docs/Recon/Invoke-ReverseDnsLookup.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

# Invoke-ReverseDnsLookup

## SYNOPSIS
Perform a reverse DNS lookup scan on a range of IP addresses.

PowerSploit Function: Invoke-ReverseDnsLookup  
Author: Matthew Graeber (@mattifestation)  
License: BSD 3-Clause  
Required Dependencies: None  
Optional Dependencies: None

## SYNTAX

```
Invoke-ReverseDnsLookup [-IpRange] <String>
```

## DESCRIPTION
Invoke-ReverseDnsLookup scans an IP address range for DNS PTR records.
This script is useful for performing DNS reconnaissance prior to conducting an authorized penetration test.

## EXAMPLES

### -------------------------- EXAMPLE 1 --------------------------
```
Invoke-ReverseDnsLookup 74.125.228.0/29
```

IP              HostName
--              --------
74.125.228.1    iad23s05-in-f1.1e100.net
74.125.228.2    iad23s05-in-f2.1e100.net
74.125.228.3    iad23s05-in-f3.1e100.net
74.125.228.4    iad23s05-in-f4.1e100.net
74.125.228.5    iad23s05-in-f5.1e100.net
74.125.228.6    iad23s05-in-f6.1e100.net

Description
-----------
Returns the hostnames of the IP addresses specified by the CIDR range.

### -------------------------- EXAMPLE 2 --------------------------
```
Invoke-ReverseDnsLookup '74.125.228.1,74.125.228.4-74.125.228.6'
```

IP              HostName
--              --------
74.125.228.1    iad23s05-in-f1.1e100.net
74.125.228.4    iad23s05-in-f4.1e100.net
74.125.228.5    iad23s05-in-f5.1e100.net
74.125.228.6    iad23s05-in-f6.1e100.net

Description
-----------
Returns the hostnames of the IP addresses specified by the IP range specified.

### -------------------------- EXAMPLE 3 --------------------------
```
Write-Output "74.125.228.1,74.125.228.0/29" | Invoke-ReverseDnsLookup
```

IP                                                          HostName
--                                                          --------
74.125.228.1                                                iad23s05-in-f1.1e100.net
74.125.228.1                                                iad23s05-in-f1.1e100.net
74.125.228.2                                                iad23s05-in-f2.1e100.net
74.125.228.3                                                iad23s05-in-f3.1e100.net
74.125.228.4                                                iad23s05-in-f4.1e100.net
74.125.228.5                                                iad23s05-in-f5.1e100.net
74.125.228.6                                                iad23s05-in-f6.1e100.net

Description
-----------
Returns the hostnames of the IP addresses piped from another source.

## PARAMETERS

### -IpRange
Specifies the IP address range.
The range provided can be in the form of a single IP address, a low-high range, or a CIDR range.
Comma-delimited ranges may can be provided.

```yaml
Type: String
Parameter Sets: (All)
Aliases: 

Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
```

## INPUTS

## OUTPUTS

## NOTES

## RELATED LINKS

[http://www.exploit-monday.com
https://github.com/mattifestation/PowerSploit]()