Getting information from WHOIS records
WHOIS records often contain useful information, such as the registrar/organization name, creation and expiration dates, geographical location, and other contact information, such as the e-mail address to report abuse. System administrators have been using WHOIS for years now, and although there are many tools available to query this information, Nmap can take IP ranges or target lists as input and obtain IP address and domain name information in one place.
This recipe will show you how to retrieve the WHOIS records of an IP address or domain name with Nmap.
How to do it...
Open a terminal and enter the following command:
$nmap -sn --script whois-* <target>
The output will look similar to the following:
$nmap -sn --script whois-* websec.mx
Host script results:
| whois-domain:
|
| Domain name record found at whois.mx
|
| Domain Name: websec.mx
|
| Created On: 2010-04-14
| Expiration Date: 2018-04-13...