160 --> 00:01:28,280
So let's say the server is srsecure.xyz.

16
00:01:28,850 --> 00:01:34,830
So into this server there will be A record and that A record will tell.

17
00:01:35,180 --> 00:01:35,670
All right.

18
00:01:35,960 --> 00:01:43,640
So this hostname should be pointed to this specific IP address, for example, srsecure should

19
00:01:43,640 --> 00:01:51,050
be pointed to IP address, which is let's say 192.168.1.100.

20
00:01:51,740 --> 00:01:56,240
So now whenever a client like Rohit or you.

21
00:01:57,850 --> 00:02:04,480
Try to point srsecure.xyz into your browser, or when you try to open this into your

22
00:02:04,480 --> 00:02:11,800
URL bar of your Chrome browser or Firefox browser, you are automatically pointing to this IP address

23
00:02:11,800 --> 00:02:16,660
or you are able to open the website, which is hosted under this particular IP address.

24
00:02:17,290 --> 00:02:26,080
How this works, this is working because of the A record when we are sending a request to srsecure.xyz

25
00:02:26,080 --> 00:02:35,260
then from its DNS records, a record checks that this hostname actually points to this IP

26
00:02:35,260 --> 00:02:35,710
address.

27
00:02:36,010 --> 00:02:41,550
And remember, machine does not understand names, machine understand numbers.

28
00:02:41,890 --> 00:02:49,840
So each server has its own unique IP address and by default we are pointing to this IP address and hence

29
00:02:49,840 --> 00:02:53,100
we are able to connect it to this IP address.

30
00:02:53,440 --> 00:02:57,580
Now, for example, if you want to see this practical, let me open up a new window.

31
00:02:58,480 --> 00:03:07,360
And here, here, let me try to ping Google dot com and you can see I'm getting a reply from Google

32
00:03:07,360 --> 00:03:09,460
dot com 64 bytes reply.

33
00:03:09,790 --> 00:03:13,660
And here you can see IP address from where I'm getting a reply from.

34
00:03:14,240 --> 00:03:17,440
Now, if I try to open Google dot com.

35
00:03:17,920 --> 00:03:20,230
So let me try to open Google dot com.

36
00:03:22,040 --> 00:03:29,520
over here and you can see I'm able to open it now if I give the IP address over here and hit enter.

37
00:03:29,890 --> 00:03:32,670
And let's see if I'm able to open it and it gets opened.

38
00:03:33,320 --> 00:03:41,000
Now, this means that I can open Google dot com with the help of the  URL or the name, as well as with

39
00:03:41,000 --> 00:03:42,680
the help of the IP address.

40
00:03:43,340 --> 00:03:52,160
This is basically happening because the name itself is pointing to Google dot com and this happens due

41
00:03:52,160 --> 00:03:53,390
to  A record.

42
00:03:54,650 --> 00:03:55,190
All right.

43
00:03:55,520 --> 00:03:58,870
Let's move ahead to the next record, which is the CName record.

44
00:03:59,420 --> 00:04:05,770
Now, CName itself, the name is C, which stands for canonical.

45
00:04:06,350 --> 00:04:09,020
Now, this points hostname to hostname name.

46
00:04:09,590 --> 00:04:10,430
What does this mean?

47
00:04:10,880 --> 00:04:13,670
This means that, for example.

48
00:04:16,100 --> 00:04:18,530
srsecure.xyz.

49
00:04:19,040 --> 00:04:26,780
Now, if I write over here, let's say, www.srsecure.xyz this means if anyone

50
00:04:26,780 --> 00:04:35,240
types this into their browsers, then they should automatically get redirected to a srsecure.xyz

51
00:04:35,240 --> 00:04:38,360
and not get redirected to any other Web site.

52
00:04:38,930 --> 00:04:43,460
Now, here's what we have done, is we are pointing a hostname to a hostname.

53
00:04:44,000 --> 00:04:47,200
Now this relationship is called CName

54
00:04:47,660 --> 00:04:51,560
So let's see the practical quickly and understand how this actually works.

