Dig stands for ( Domain Information Groper ) is a network adminstration command-line tool for querying Domain Name System ( DNS ) name servers. It is useful for verifying and troubleshooting DNS problems and also to perform DNS lookups and displays the answer that are returned from the name server that were queried. dig is part of the BIND domain name server software suite. dig command replaces older tool such as nslookup and the host. dig tool is available in major Linux distributions. Dig command in Linux for querying Domain Name System
DNS is the service that translates a domain name like hackingtruth.in or google.com to the appropriate IP address; that way, your system knows how to get to it. Without DNS, we would all have to remember thousands of IP addresses for our favorite websites—no small task even for a savant.
One of the most useful commands for the aspiring hacker is dig , which offers a way to gather DNS information about a target domain. The stored DNS information can be a key piece of early reconnaissance to obtain before attacking. This information could include the IP address of the target’s nameserver (the server that translates the target’s name to an IP address), the target’s email server, and potentially any subdomains and IP addresses.
For instance, enter dig hackers-arise.com and add the ns option (short for nameserver). The nameserver for google.com is displayed in the ANSWER SECTION.
First of all, we will know what command can be used with the dig command.
For Help Command
dig -h
Querying NS ( name server ) Record for Domain
command :- dig google.com ns
Also note in the ANSWER SECTION that this dig query reveals the IP address ( 192.168.42.129#53 ) of the DNS server serving google.com. You can also use the dig command to get information on email servers connected to a
domain by adding the mx option ( mx is short for mail exchange server). This information is critical for attacks on email systems. For example, info on the www.google.com email servers is shown in the AUTHORITY SECTION
Querying MX Record for Domain
command :- dig google.com mx
You can use the Display nothing except short form of answer such as using + short command.
+short
dig google.com ns +short
dig google.com mx +short
Querying SOA Record for Domain
A start of authority (SOA) record is information stored in a domain name system (DNS) zone about that zone and about other DNS records. A DNS zone is the part of a domain for which an individual DNS server is responsible. Each zone contains a single SOA record.
command :- dig google.com SOA
Querying TTL Record for Domain
TTL (Time to Live) is a setting for each DNS record that specifies how long a resolver is supposed to cache (or remember) the DNS query before the query expires and a new one needs to be done.
command :- dig google.com TTL
Querying only answer section
command :- dig google.com +nocomments +noquestion +noauthority +noadditional +nostats
Querying ALL DNS Records Types
command :- dig yahoo.com ANY +noall +answer
DNS Reverse Look-up
command :- dig -x 72.30.35.9 +short
Querying Multiple DNS Records
Query multiple website’s DNS specific query viz. MX, NS etc. records.
command :- dig yahoo.com +noall +answer google.com ns +noall +answer
In this article, we tried to find out dig command which may help you to search (DNS) Domain Name Service related information. Share your thoughts through comment box. I hope you liked this post, then you should not forget to share this post at all.Thank you so much :-)