Metasploit - The Penetration Testers Guide
First I would like to say that I would highly recommend this book to anyone that wants to learn more abouot pentesting and Metasploit.
That being said, there are some things about the book that maybe people here can answer. Within the book they show commands that they are using from the msfconsole, one of these commands is Whois. I am wondering, I have not been able to find anything within the Msfconsole for a whois command, is there a module I can load for this? I have searched Google for this information but cannot seem to find it. Any help would be greatly appreciated. Thanks.
Re: Metasploit - The Penetration Testers Guide
You're in luck. I can help with this. Whois v1.01 is available in microsoft's technet website. Just search technet and you will find it.
Re: Metasploit - The Penetration Testers Guide
You're saying that microsoft has a Whois module for Metasploit?
Re: Metasploit - The Penetration Testers Guide
whois is included in most Linux distros, not in BT at the moment but sure it will be, it is in Ubuntu 10.4, but far as using it within msf not to sure on that
Re: Metasploit - The Penetration Testers Guide
metasploit can execute external shell commands. Take ping for instance....
Re: Metasploit - The Penetration Testers Guide
this is the exact example performed in chapter 3 of the book. i really do not see how much clearer it could be:
msf > whois secmaniac.net
[*] exec: whois secmaniac.net
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: SECMANIAC.NET
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
returning etc, results which would just take up space to paste. this is again done with nslookup and a variety of other commands within msfconsole in the early exercises in the book. (which is an excellent resource,indeed).
perhaps this helps you out.
Quote:
Originally Posted by
Soultaker666
You're saying that microsoft has a Whois module for Metasploit?
you're a funny guy :) nothing like a multi-billion dollar company directly contributing to airing their own dirty laundry, so to speak. I think you will come to find Microsoft's contributions to the Metasploit project a tad bit more limited than this proposal.
