NSLOOKUP

nslookup is one of the tools in Kali LInux to perform DNS look up. It was used in order to get DNS information of the domain or IP address.

There are 2 ways to use nslookup :

  1. Interactive
  2. Non – interactive

In here, we will try to test using both ways as see the diff

Interactive:

to use interactive mode, we need to type “nslookup” and enter, that way, we will enter the interactive mode.

now we can try to enter using google.com

from here we can see the google.com record which has the IP address, “but remember, if there is SSL, we may be directed to the SSL IP, not the real IP so this tools is not almighty.

then we can try several query type such as MX record , we only need to type  “set type=mx” before the domain.

or try to get NS record, just change the mx with ns in the command

then, we can also perform reverse DNS lookup. For this, we don’t input the domain name, but the IP address.

The advantage of this interactive mode is that we can input new lookup continuously and the command to type it is easier to remember for me.

 

Non-interactive mode:

For the non-interactive mode, we just need to input the correct command, unlike the interactive mode that need to type continuously, we can just type the command just once, but it is long.

example with google.com, we use the command “nslookup google.com

if it is mx record we use “nslookup -query=mx google.com

for ns we use “nslookup -query=ns google.com

for reverse DNS we use “nslookup 216.239.38.120