[TOOL] Version 0.2 of bing-ip2hosts released

[Andrew Horton <andrew () morningstarsecurity com>]

I've just released version 0.2 of bing-ip2hosts.

Introduction
------------
Bing.com is a search engine owned by Microsoft formerly known as MSN Search and Live Search. It has
a unique feature to search for websites hosted on a specific IP address. This feature is can be used
with the IP: parameter in the search query as shown in the image above.

Bing-ip2hosts uses this feature to enumerate all hostnames which Bing has indexed for a specific IP
address. This technique is considered best practice during the reconnaissance phase of a penetration
test in order to discover a larger potential attack surface. Bing-ip2hosts is written in the Bash
scripting language for Linux. This uses the mobile interface and no API key is required.


Changes
-------
* You can enter a hostname not just an IP, eg. bing-ip2hosts foo.com
* Uses /tmp instead of the current path for creating temporary files
* Optional CSV output. Outputs the IP and hostname on each line, separated by a comma.
* Optionally prefix hostnames with http:// so they can be right-clicked in the shell


Example Usage
-------------
Pit one search engine against another

        $ bing-ip2hosts www.google.com
        66.102.7.104
        code.google.com
        desktop.google.ca
        desktop.google.com
        desktop.google.com.ar
        desktop.google.com.br
        desktop.google.cz
        desktop.google.es
        desktop.google.it
        desktop.google.jp
        desktop.google.nl
        desktop.google.sk
        ejabat.google.com
        finance.google.co.uk
        guru.google.co.th
        hp-eds.com
        otvety.google.ru
        toolbarqueries.google.com.sv
        toolbarqueries.google.de
        toolbarqueries.google.fr
        toolbarqueries.google.it
        www.desktop.google.be
        www.google.com
        www.google.uz

Hope for undocumented facebook stuff and get disappointed

        $ ./bing-ip2hosts -p developers.facebook.com
        http://ar-ar.facebook.com
        http://clk.facebook.com
        http://da-dk.facebook.com
        http://de-de.facebook.com
        http://developers.connect.facebook.com
        http://developers.facebook.com
        http://developers.facebook.dk
        http://developers.facebook.es
        http://developers.facebook.pl
        http://developers.facebook.se
        http://developers.facebook.vn
        http://es-es.facebook.com
        http://it-it.facebook.com
        http://ja-jp.facebook.com
        http://nb-no.facebook.com
        http://pt-br.facebook.com
        http://stanford.facebook.com
        http://sv-se.facebook.com
        http://wiki.developers.facebook.com
        http://www.facebook.com

Find some websites hosted by the BBC and wonder wtf they're doing

        $ ./bing-ip2hosts -p bbc.co.uk
        http://bbc.co.uk
        http://bbcstudiosandpostproduction.com
        http://censsa.co.uk
        http://cheapserve.co.uk
        http://cheekboneonline.com
        http://coconutloving.com
        http://cybusindustries.net
        http://desperaterussianhousewives.co.uk
        http://geocomtex.net
        http://haroldsaxon.co.uk
        http://itsnoteasybeinggreen.org
        http://kodiakjackcabins.com
        http://rudemasood.co.uk
        http://shamansburys.com
        http://tv-anytime.org
        http://venusclinic.co.uk
        http://www.bbc.co.uk


Homepage
--------
http://www.morningstarsecurity.com/research/bing-ip2hosts


If you find anything really interesting with bing-ip2hosts then I'd like to hear from you.


-- 
Cheers,

Andrew Horton

MorningStar Security
Mobile +64 (0) 272 646 959
Web http://www.morningstarsecurity.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/