Ok, next assignment from my sensei.
Perform information gathering on these sites..
is2c-dojo.net
is2c-dojo.com
www.spentera.com
Hmm..
after some time scanning, here's my result :
1. is2c-dojo.netafter some time scanning, here's my result :
First of all, I do nslookup in order to know the original IP of the target. By performing this command I also can get Information about the IP block owned by the target.
# nslookup is2c-dojo.net
here's the result.
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: is2c-dojo.net
Address: 216.239.36.21
Name: is2c-dojo.net
Address: 216.239.34.21
Name: is2c-dojo.net
Address: 216.239.32.21
Name: is2c-dojo.net
Address: 216.239.38.21
From the above information we know that there're some IPs related to the website.
Ok, lets take the 216.239.36.21 to be tested with whois command.
# whois 216.239.36.21
and here is the result.
Spoiler:
hmm.. Google.
When the result is like that, I assume that the web is using blogger by Google.
Lets see the page source.
At the home page, Right click and select View Page Source.
Jackpot, theres a block of text there
Blogger Template Style Name: BlueWeb Author: Klodian URL: www.deluxetemplates.net Date: November 2011 License: This free Blogger template is licensed under the Creative Commons Attribution 3.0 License, which permits both personal and commercial use. However, to satisfy the 'attribution' clause of the license, you are required to keep the footer links intact which provides due credit to its authors. For more specific details about the license, you may visit the URL below: http://creativecommons.org/licenses/by/3.0
It says that the tempelate is for Blogger.
2. is2c-dojo.com
Same as before I do nslookup to see the IP of the target.
# nslookup is2c-dojo.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: is2c-dojo.com
Address: 67.222.154.106
Then, perform whois command
# whois 67.222.154.106
Spoiler:
Hmm..
Datacenter. No idea what it is.
Datacenter. No idea what it is.
3. www.spentera.com
Again, perform nslookup
# nslookup www.spentera.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
www.spentera.com canonical name = spentera.com.
Name: spentera.com
Address: 74.81.66.104
And then whois
# whois 74.81.66.104
Global Net Access, LLC GNAXNET (NET-74-81-64-0-1) 74.81.64.0 - 74.81.95.255
WebHostingBuzz USA LLC. GNAX-WHB-1 (NET-74-81-66-0-1) 74.81.66.0 - 74.81.66.255
Only got the above information. Looks like it is hosted in US server.
Lets search for a robots.txt in this site. (I'll explain more about robots.txt later)
Lets search for a robots.txt in this site. (I'll explain more about robots.txt later)
http://www.spentera.com/robots.txtBingo, here's the result
User-agent: * Disallow: /wp-admin/ Disallow: /wp-includes/ Sitemap: http://www.spentera.com/sitemap.xml.gz