See how to use the dig tool to look for named servers running on a target.
- [Instructor] When looking at the target,…it's easy to assume that whatever is presented…as the default website is the complete service.…But this may not be the case.…We need to be aware that Apache allows…multiple name-based websites to be served…from just one IP address,…and we may be looking at a named server host.…The website on the host may be unused and offer nothing,…but there may be gold in some of the named websites.…Named websites are accessed not by…their IP address, but by their URL.…
DNS will resolve the IP address, and the virtual host server…will direct the incoming connection…to the required virtual web server based on the URL.…The host will always have a primary virtual website,…which will respond to any request…not specifying the name-based website.…We can see here, www.domain1.com through to www.domain5.com,…all residing on the same host.…
As a penetration tester, finding all the named websites…that run on a host is important, because any one…of these websites may contain vulnerabilities…that allow access to the underlying server,…
- Using Masscan for rapid full-service scanning
- Passive scanning with Shodan
- Using Nmap scripts
- Scanning with Reconnoitre and Vanquish
- Diagnosing uncommon ports
- Enumerating Drupal, WordPress, and Joomla sites
- Enumerating in the Linux shell
- Using the JAWS PowerShell script
Skill Level Advanced
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
Ethical Hacking: Penetration Testingwith Lisa Bock1h 20m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
1. Identifying Services
2. Enumerating Services
3. Enumerating Web Servers
4. Further Enumeration
Enumerating inside Windows4m 41s
What's next1m 39s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.