DNSDICT6 : BASICSDNSDICT6 is a Information Gathering tool provided with Backtrack. This tool is used to find all the sub-domains of a website or web server. The most advanced use of DSNDICT6 is to enumerate all IPv4 and IPv6 addresses and extract the dumps like sub-domains, IP information. This tool is quite a powerful tool because it also extracts those sub domains which are restricted or invisible for users.
Basic Syntax of DNSDICT6 is :
For example :
dnsdict6 -d4 google.com ( This will extract all sub-domains of google and their IPv4 and IPv6 information.
There are certain Parameters that we can use with dnsdict6 :
- -d is used to display information on Name Servers and MX Records
- -4 is used to dump IPv4 addresses.
- There are four types of dictionary which are already inbuilt in this tool. -s(mall=50), -m(edium=796) (DEFAULT) -l(arge=1416), or -x(treme=3211).
- -t is used to specify no. of threads.
dnsdict6 -d46 -x -s -t 10 google.com ( This will extract all the sub-domains of Google with their IPv4 and IPv6 information).Now lets learn How to use DNSDICT6.
DNSDICT6 (Know your Backtrack [KYB]) Tutorial :
1. First of all start your Backtrack Linux. Now to start DNSDICT6 we have multiple ways.
a. Go by GUI Menu Based options :
Applications --> BackTrack --> Information Gathering --> Network Analysis --> DNS Analysis --> DNSDICT6
b. Open the terminal and type DNSDICT6 to open the tool.
2. After doing above step we will see something like :
|DNSDICT6 Tutorial Step 2|
3.Now say we want to Enumerate all the sub-domains on a website say google.com. Then type the command :
dnsdict6 -d46 -s -t 20 google.comThe above command will enumerate all IPv4 and IPv6 information of all sub-domains of google.com and -s will perform service guessing and 20 is the number of threads running simultaneously to achieve it.
|Sample DNSDICT6 Query|
The below snap shot shows the output of above command :
|Output of DNSDICT6 Sample Query Execution|
Now for advanced usage, we can also incorporate the Dictionary in our DNSDICT6 command.
First of all we need to locate the dictionary file. If don't have create a sample dictionary file on your Virtual Machine Backtrack Desktop say dictionary.txt is file name on desktop.
Now the command will be :
dnsdict6 -d46 -s -t 20 google.com ~/Desktop/dictionary.txt
Now it will only extract those sub-domains whose keywords match with dictionary words. Below is the output of above execution :
|DNSDICT6 Dictionary Brute Force Attack|
That's all about DNSDICT6 Information Gathering Tool.
We hope you all appreciate Hackingloops BEHC campaign and its sub campaign KYB ( Know you Backtrack). If you have any queries or doubts ask us in form of comments.