collecting email from the target domain using the harvester

COLLECTING EMAIL FROM THE TARGET DOMAIN USING “THE

HARVESTER”By: Vishal Kumar (CEH | CHFI | CISE | MCP)

theprohackers2017@gmail.com

Lab - 4

THEHARVESTER PACKAGE DESCRIPTION

• THE OBJECTIVE OF THIS PROGRAM IS TO GATHER EMAILS, SUBDOMAINS, HOSTS, EMPLOYEE NAMES, OPEN PORTS AND BANNERS FROM DIFFERENT PUBLIC SOURCES LIKE SEARCH ENGINES, PGP KEY SERVERS AND SHODAN COMPUTER DATABASE.

• THIS TOOL IS INTENDED TO HELP PENETRATION TESTERS IN THE EARLY STAGES OF THE PENETRATION TEST IN ORDER TO UNDERSTAND THE CUSTOMER FOOTPRINT ON THE INTERNET. IT IS ALSO USEFUL FOR ANYONE THAT WANTS TO KNOW WHAT AN ATTACKER CAN SEE ABOUT THEIR ORGANIZATION.

TOOLS INCLUDED IN THE THEHARVESTER PACKAGE

• THEHARVESTER – A TOOL FOR GATHERING E-MAIL ACCOUNTS AND SUBDOMAIN NAMES FROM PUBLIC SOURCES

• USAGE: THEHARVESTER OPTIONS:

      -D: DOMAIN TO SEARCH OR COMPANY NAME       -B: DATA SOURCE (GOOGLE, BING, BINGAPI, PGP, LINKEDIN, GOOGLE-

PROFILES,PEOPLE123,JIGSAW,ALL)       -S: START IN RESULT NUMBER X (DEFAULT 0)       -V: VERIFY HOST NAME VIA DNS RESOLUTION AND SEARCH FOR VIRTUAL HOSTS       -F: SAVE THE RESULTS INTO AN HTML AND XML FILE       -N: PERFORM A DNS REVERSE QUERY ON ALL RANGES DISCOVERED

• USAGE: THEHARVESTER OPTIONS CONTINUE:-C: PERFORM A DNS BRUTE FORCE FOR THE DOMAIN NAME-T: PERFORM A DNS TLD EXPANSION DISCOVERY-E: USE THIS DNS SERVER-L: LIMIT THE NUMBER OF RESULTS TO WORK WITH(BING GOES FROM

50 TO 50 RESULTS,-H: USE SHODAN DATABASE TO QUERY DISCOVERED HOSTS

            GOOGLE 100 TO 100, AND PGP DOESN'T USE THIS OPTION)

• SYNTAX EXAMPLES: THEHARVESTER -D MICROSOFT.COM -L 500 -B GOOGLE

            THEHARVESTER -D MICROSOFT.COM -B PGP            THEHARVESTER -D MICROSOFT -L 200 -B LINKEDIN

THEHARVESTER USAGE EXAMPLE• SEARCHING EMAILS ACCOUNTS FOR THE DOMAIN MICROSOFT.COM, IT WILL WORK WITH

THE FIRST 500 GOOGLE RESULTS:

• SEARCHING EMAILS ACCOUNTS FOR THE DOMAIN MICROSOFT.COM IN A PGP SERVER, HERE IT’S NOT NECESSARY TO SPECIFY THE LIMIT.

• SEARCHING FOR USER NAMES THAT WORKS IN THE COMPANY MICROSOFT, WE USE GOOGLE AS SEARCH ENGINE, SO WE NEED TO SPECIFY THE LIMIT OF RESULTS WE WANT TO USE:

• SEARCHING IN ALL SOURCES AT THE SAME TIME, WITH A LIMIT OF 200 RESULTS:

PERFORMING THE EMAIL EXTRACTION FROM A TARGET DOMAIN

• START THE KALI LINUX AND OPEN THE TERMINAL AND TYPE THE COMMAND THEHARVESTER. AS SHOWN IN THE BELOW SCREENSHOT:

• NOW TYPE THE COMMAND FOR EXTRACTING THE EMAIL FROM THE DOMAIN WWW.DHYEYAIAS.IN USING ALL DATA SOURCES

• THIS COMMAND WILL START THE SEARCH FOR THE DATA IN ALL THE RESOURCED WHICH ARE THEHARVESTER SUPPORTS AND DISPLAY THE SEARCH RESULT.

• THE HARVESTER COMPLETED THE SEARCHING AND DISPLAYS THE SEARCH RESULT AS YOU CAN SEE THE RESULT IN THE BELOW SCREENSHOT, THERE ARE SOME EMAIL FOUND BY THE “THEHARVESTER”

CONCLUSION• THIS IS A VERY EASY METHOD BY WHICH YOU CAN GET THE

IMPORTANT DETAILS OF A TARGET DOMAIN. THEHARVESTER SUPPORT MANY OPTION THAT PRODUCE MORE ACCURATE DETAILED INFORMATION AS PER YOU CHOICE SO TYR THESE OPTIONS ON YOUR TARGET.

DISCLAIMER

• THE INFORMATION PROVIDE IN THIS PRESENTATION IS JUST FOR EDUCATION PURPOSE ONLY, IF ANY ONE USE THIS INFORMATION FOR ILLEGAL PURPOSE THEN ME AND MY PRESENTATION IS NOT RESPONSIBLE FOR THAT.

REQUEST• PLEASE LIKE AND SHARE THIS PRESENTATION AND PLEASE SUBSCRIBE

MY YOUTUBE CHANNEL FOR THE LIVE PERFORMING VIDEOS.

• HTTPS://WWW.YOUTUBE.COM/CHANNEL/UCCYYSI1SH1SMYMLGFB-VQ6A

• FOR ANY SUGGESTION AND QUERY PLEASE WRITE US ON:• THEPROHACKERS2017@GMAIL.COM

• THANKING YOU…!!!