How to Install and Uninstall dnsmap Package on Ubuntu 20.10 (Groovy Gorilla)
Last updated: November 23,2024
1. Install "dnsmap" package
Here is a brief guide to show you how to install dnsmap on Ubuntu 20.10 (Groovy Gorilla)
$
sudo apt update
Copied
$
sudo apt install
dnsmap
Copied
2. Uninstall "dnsmap" package
This guide covers the steps necessary to uninstall dnsmap on Ubuntu 20.10 (Groovy Gorilla):
$
sudo apt remove
dnsmap
Copied
$
sudo apt autoclean && sudo apt autoremove
Copied
3. Information about the dnsmap package on Ubuntu 20.10 (Groovy Gorilla)
Package: dnsmap
Architecture: amd64
Version: 0.35-5
Priority: optional
Section: universe/net
Origin: Ubuntu
Maintainer: Ubuntu Developers
Original-Maintainer: Debian Security Tools
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 257
Depends: libc6 (>= 2.7)
Filename: pool/universe/d/dnsmap/dnsmap_0.35-5_amd64.deb
Size: 27132
MD5sum: daa744b16ace2c09601740bfe03c7384
SHA1: 01d82dab98d0e9fe5d920fa366b12f409efcd073
SHA256: 5a3da26473bd7925f0e908bafbce5238d1b1d070bda2cb5628138821f4255a2c
SHA512: 20569897cb13fa5f36c7edd3246f2a59caf2c60a127b4f9c061dc7db727149009d92a06a87f69b5649ce10dcdabfcadc343fa5a88c0bd82bfecf43e764312007
Homepage: https://github.com/resurrecting-open-source-projects/dnsmap
Description-en: DNS domain name brute forcing tool
dnsmap scans a domain for common subdomains using a built-in or an external
wordlist (if specified using -w option). The internal wordlist has around 1000
words in English and Spanish as ns1, firewall servicios and smtp. So will be
possible search for smtp.example.com inside example.com automatically. Results
can be saved in CSV and human-readable format for further processing. dnsmap
does NOT require root privileges to be run, and should NOT be run with such
privileges for security reasons.
.
dnsmap was originally released back in 2006 and was inspired by the fictional
story "The Thief No One Saw" by Paul Craig, which can be found in the book
"Stealing the Network - How to 0wn the Box".
.
dnsmap is mainly meant to be used by pentesters during the information
gathering/enumeration phase of infrastructure security assessments. During the
enumeration stage, the security consultant would typically discover the target
company's IP netblocks, domain names, phone numbers, etc.
.
Subdomain brute-forcing is another technique that should be used in the
enumeration stage, as it's especially useful when other domain enumeration
techniques such as zone transfers don't work (I rarely see zone transfers being
publicly allowed these days by the way).
.
Fun things that can happen:
.
1) Finding interesting remote access servers
(e.g.: https:://extranet.example.com).
2) Finding badly configured and/or unpatched servers
(e.g.: test.example.com).
3) Finding new domain names which will allow you to map
non-obvious/hard-to-find netblocks of your target organization
(registry lookups - aka whois is your friend).
4) Sometimes you find that some bruteforced subdomains resolve to internal IP
addresses (RFC 1918). This is great as sometimes they are real up-to-date
"A" records which means that it is possible to enumerate internal servers
of a target organization from the Internet by only using standard DNS
resolving (as opposed to zone transfers for instance).
5) Discover embedded devices configured using Dynamic DNS services
(e.g.: IP Cameras). This method is an alternative to finding devices via
Google hacking techniques.
.
This package provides two possible commands: dnsmap and dnsmap-bulk.
.
This program is useful for pentesters, ethical hackers and forensics experts.
It also can be used for security tests.
Description-md5: 8da238b788e263a0deb14cbebae67043
Architecture: amd64
Version: 0.35-5
Priority: optional
Section: universe/net
Origin: Ubuntu
Maintainer: Ubuntu Developers
Original-Maintainer: Debian Security Tools
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 257
Depends: libc6 (>= 2.7)
Filename: pool/universe/d/dnsmap/dnsmap_0.35-5_amd64.deb
Size: 27132
MD5sum: daa744b16ace2c09601740bfe03c7384
SHA1: 01d82dab98d0e9fe5d920fa366b12f409efcd073
SHA256: 5a3da26473bd7925f0e908bafbce5238d1b1d070bda2cb5628138821f4255a2c
SHA512: 20569897cb13fa5f36c7edd3246f2a59caf2c60a127b4f9c061dc7db727149009d92a06a87f69b5649ce10dcdabfcadc343fa5a88c0bd82bfecf43e764312007
Homepage: https://github.com/resurrecting-open-source-projects/dnsmap
Description-en: DNS domain name brute forcing tool
dnsmap scans a domain for common subdomains using a built-in or an external
wordlist (if specified using -w option). The internal wordlist has around 1000
words in English and Spanish as ns1, firewall servicios and smtp. So will be
possible search for smtp.example.com inside example.com automatically. Results
can be saved in CSV and human-readable format for further processing. dnsmap
does NOT require root privileges to be run, and should NOT be run with such
privileges for security reasons.
.
dnsmap was originally released back in 2006 and was inspired by the fictional
story "The Thief No One Saw" by Paul Craig, which can be found in the book
"Stealing the Network - How to 0wn the Box".
.
dnsmap is mainly meant to be used by pentesters during the information
gathering/enumeration phase of infrastructure security assessments. During the
enumeration stage, the security consultant would typically discover the target
company's IP netblocks, domain names, phone numbers, etc.
.
Subdomain brute-forcing is another technique that should be used in the
enumeration stage, as it's especially useful when other domain enumeration
techniques such as zone transfers don't work (I rarely see zone transfers being
publicly allowed these days by the way).
.
Fun things that can happen:
.
1) Finding interesting remote access servers
(e.g.: https:://extranet.example.com).
2) Finding badly configured and/or unpatched servers
(e.g.: test.example.com).
3) Finding new domain names which will allow you to map
non-obvious/hard-to-find netblocks of your target organization
(registry lookups - aka whois is your friend).
4) Sometimes you find that some bruteforced subdomains resolve to internal IP
addresses (RFC 1918). This is great as sometimes they are real up-to-date
"A" records which means that it is possible to enumerate internal servers
of a target organization from the Internet by only using standard DNS
resolving (as opposed to zone transfers for instance).
5) Discover embedded devices configured using Dynamic DNS services
(e.g.: IP Cameras). This method is an alternative to finding devices via
Google hacking techniques.
.
This package provides two possible commands: dnsmap and dnsmap-bulk.
.
This program is useful for pentesters, ethical hackers and forensics experts.
It also can be used for security tests.
Description-md5: 8da238b788e263a0deb14cbebae67043