WHOIS

Default Port: 43

WHOIS is a query and response protocol that is widely used for querying databases to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system.

By using the WHOIS protocol, you can gather an extensive amount of information regarding a target.

Domain owner
Domain Registrar
Name Servers
Creation Date
Expiration Date
Last Updated
State and Country etc.

Enumeration

You can gather a substantial amount of information using the WHOIS protocol.

whois hackviser.com

Python's python-whois library offers a simple way to communicate with the WHOIS protocol:

import whois
w = whois.whois('hackviser.com')
print(w)

print(w.status)
print(w.name)
print(w.org)
print(w.address)

Attack Vectors

Even though WHOIS itself doesn't have any direct vulnerabilities, It can inadvertently lead to security breach by leaking sensitive information.

Information Leakage

Basic reconnaissance and data gathering might allow an attacker to obtain sensitive information like contact information, addresses, registered domains, and many more.

whois example.com

Domain Expiration

An attacker could deny the service by waiting for the domain to expire and then registering the domain for themselves.

whois example.com | grep "Expiry Date"

WHOIS

Enumeration​

Attack Vectors​

Information Leakage​

Domain Expiration​

Enumeration

Attack Vectors

Information Leakage

Domain Expiration