55
00:04:53,000 --> 00:04:58,550
So let me just quickly login into my C Panel server and let's quickly see this.

56
00:05:00,440 --> 00:05:06,290
So as you can see over here, I have logged in successfully into my server and here I am into my zone

57
00:05:06,290 --> 00:05:09,960
record, which is basically the DNS, as you can see over here.

58
00:05:10,490 --> 00:05:10,940
All right.

59
00:05:11,240 --> 00:05:15,110
Now, let me quickly show you A record, which is this button.

60
00:05:15,110 --> 00:05:19,270
You can see a hostname is pointing to an IP address.

61
00:05:19,610 --> 00:05:23,350
So this is the IP address of the server of srsecure.xyz.

62
00:05:23,900 --> 00:05:30,890
And if I show you if I try to remove this and if I tried to type a hostname, it's a Google dot com,

63
00:05:30,980 --> 00:05:37,610
then it will throw error and it would say you must specify a valid IP before address, which means I

64
00:05:37,610 --> 00:05:40,580
cannot point a hostname into a record.

65
00:05:40,820 --> 00:05:42,280
And we already learned that.

66
00:05:43,100 --> 00:05:44,700
So I'm just going to cancel this.

67
00:05:45,110 --> 00:05:45,590
All right.

68
00:05:45,980 --> 00:05:47,820
Now let's see a CName record.

69
00:05:48,080 --> 00:05:54,980
So for CName record as you can see over here a host name, which is www.srsecure.xyz

70
00:05:54,980 --> 00:06:00,320
is pointing to srsecure.xyz through a CName.

71
00:06:00,620 --> 00:06:06,150
And if I tried to modify this and let's say I put an IP address, then it is going to throw error,

72
00:06:06,150 --> 00:06:13,820
which says you must specify a valid CName record because this is not a canonical name, it is an IP

73
00:06:13,820 --> 00:06:19,700
address and we have seen in Cname record we point host names to host name.

74
00:06:20,300 --> 00:06:27,650
And if I try to write Google dot com over here, then anyone who visits the www.srsecure.xyz

75
00:06:27,650 --> 00:06:30,610
is going to get redirected to Google dot com.

76
00:06:31,220 --> 00:06:42,230
So let's do this simple experiment when I'm going to redirect www to srsecure.xyz to GitHub

77
00:06:42,230 --> 00:06:42,770
dot com.

78
00:06:43,130 --> 00:06:49,890
So I have just created this new CName right now and let's see if this works or not.

79
00:06:50,210 --> 00:06:51,920
So let me first copy this.

80
00:06:54,600 --> 00:07:01,920
let me open my terminal, and let's see if we are able to see if this is working or not.

81
00:07:02,370 --> 00:07:06,890
So let me just try to ping this first and you can see I'm getting a reply.

82
00:07:07,260 --> 00:07:07,710
All right.

83
00:07:07,980 --> 00:07:12,750
So I'm getting a reply from this IP address and let's see, which is this IP address from where I'm

84
00:07:12,750 --> 00:07:13,530
getting reply.

85
00:07:14,520 --> 00:07:20,780
And you can see I'm getting an IP address from I'm getting a ping reply from Amazon AWS.

86
00:07:21,240 --> 00:07:21,870
All right.

87
00:07:22,260 --> 00:07:23,760
Now, let's see.

88
00:07:24,150 --> 00:07:25,860
This IP address belongs to whom?

89
00:07:26,430 --> 00:07:31,310
So let me just try to open this into my browser and let's see what happens.

90
00:07:32,950 --> 00:07:41,470
And you can see I'm able to redirect to GitHub dot com, because this is where I actually pointed this

91
00:07:42,400 --> 00:07:45,300
CName record to github dot com.

92
00:07:45,700 --> 00:07:48,810
Therefore, I'm successfully getting redirected over here.

93
00:07:49,150 --> 00:07:52,480
And this is how actually CName record Works.