How To Install dnsmap on Kali Linux

In this tutorial we learn how to install dnsmap on Kali Linux. dnsmap is DNS domain name brute forcing tool

Introduction

In this tutorial we learn how to install dnsmap on Kali Linux.

What is `dnsmap`

dnsmap is:

dnsmap scans a domain for common subdomains using a built-in or an external wordlist (if specified using -w option). The internal wordlist has around 1000 words in English and Spanish as ns1, firewall servicios and smtp. So will be possible search for smtp.example.com inside example.com automatically. Results can be saved in CSV and human-readable format for further processing. dnsmap does NOT require root privileges to be run, and should NOT be run with such privileges for security reasons.

dnsmap was originally released back in 2006 and was inspired by the fictional story “The Thief No One Saw” by Paul Craig, which can be found in the book “Stealing the Network - How to 0wn the Box”.

dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target company’s IP netblocks, domain names, phone numbers, etc.

Subdomain brute-forcing is another technique that should be used in the enumeration stage, as it’s especially useful when other domain enumeration techniques such as zone transfers don’t work (I rarely see zone transfers being publicly allowed these days by the way).

Fun things that can happen:

Finding interesting remote access servers (e.g.: https:://extranet.example.com).
Finding badly configured and/or unpatched servers (e.g.: test.example.com).
Finding new domain names which will allow you to map non-obvious/hard-to-find netblocks of your target organization (registry lookups - aka whois is your friend).
Sometimes you find that some bruteforced subdomains resolve to internal IP addresses (RFC 1918). This is great as sometimes they are real up-to-date “A” records which means that it is possible to enumerate internal servers of a target organization from the Internet by only using standard DNS resolving (as opposed to zone transfers for instance).
Discover embedded devices configured using Dynamic DNS services (e.g.: IP Cameras). This method is an alternative to finding devices via Google hacking techniques.

This package provides two possible commands: dnsmap and dnsmap-bulk.

This program is useful for pentesters, ethical hackers and forensics experts. It also can be used for security tests.

There are three methods to install dnsmap on Kali Linux. We can use apt-get, apt and aptitude. In the following sections we will describe each method. You can choose one of them.

Install dnsmap Using apt-get

Update apt database with apt-get using the following command.

sudo apt-get update

After updating apt database, We can install dnsmap using apt-get by running the following command:

sudo apt-get -y install dnsmap

Install dnsmap Using apt

Update apt database with apt using the following command.

sudo apt update

After updating apt database, We can install dnsmap using apt by running the following command:

sudo apt -y install dnsmap

Install dnsmap Using aptitude

If you want to follow this method, you might need to install aptitude on Kali Linux first since aptitude is usually not installed by default on Kali Linux. Update apt database with aptitude using the following command.

sudo aptitude update

After updating apt database, We can install dnsmap using aptitude by running the following command:

sudo aptitude -y install dnsmap

How To Uninstall dnsmap on Kali Linux

To uninstall only the dnsmap package we can use the following command:

sudo apt-get remove dnsmap

Uninstall dnsmap And Its Dependencies

To uninstall dnsmap and its dependencies that are no longer needed by Kali Linux, we can use the command below:

sudo apt-get -y autoremove dnsmap

Remove dnsmap Configurations and Data

To remove dnsmap configuration and data from Kali Linux we can use the following command:

sudo apt-get -y purge dnsmap

Remove dnsmap configuration, data, and all of its dependencies

We can use the following command to remove dnsmap configurations, data and all of its dependencies, we can use the following command:

sudo apt-get -y autoremove --purge dnsmap

Dependencies

dnsmap have the following dependencies:

libc6

References

dnsmap website

Summary

In this tutorial we learn how to install dnsmap package on Kali Linux using different package management tools: apt, apt-get and aptitude.