Showing posts with label ip. Show all posts
Showing posts with label ip. Show all posts
Tuesday, July 18, 2017
Kali Linux Tutorial Find IP Address Of Any Website And Trace Its Location
Kali Linux Tutorial Find IP Address Of Any Website And Trace Its Location
Welcome back hackers, after a short break today i am here to share with you a new kali tutorial to find the ip address of any website and trace its exact location, i know there is a lot of tutorials to find location of ip address but all of them are really sucks, means they only give us only country details or sometimes shows random places for an ip, and if you want to know the exact location of a website then you need a search warrant but here i will demonstrate you how to find the ip address of any website and how to know its exact location without any search warrant or subpoena.
IP address, hope you all know what is IP. In this tutorial first we need to find the ip address of website in order to trace the location, without ip there is no way to find the location so for this purpose we will use Maltego information gathering tool and it is pre-installed in our favorite Kali Linux.
Maltego is popular information gathering tool but it will not show us the exact place of website, so we will use MaxMind database to find the location. MaxMind is company maintaining a database of the locations of every ip address in the world and their location status includes GPS coordinates, area code, zip code and country. MaxMind software is little expensive but the good news is they are also providing a free developers version of this database without any softwares or tools to read it.
Pygeoip, is a small python script we are also using in this tutorial. It is developed by two programmers named Jennifer Ennis and T.Williams and it is released under GPL license that enables us to input an ip address and output this critical information.
How to find the ip address with maltego
Maltego, is an open source intelligence and forensics application. This is a GUI tool so looks different. Maltego is an information gathering tool that allows you to visually see relationships and it focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.Maltego allows you to enumerate network and domain information like Domain Names, Whois Information, DNS Names, Netblocks, IP Addresses etc
Maltego also allows you to enumerate People information like:
- Email addresses associated with a person’s name
- Web sites associated with a person’s name
- Phone numbers associated with a person’s name
- Social groups that are associated with a person’s name
- Companies and organizations associated with a person’s name etc
I have already published a tutorial for information gathering with maltego, so i would like to recommend you to read this article to find the IP address of website which you want to know the location: Kali Linux Tutorial: Using Maltego Tool To Scan Network And Finding IP
If you are new to kali linux then i recommend you to read my older post about kali linux and will guide you through the installation process and also it will also teach you the kali basics: An Introduction To Hacker’s OS: Kali Linux Setup Tutorial
Tracing the exact location of website
Step 1: Boot Kali Linux and open up a terminal
First of all run our favorite Kali system and open up a new terminal.If you are new to kali linux then i recommend you to read my older post about kali linux and will guide you through the installation process and also it will also teach you the kali basics: An Introduction To Hacker’s OS: Kali Linux Setup Tutorial
Step 2: Download MaxMind database
Now we need to download the database from MaxMind, and we can get it by typing the following.wget -N -q http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
Then we need to unzip it.
gzip -d GeoLiteCity.dat.gz
Lets now check that the database is in place by listing the directory.
ls -alh GeoLiteCity.dat
Step 3: Download & Install Pygeoip
Next, we need to install the Python script to read the database, pygeoip. We can download it by typing the following.wget http://pygeoip.googlecode.com/files/pygeoip-0.1.3.zip
Then, unzip it.
unzip pygeoip-0.1.3.zip
We next need to download some setup tools into the pygeoip directory.
cd pygeoip-0.1.3
wget http://svn.python.org/projects/sandbox/trunk/setuptools/ez_setup.py
Now type following:
wget https://pypi.python.org/packages/2.5/s/setuptools/setuptools-0.6c11-py2.5.egg#md5=64c94f3bf7a72a13ec83e0b24f2749b2
Lets now move and then build and install the setup tools.
mv setuptools-0.6c11-py2.5.egg setuptools-0.7a1-py2.5.egg
python setup.py build
Next type:
python setup.py install
We need to move the database to the pygeoip directory so that script can access it without having to use the full path.
cd
mv GeoLiteCity.dat /pygeoip-0.1.3
Step 4: Query the Database
Now that we have the database in place and the pygeoip script downloaded and installed, we can begin to query that database with pygeoip.First, we need to start a Python shell.
python
Then, you will be greeted will the triple >>> indicating you are now in an interactive python shell. Lets import the module and instantiate the class.
>>> import pygeoip>>> gip = pygeopip.GeoIP(GeoLiteCity.dat)
Next, we are ready to begin our query. Lets see where Google is located.
