whois

The whois command is a network utility used to query and retrieve information about domain names, IP addresses, and other network resources.

Basic Usage

whois [options] [domain or IP address]

How to extract files using whois

Set a Listener
Send the files you want
/etc/passwd extracted

we can see in the print below that it sends through the protocol WHOIS:

Wireshark Results
TCP Stream
PreviousKSHNextFinger

Last updated