Johnermac
  • About me
  • Active Directory
    • PowerShell
      • Customize
      • Notes
      • ETW
      • AMSI Bypass
      • Obfuscation
    • Enumeration
      • Domain
      • GPO
      • ACL
      • Domain Trusts
      • Forest
      • Extra
      • BloodHound
      • BloodHound CE
  • Tunneling
    • Tools
      • Udp2Raw
      • Fraud Bridge
      • Chisel
      • SSF
      • Egress-Assess
      • Ligolo-ng
      • Sshutle
      • Rpivot
      • Tunna
      • reGeorg
      • Neo-reGeorg
      • PivotSuite
  • Post-Exploitation
    • Data Exfiltration
      • HTTP
        • Cancel
        • wget
        • bash
        • busybox
        • IRB
        • PHP
        • Ruby
      • ICMP
        • XXD
        • Ruby
        • Python
      • UDP
        • Netcat
      • TCP
        • Netcat
        • KSH
        • whois
        • Finger
      • HTTPS
        • Python
        • OpenSSL
  • BLOG
    • Articles
      • Pivoting for Red Teaming
Powered by GitBook
On this page
  • Basic Usage
  • How to extract files using whois
  1. Post-Exploitation
  2. Data Exfiltration
  3. TCP

whois

The whois command is a network utility used to query and retrieve information about domain names, IP addresses, and other network resources.

PreviousKSHNextFinger

Last updated 2 years ago

Basic Usage

whois [options] [domain or IP address]

How to extract files using whois

we can see in the print below that it sends through the protocol WHOIS:

Set a Listener
Send the files you want
/etc/passwd extracted
Wireshark Results
TCP Stream