DMitry – Deepmagic Information Gathering Tool

o filename

     Create an ascii text output of the  results  to  the  “filename”

     specified.   If no output filename is specified then output will

     be saved to “target.txt”.  If this option is  not  specified  in

     any  form output will be sent to the standard output (STDOUT) by

     default.   This  option  MUST  trail  all  other  options,  i.e.

     “./dmitry -winseo target”.

i     Perform  an  Internet  Number  whois lookup on the target.  This

     requires that the target be in the form of  a  4  part  Internet

     Number  with  each  octal  seperated using the.notation. For

     example, “./dmitry -i”.

w     Perform a whois lookup on thehosttarget.  This requires that

     the  target  be  in  a  named  character  format.   For example,

     “./dmitry -w target” will perform a standard named whois lookup.

n     Retrieve  data  concerning the host, this includes

     Operating System, Web  Server  release  and  UpTime  information

     where available.

s     Perform  a  SubDomain search on the specified target.  This will

     use serveral search engines to attempt to locate subdomains  in

     the  form  of  There is no set limit to the level of

     subdomain that can be located,  however,  there  is  a  maximum

     string  length of 40 characters (NCOL 40) to limit memory usage.

     Possible subdomains are then reversed to an IP address, if  this

     comes  back  positive  then  the  resulting subdomain is listed.

     However, if the host uses an asterisk in their DNS  records  all

     resolve subdomains will come back positive.

e     Perform  an  EmailAddress  search on the specified target.  This

     modules works using the same concept as the SubDomain search  by

     attempting  to  locate  possible  email  addresses for a target

     host.  The email addresses may also be for possible subdomains

     of  the  target  host.  There is a limit to the length of the e

     mail address set to 50 characters  (NCOL  50)  to  limit  memory


p     Perform  a  TCP  Portscan  on the host target.  This is a pretty

     basic module at the moment, and we do advise users to use  some

     thing  like  nmap ( instead.  This module

     will list open, closed and  filtered  ports  within  a  specific

     range.  There will probably be little advancement upon this mod

     ule, though there will be some alterations to make it  a  little

     more  user friendly.  There are also other options for this mod

     ule that can affect the scan and its relative output.

f     This option will cause the TCP Portscan module to report/display

     output  of  filtered  ports.   These are usually ports that have

     been filtered and/or closed  by  a  firewall  at  the  specified

     host/target.   This  option  requires  that  the  poption be

     passed as a previous option.  For example,  “./dmitry  -pf  tar‐


b     This option will cause the TCP Portscan module to output Banners

     if they are received  when  scanning  TCP  Ports.   This  option

     requres  that  the  p  option be passed as a previous option.

     For example, “./dmitry -pb target”.

t     This sets the Time To Live (TTL) of  the  Portscan  module  when

     scanning individual ports.  This is set to 2 seconds by default.

     This is usually required when scanning a host that has  a  fire

     wall and/or has filtered ports which can slow a scan down.

Leave a Reply