Nslookup: Difference between revisions

From HackOps
Jump to navigation Jump to search
VisualWikitext
Created page with "= Nslookup = '''Nslookup''' is a classic DNS‑query utility used to obtain hostnames, IP addresses, and DNS record details. It supports both interactive and non‑interactive modes, making it useful for troubleshooting, enumeration, and passive reconnaissance during the information‑gathering phase. == <span id="options"></span>Common Options == === Query Types === {| class="wikitable" ! Option !! Description |- | <code>-type=A</code> || Request an IPv..."
 
No edit summary
 
Line 1: Line 1:
= Nslookup =
= Nslookup =


'''Nslookup''' is a classic DNS‑query utility used to obtain hostnames, IP addresses, and DNS record details. It supports both interactive and non‑interactive modes, making it useful for troubleshooting, enumeration, and passive reconnaissance during the information‑gathering phase.
'''Nslookup''' is a DNS query tool used to retrieve domain information such as IP addresses, mail servers, and DNS record details. It is useful in both troubleshooting and reconnaissance workflows, allowing direct queries to specific DNS servers and record types. Nslookup supports both interactive and single-line modes.


== <span id="options"></span>Common Options ==
== <span id="options"></span>Common Options ==
Line 9: Line 9:
! Option !! Description
! Option !! Description
|-
|-
| [[#ex-basic|<code>-type=A</code>]] || Request an IPv4 address (A) record
| [[#ex-a|<code>-type=A</code>]] || Query IPv4 address records
|-
|-
| [[#ex-mx|<code>-type=MX</code>]] || Request mail‑exchange (MX) records
| [[#ex-aaaa|<code>-type=AAAA</code>]] || Query IPv6 address records
|-
|-
| [[#ex-rev|<code>-type=PTR</code>]] || Perform a reverse lookup with a PTR query
| [[#ex-cname|<code>-type=CNAME</code>]] || Query canonical name records
|-
|-
| <code>-class=IN</code> || Specify the DNS class (default IN – Internet)
| [[#ex-mx|<code>-type=MX</code>]] || Query mail exchange records
|-
| [[#ex-soa|<code>-type=SOA</code>]] || Query start of authority records
|-
| [[#ex-txt|<code>-type=TXT</code>]] || Query text records
|-
| <code>-class=IN</code> || Set the DNS class (default: IN for Internet)
|}
|}


=== Server & Control ===
=== Server & Control ===
{| class="wikitable"
{| class="wikitable"
! Option !! Description
! Option !! Description
|-
|-
| [[#ex-dnsserver|<code>SERVER&nbsp;[DNS]</code>]] || Direct the query to a specified DNS resolver
| [[#ex-dnsserver|<code>SERVER</code>]] || Specify which DNS server to query
|-
|-
| <code>-port=<PORT></code> || Send the query to a custom UDP/TCP port
| <code>-port=<PORT></code> || Use a custom port for the DNS query
|-
|-
| <code>-retry=<COUNT></code> || Set the number of retry attempts for a query
| <code>-timeout=<SEC></code> || Set the query timeout in seconds
|-
|-
| <code>-timeout=<SEC></code> || Define the wait time before a query attempt times out
| <code>-retry=<COUNT></code> || Set the number of retry attempts
|}
|}


=== Output & Debug ===
=== Output & Debug ===
{| class="wikitable"
{| class="wikitable"
! Option !! Description
! Option !! Description
|-
|-
| [[#ex-debug|<code>-debug</code>]] || Enable verbose output, showing query packets and flags
| [[#ex-debug|<code>-debug</code>]] || Show detailed query information
|-
|-
| <code>-sil</code> || Suppress all banners and prompts in script usage
| <code>-sil</code> || Run in silent mode without prompts or banners
|}
|}


== Examples ==
== Examples ==


=== <span id="ex-basic"></span>Basic A‑Record Lookup ===
=== <span id="ex-a"></span>Query A Record ===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
nslookup -type=A example.com
nslookup -type=A example.com
</syntaxhighlight>
</syntaxhighlight>


=== <span id="ex-mx"></span>MX‑Record Lookup ===
=== <span id="ex-aaaa"></span>Query AAAA Record ===
<syntaxhighlight lang="bash">
nslookup -type=AAAA example.com
</syntaxhighlight>
 
=== <span id="ex-cname"></span>Query CNAME Record ===
<syntaxhighlight lang="bash">
nslookup -type=CNAME www.example.com
</syntaxhighlight>
 
=== <span id="ex-mx"></span>Query MX Record ===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
nslookup -type=MX example.com
nslookup -type=MX example.com
</syntaxhighlight>
</syntaxhighlight>


=== <span id="ex-rev"></span>Reverse (PTR) Lookup ===
=== <span id="ex-soa"></span>Query SOA Record ===
<syntaxhighlight lang="bash">
nslookup -type=SOA example.com
</syntaxhighlight>
 
=== <span id="ex-txt"></span>Query TXT Record ===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
nslookup -type=PTR 8.8.8.8
nslookup -type=TXT example.com
</syntaxhighlight>
</syntaxhighlight>


=== <span id="ex-dnsserver"></span>Query a Specific DNS Server ===
=== <span id="ex-dnsserver"></span>Use Specific DNS Server ===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
nslookup example.com 1.1.1.1
nslookup example.com 1.1.1.1
</syntaxhighlight>
</syntaxhighlight>


=== <span id="ex-debug"></span>Verbose Debug Output ===
=== <span id="ex-debug"></span>Enable Debug Mode ===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
nslookup -debug example.com
nslookup -debug example.com
</syntaxhighlight>
</syntaxhighlight>


== See Also ==
== See Also ==
* [[dig]]
* [[dig]]
* [[host]]
* [[host]]

Latest revision as of 18:30, 13 May 2025

Nslookup

Nslookup is a DNS query tool used to retrieve domain information such as IP addresses, mail servers, and DNS record details. It is useful in both troubleshooting and reconnaissance workflows, allowing direct queries to specific DNS servers and record types. Nslookup supports both interactive and single-line modes.

Common Options

Query Types

Option Description
-type=A Query IPv4 address records
-type=AAAA Query IPv6 address records
-type=CNAME Query canonical name records
-type=MX Query mail exchange records
-type=SOA Query start of authority records
-type=TXT Query text records
-class=IN Set the DNS class (default: IN for Internet)

Server & Control

Option Description
SERVER Specify which DNS server to query
-port=<PORT> Use a custom port for the DNS query
-timeout=<SEC> Set the query timeout in seconds
-retry=<COUNT> Set the number of retry attempts

Output & Debug

Option Description
-debug Show detailed query information
-sil Run in silent mode without prompts or banners

Examples

Query A Record

nslookup -type=A example.com

Query AAAA Record

nslookup -type=AAAA example.com

Query CNAME Record

nslookup -type=CNAME www.example.com

Query MX Record

nslookup -type=MX example.com

Query SOA Record

nslookup -type=SOA example.com

Query TXT Record

nslookup -type=TXT example.com

Use Specific DNS Server

nslookup example.com 1.1.1.1

Enable Debug Mode

nslookup -debug example.com

See Also

Retrieved from "https://hackops.wiki/index.php?title=Nslookup&oldid=60"