Whois 收集

Whois是什么

Whois（读作“Who is”）是一个标准的互联网协议，主要用于查询域名的注册信息，包括域名所有人、注册商、注册时间、过期时间等详细信息。简单来说，Whois就是一个用于查询域名是否被注册以及注册域名详细信息的数据库。通过Whois查询，用户可以快速获取到域名的相关注册信息，为后续的域名管理、交易、网络安全防护等提供基础数据支持。

收集Whois有什么用

收集Whois信息在渗透测试中具有多方面的用途：

• 确定目标范围：通过收集目标域名的Whois信息，可以了解目标域名的所有者、注册商等基本信息，从而确定渗透测试的目标范围。
• 发现潜在漏洞：Whois信息中可能包含与目标域名相关的其他域名或服务器信息，这些信息可能成为渗透测试的突破口，帮助测试人员发现潜在的安全漏洞。
• 联系域名所有者：在某些情况下，测试人员可能需要与域名所有者联系，以告知其存在的安全漏洞或进行其他沟通。通过Whois信息中的联系方式（如邮箱、电话等），可以方便地联系到域名所有者。
• 辅助法律调查：在涉及网络犯罪或侵权行为的法律调查中，Whois信息可以作为重要证据之一，帮助执法机构追踪犯罪嫌疑人或侵权者。

如何收集Whois

在线Whois工具查询

①：大多数域名注册商和一些第三方网站都提供在线Whois查询服务。用户只需在搜索框中输入域名，即可获取相关信息。例如，可以使用站长之家、爱站网等网站的Whois查询功能。

②：专业的Whois查询网站，如whois.net、whois.com等，也提供了全面的Whois信息查询服务。

Linux命令查询

对于熟悉命令行操作的用户，可以使用whois命令在终端或命令提示符中直接查询。在Linux系统中，直接输入whois 域名即可获取查询结果；在Windows系统中，可能需要先安装相应的Whois工具或软件。

例如：

whois cnblogs.com

   Domain Name: CNBLOGS.COM
   Registry Domain ID: 106507487_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.35.com
   Registrar URL: http://domain.35.com
   Updated Date: 2024-06-25T19:17:30Z
   Creation Date: 2003-11-12T03:16:35Z
   Registry Expiry Date: 2027-11-12T03:16:35Z
   Registrar: Xiamen 35.com Information Co., Ltd.
   Registrar IANA ID: 4163
   Registrar Abuse Contact Email: [email protected]
   Registrar Abuse Contact Phone: +86.4006003535
   Domain Status: ok https://icann.org/epp#ok
   Name Server: VIP3.ALIDNS.COM
   Name Server: VIP4.ALIDNS.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2024-07-18T07:36:10Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: CNBLOGS.COM
Registry Domain ID: 106507487_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.35.com
Registrar URL: http://www.35.com
Updated Date: 2023-08-27T07:17:42Z
Creation Date: 2003-11-10T16:00:00Z
Registrar Registration Expiration Date: 2027-11-11T04:00:00Z
Registrar: Xiamen 35.Com Technology Co., Ltd
Registrar IANA ID: 1316
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +86.4001353511
Reseller: 
Domain Status: ok https://icann.org/epp#ok
Registry Registrant ID: Not Available From Registry
Registrant City: HANGZHOU
Registrant State/Province: ZHEJIANG
Registrant Country: CN
Registrant Email: https://rdap.35.com/contact/domain/cnblogs.com
Admin Email: https://rdap.35.com/contact/domain/cnblogs.com
Tech Email: https://rdap.35.com/contact/domain/cnblogs.com
Name Server: VIP3.ALIDNS.COM
Name Server: VIP4.ALIDNS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2024-07-18T07:36:25Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

This data is provided by Xiamen 35.Com Technology Co., Ltd
for information purposes, and to assist persons obtaining information
about or related to domain name registration records.
35 Technology Co., Ltd. does not guarantee its accuracy.
By submitting a WHOIS query, you agree that you will use this data
only for lawful purposes and that, under no circumstances, you will
use this data to
1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via E-mail
 (spam); or
2) enable high volume, automated, electronic processes that apply
to this WHOIS server.
These terms may be changed without prior notice.
By submitting this query, you agree to abide by this policy.