Upload File

collecting email from the target domain using the harvester

  • Home
  • Education
  • Collecting email from the target domain using the harvester
11
COLLECTING EMAIL FROM THE TARGET DOMAIN USING “THE HARVESTER” By: Vishal Kumar (CEH | CHFI | CISE | MCP) [email protected] Lab - 4

Upload: pro-hackers

Post on 20-Mar-2017

43 views

Category:

Education


2 download

Report

TRANSCRIPT

Page 1: Collecting email from the target domain using the harvester

COLLECTING EMAIL FROM THE TARGET DOMAIN USING “THE

HARVESTER”By: Vishal Kumar (CEH | CHFI | CISE | MCP)

[email protected]

Lab - 4

Page 2: Collecting email from the target domain using the harvester

THEHARVESTER PACKAGE DESCRIPTION

• THE OBJECTIVE OF THIS PROGRAM IS TO GATHER EMAILS, SUBDOMAINS, HOSTS, EMPLOYEE NAMES, OPEN PORTS AND BANNERS FROM DIFFERENT PUBLIC SOURCES LIKE SEARCH ENGINES, PGP KEY SERVERS AND SHODAN COMPUTER DATABASE.

• THIS TOOL IS INTENDED TO HELP PENETRATION TESTERS IN THE EARLY STAGES OF THE PENETRATION TEST IN ORDER TO UNDERSTAND THE CUSTOMER FOOTPRINT ON THE INTERNET. IT IS ALSO USEFUL FOR ANYONE THAT WANTS TO KNOW WHAT AN ATTACKER CAN SEE ABOUT THEIR ORGANIZATION.

Page 3: Collecting email from the target domain using the harvester

TOOLS INCLUDED IN THE THEHARVESTER PACKAGE

• THEHARVESTER – A TOOL FOR GATHERING E-MAIL ACCOUNTS AND SUBDOMAIN NAMES FROM PUBLIC SOURCES

• USAGE: THEHARVESTER OPTIONS:

      -D: DOMAIN TO SEARCH OR COMPANY NAME       -B: DATA SOURCE (GOOGLE, BING, BINGAPI, PGP, LINKEDIN, GOOGLE-

PROFILES,PEOPLE123,JIGSAW,ALL)       -S: START IN RESULT NUMBER X (DEFAULT 0)       -V: VERIFY HOST NAME VIA DNS RESOLUTION AND SEARCH FOR VIRTUAL HOSTS       -F: SAVE THE RESULTS INTO AN HTML AND XML FILE       -N: PERFORM A DNS REVERSE QUERY ON ALL RANGES DISCOVERED

Page 4: Collecting email from the target domain using the harvester

• USAGE: THEHARVESTER OPTIONS CONTINUE:-C: PERFORM A DNS BRUTE FORCE FOR THE DOMAIN NAME-T: PERFORM A DNS TLD EXPANSION DISCOVERY-E: USE THIS DNS SERVER-L: LIMIT THE NUMBER OF RESULTS TO WORK WITH(BING GOES FROM

50 TO 50 RESULTS,-H: USE SHODAN DATABASE TO QUERY DISCOVERED HOSTS

            GOOGLE 100 TO 100, AND PGP DOESN'T USE THIS OPTION)

• SYNTAX EXAMPLES: THEHARVESTER -D MICROSOFT.COM -L 500 -B GOOGLE

            THEHARVESTER -D MICROSOFT.COM -B PGP            THEHARVESTER -D MICROSOFT -L 200 -B LINKEDIN

Page 5: Collecting email from the target domain using the harvester

THEHARVESTER USAGE EXAMPLE• SEARCHING EMAILS ACCOUNTS FOR THE DOMAIN MICROSOFT.COM, IT WILL WORK WITH

THE FIRST 500 GOOGLE RESULTS:

• SEARCHING EMAILS ACCOUNTS FOR THE DOMAIN MICROSOFT.COM IN A PGP SERVER, HERE IT’S NOT NECESSARY TO SPECIFY THE LIMIT.

