Whois Lookup
In this section, we are going to have a look at is Whois Lookup. It is a protocol that is used to find the owners of internet resources, for example, a domain, a server, an IP address. In this, we are not actually hacking, we are just retrieving information from a database about owners of stuff on the internet. For example, if we wanted to register a domain name like zaid.com we have to supply information about the person who is signing in like address, and then the domain name will be stored in our name and people will see that Zaid owns the domain name. That is all we are going to do.
If we google Whois Lookup, we will see a lot of websites providing the services, so we are going to use http://whois.domaintools.com, and enter our target domain name as isecurity.org, and press Search button as shown in the following screenshot:
In the following screenshot, we can see that we get a lot of information about our target website:
We can see the email address that we can use to contact the domain name info. Usually, we will be able to see the company’s address that has registered the domain name, but we can see that this company is using privacy on their domain. If the company is not using any privacy, we will be able to see their address and many more information about the actual company.
We can see when the domain name was created, and we can also see the IP address of isecurity.org. If we ping the IP, we should get the same IP address as mentioned in the following screenshot.
If we run ping.www.isecurity.org, the same IP address will be returned:
In the above screenshot, we can see the IP Location, Domain Status, and we can also access the History, but we need to register for that. Now, again we can use this information to find exploits.
In the following screenshot, in the Whois Record, we can find more information about the company that registered this domain:
This is basic information, but it is very helpful in the long run, just to know what their IP is, what our target is, and what services they are using. We can see the name server that is being used, and we can also see which company they are provided by.