Getting information from WHOIS records
WHOIS records contain useful information, such as the registrar/organization name, creation and expiration dates, geographical location, and abuse contact information among some potentially interesting fields. System administrators, IT staff, and other security professionals have been using WHOIS records for years now, and although there are many tools and websites available to query this information, Nmap can process IP ranges/target lists in many formats to perform this task in batch.
This recipe will show you how to retrieve the WHOIS records of an IP address or domain name with Nmap.
How to do it...
- Open a terminal and enter the following command:
$nmap -sn --script whois-* <target>
- The output will look similar to the following:
Host script results: | whois-domain: | | Domain name record found at whois.mx | \x0D | Domain Name: websec.mx\x0D | \x0D | Created On: ...