>>> rec = gip.record_by_addr(64.233.161.99)
>>> for key,val in rec.items():
... print "%s: %s" %(key,val)
...
Please note that it is critical to indent the "print". If not, you will throw an error.
As you can see, we were able to locate Googles IP in Mountain View, CA at area code 650, postal code 94043, longitude -122.0574, and latitude 37.4192. Not bad!.
Once again, the combination of the database and pygeoip script was able to provide us with key location information on CNNs IP address.
This little tool is great for locating any IP address in the world, albeit, it is a bit clunky. Maybe someone here in the Null Byte community with good Python skills would like to write an interactive script with a nice user interface where the user can simply enter the IP and get the record information?. Thank you, if you have any doubts please type down a comment.
Also Read:
- How to Setup Nessus in Kali Linux - Most Used Vulnerability Scanner in 2015
- How To Bypass Antivirus Detection Using Veil-Evasion In Kali Linux
- Kali Linux Tools: Brief Introduction To 10 Powerful Hacking Tools
Available link for download
Sunday, February 26, 2017
Kali Linux Tutorial Using Maltego Tool To Scan Network And Finding IP
Kali Linux Tutorial Using Maltego Tool To Scan Network And Finding IP
Using Maltego in Kali to Recon a Target Network
Step 1: Open Maltego & Register
Let’s start by firing up Kali and then opening Maltego. Here is a complete tutorial about hackers OS Kali Linux, so read this before you go ahead: An Introduction To Hacker’s OS: Kali Linux Setup Tutorial
Maltego can be found in numerous places in Kali, but the easiest way to get to it is to go to Applications -> Kali Linux -> Top 10 Security Tools. Then, among the Top 10, you will find Maltego at number 5, as shown in the screenshot below.
When you open Maltego, you will need to wait a brief moment for it to startup. After it finishes loading, you will be greeted by a screen asking you to register Maltego.
Go ahead and register and save and remember your password as you will need it again the next time you login into Maltego.
Step 2: Choose a Machine & Parameters
After successfully registering and logging into Maltego, we will have to decide what type of “machine” we want to run against our target. In Maltego’s parlance, a machine is simply what type of footprinting we want to do against our target. Here, we are focusing on the network footprinting, so our choices are:
- Company Stalker (this gathers email information)
- Footprint L1 (basic information gathering)
- Footprint L2 (moderate amount of information gathering)
- Footprint L3 (intense and the most complete information gathering)
Step 3: Choose a Target
Now, that we have chosen a type of machine for our footprinting, we will need to choose a target. Let’s choose our friends at SANS, one of the leading IT security training and consulting firms in the world.
Now, click “Finish” and let Maltego do its work.
Step 4: Results
Maltego will now begin to gather info on our target domain, sans.org, and display it on screen. In the screenshot below, we can see that Maltego has already collected the email addresses from the site, while it collects the nameservers and mail servers.
Finally, we can click on “Bubble View” when Maltego is done and see all of the relationships between our target and its subdomains and linked sites.
How to find IP address
By clicking left button of mouse drag the domain in Main view.
Double click on domain icon and rename it into your target domain. Here I am taking google.com as example.
Here we are searching for top level domain for our target domain. First right click on domain then
Run Transform ? All Transforms ? To Domain ( Find other TLDs)
Here we got the result of TLD search.
Now we are to gain more information about these domains. First of all select all domains by dragging left mouse button or you can select one by one press Shift + left click.
After selecting all domains, right click one of them and then
Run Transform ? All Transforms ? To Website (Quick-Lookup)
Here we are going to search all website which are associate with these domains.
Well here we are just replacing the a website icon I have targeted http://www.google.com for more info follow the image. This is not a necessary part but you should learn it.
Here we are going to find the IP address of our target website. Right click on target website then
Run Transform ? Resolve to IP ? To IP Address (DNS)
Here we got the IP address of our target website and the detail of where its located.
Conclusion
Maltego is an excellent tool to do network recon on our potential target, enabling us to do numerous types of recon in a single scan with a single tool. Maltego is also capable of doing individual recon, but we will leave that for my next Maltego article, see you my grey hats.Recommended Kali Linux Tutorials
- Kali Linux Tutorial: Hack A Web Browser Using BeEF
- Kali Linux Tutorial: How To Perform Evil Twin Wireless Access
- Kali Linux Tutorial: Hack a Website login Page Password Using Wireshark
- Kali Linux Tutorial: Finding Exploits Using the Searchsploit Tool
Available link for download
Subscribe to:
Posts (Atom)