1
00:00:10,270 --> 00:00:16,840
Let us continue with the information gathering practicals in the spectacle, we will gather information

2
00:00:16,840 --> 00:00:24,580
using the NSA look and let's look up the network administration command line tool available in many

3
00:00:24,580 --> 00:00:30,760
computer operating systems for creating the domain name system, obtain the domain name or the IP address

4
00:00:30,760 --> 00:00:33,940
mapping or the D.A. records of a particular website.

5
00:00:34,570 --> 00:00:38,150
The name and its lookup means name server lookup.

6
00:00:39,280 --> 00:00:44,470
So for this look, a practical we will use the command prompt in windows.

7
00:00:46,650 --> 00:00:50,420
Just go to the search button and type ACMD over there.

8
00:00:58,720 --> 00:01:02,800
On the Newcomen from type, and let's look up and press enter.

9
00:01:04,640 --> 00:01:11,180
This display is the default server and its address assigned to the Windows Server machine, in the end,

10
00:01:11,180 --> 00:01:21,250
let's lookup in practice more type set space type is equal to and present setting the type as a configured

11
00:01:21,260 --> 00:01:24,440
in this lookup query for the IP address of the given domain.

12
00:01:25,360 --> 00:01:31,570
Tiger, the tiger domain as w w w are certified hacker, dot com and press enter.

13
00:01:37,470 --> 00:01:42,740
This resolves the IP address, and this was the result, as you can see on the screen.

14
00:01:45,030 --> 00:01:54,410
Now we will find the canonically for finding the canonically type said space type is equal to see name

15
00:01:54,570 --> 00:02:01,140
and press enter the canonical name lookup is done directly against the government's authority to name

16
00:02:01,140 --> 00:02:07,230
server and lists that C name records for the room in here type 34 Hecho dot com.

17
00:02:07,740 --> 00:02:13,950
Remember, don't type w w w here as we are typing the domain name.

18
00:02:13,950 --> 00:02:22,170
While this returns, the domains authoritative name server along with the mail server address as shown

19
00:02:22,170 --> 00:02:22,830
on the screen.

20
00:02:24,780 --> 00:02:30,030
Since you have obtained the authority to name server, you will need to determine the IP address of

21
00:02:30,030 --> 00:02:34,550
the name server now issued a command set space type is a.

22
00:02:39,660 --> 00:02:47,730
You can see the primary name server in the results before, as anyone, one blue dot com type and S1

23
00:02:47,880 --> 00:02:51,890
or Bluejuice dot com is the primary name, server and space center.

24
00:02:53,510 --> 00:02:59,470
This returns the IP address of the server, as shown on the screen, the authority to name servers,

25
00:02:59,470 --> 00:03:01,620
stores, the records associated with the domain.

26
00:03:02,090 --> 00:03:08,450
So if an attacker can determine the authority to name server that is the primary name server and obtain

27
00:03:08,450 --> 00:03:14,330
its associated IP address, the attacker might attempt to exploit the server to perform attacks like

28
00:03:14,330 --> 00:03:17,720
those deros, your redaction and so on.

29
00:03:18,680 --> 00:03:20,330
This is all for this practical.

30
00:03:22,210 --> 00:03:26,040
In the next spectacle, they will gather information using Shora.