• SEARCHING FOR USER NAMES THAT WORKS IN THE COMPANY MICROSOFT, WE USE GOOGLE AS SEARCH ENGINE, SO WE NEED TO SPECIFY THE LIMIT OF RESULTS WE WANT TO USE:

• SEARCHING IN ALL SOURCES AT THE SAME TIME, WITH A LIMIT OF 200 RESULTS:

Page 6: Collecting email from the target domain using the harvester

PERFORMING THE EMAIL EXTRACTION FROM A TARGET DOMAIN

• START THE KALI LINUX AND OPEN THE TERMINAL AND TYPE THE COMMAND THEHARVESTER. AS SHOWN IN THE BELOW SCREENSHOT:

Page 7: Collecting email from the target domain using the harvester

• NOW TYPE THE COMMAND FOR EXTRACTING THE EMAIL FROM THE DOMAIN WWW.DHYEYAIAS.IN USING ALL DATA SOURCES

• THIS COMMAND WILL START THE SEARCH FOR THE DATA IN ALL THE RESOURCED WHICH ARE THEHARVESTER SUPPORTS AND DISPLAY THE SEARCH RESULT.

Page 8: Collecting email from the target domain using the harvester

• THE HARVESTER COMPLETED THE SEARCHING AND DISPLAYS THE SEARCH RESULT AS YOU CAN SEE THE RESULT IN THE BELOW SCREENSHOT, THERE ARE SOME EMAIL FOUND BY THE “THEHARVESTER”

Page 9: Collecting email from the target domain using the harvester

CONCLUSION• THIS IS A VERY EASY METHOD BY WHICH YOU CAN GET THE

IMPORTANT DETAILS OF A TARGET DOMAIN. THEHARVESTER SUPPORT MANY OPTION THAT PRODUCE MORE ACCURATE DETAILED INFORMATION AS PER YOU CHOICE SO TYR THESE OPTIONS ON YOUR TARGET.

Page 10: Collecting email from the target domain using the harvester

DISCLAIMER

• THE INFORMATION PROVIDE IN THIS PRESENTATION IS JUST FOR EDUCATION PURPOSE ONLY, IF ANY ONE USE THIS INFORMATION FOR ILLEGAL PURPOSE THEN ME AND MY PRESENTATION IS NOT RESPONSIBLE FOR THAT.

Page 11: Collecting email from the target domain using the harvester

REQUEST• PLEASE LIKE AND SHARE THIS PRESENTATION AND PLEASE SUBSCRIBE

MY YOUTUBE CHANNEL FOR THE LIVE PERFORMING VIDEOS.

• HTTPS://WWW.YOUTUBE.COM/CHANNEL/UCCYYSI1SH1SMYMLGFB-VQ6A

• FOR ANY SUGGESTION AND QUERY PLEASE WRITE US ON:• [email protected]

• THANKING YOU…!!!

https://www.youtube.com/channel/UCcyYSi1sh1SmyMlGfB-Vq6A
https://www.youtube.com/channel/UCcyYSi1sh1SmyMlGfB-Vq6A
mailto:[email protected]

H822D/LH822D HARVESTER

Mobile Data Harvester Senior Design Project › uploads › 9 › 2 › 1 › 2 › ... · Collecting environmental data using passive data loggers and manual downloading can be a

Two-row Self-propelled Corn Harvester, Corn Combine Harvester

Use of harvester machines & combine harvester

Lemon Grass Harvester

MEMS Energy Harvester

February Harvester 2015

Monster Harvester Handbook

May Harvester 2015

Combine harvester

THE HARVESTER

Development of Sunflower Combine Harvester Katawut ... of Sunflower Combine Harvester ... sun flower combine harvester, ... Thai paddy combine harvester has been designed and produced

Potato Harvester

CadmiumCD Speaker Harvester

TESTCODEFORCOMBINE HARVESTER-THRESHER

UTARU HARVESTER

Ultrasonic energy harvester

Harvester Pham

The Cranberry Harvester

Combined harvester

H822/LH830C HARVESTER - Bobcat Centralbobcatcentral.com/assets/Uploads/tigercat-LH830C-Harvester-Track... · specifications h822c lh830c ... h822c harvester lh830c harvester rotating

crop harvester ppt

Amity Sugarbeat Harvester

Orchard HarvesterOrchard Harvester

BRAUD OLIVE HARVESTER

Traktionshilfsseilwinde „Uni Winch“ · 2016. 5. 12. · Trägertyp Harvester TJ1270 6WD Harvester TJ1270 6WD altern. Harvester JD1270D 6WD altern. Harvester JD1270D 6WD THSW Typ

Harvester Technical College

Harvester 0902

BROUWER SOD HARVESTER

aldai roof harvester

Worm Harvester 212011

Harvester & procesor

An Electromagnetic Vibration Energy Harvester With Strong ... · Electromagnetic Vibration Energy Harvester 5 Electromagnetic vibration energy harvester (VEH) transforms vibration

Sugarcane Harvester

St. Isidore Harvester