Is there an easy way to make whois queries from the terminal have syntax coloring in the output so it would be easier to read? Something basic like coloring NOT FOUND in red, and field names and dates in different colors would already be useful. It doesn't matter if the coloring is not 100% accurate.

I am trying to verify this hashed password from my /etc/shadow file: $y$j9T$eia4V8bEUD9QBJAEwilXU.$TLUJexdhrx/q3Nc/YaCrlkVkrxUkimYn3o432pxFr90 I would like to pass the hash to mkpasswd this way but it fails:

$ mkpasswd -m yescrypt secret eia4V8bEUD9QBJAEwilXU.
Wrong salt length: 22 bytes when 0 expected.

$ mkpasswd -m yescrypt secret "$y$j9T$eia4V8bEUD9QBJAEwilXU.$"
crypt: Invalid argument

How can I pass the salt or parameters from the hashed string? By the way, I have found a way to verify the password with a python script as described in [this SO post](https://unix.stackexchange.com/a/707733/610218) , so it means we have enough info (parameters and salt) to compute the hash. But I would prefer to do it with mkpasswd:

$ python3 -c 'import crypt, os; print(crypt.crypt("secret", "$y$j9T$eia4V8bEUD9QBJAEwilXU.$"))'
$y$j9T$eia4V8bEUD9QBJAEwilXU.$TLUJexdhrx/q3Nc/YaCrlkVkrxUkimYn3o432pxFr90

I tried exporting into http_proxy and https_proxy but that didn't seem to work. I am guessing that there is another way to use a proxy when querying whois information from the command line?

When I run whois google.com, it shows following name servers:

Name Server: ns2.google.com
Name Server: ns4.google.com
Name Server: ns3.google.com
Name Server: ns1.google.com

So my question is, where is the source of this data? Can I make some kind of request (http/tcp/udp etc.) to get it directly from the "source", without doing whois command?

When we use whois suppose whois www.netflix.com shows that there is no match for the website in the whois database. But this works when we use whois netflix.com.

I have written this shell script to test sha-516 hash password string : myhash='$6$nxIRLUXhRQlj$t29nGt1moX3KcuFZmRwUjdiS9pcLWpqKhAY0Y0bp2pqs3fPrnVAXKKbLfyZcvkkcwcbr2Abc8sBZBXI9UaguU.' #Which is created by mkpasswd for test i=0 while [[ 1 -eq 1 ]] do testpass=$(mkpasswd -m sha-512 "test") i=$[ $i + 1 ] if [[ "$testpass" == "$myhash" ]]; then echo -e "found\n" break else echo -e "$myhash /= $testpass :-> $i Testing....\n" fi done After running **216107** numbers loop test I never found match.But in case of my linux OS(Ubuntu) system make so quickly match sign in credentials.My question is Why do I not get the same so quickly?

Everytime I try to install whois with: yum install whois -y I get an error that says: No package whois available. Error: Nothing to do Looks to me that repositories are messed up. Can I get some detailed help?

When using whois in linux, I notice that it fails to return results for second-level domain search like ubuy.com.se. Output: domain "ubuy.com.se" not found. Is there any alternative I can use in linux for this type of search?

i'm using manjaro. I'm trying to use: torify whois, torsocks whois, proxychais whois. I tried to do that with sudo command, and all this command give me back the same output: [Feb 23 21:15:57] PERROR torsocks: socks5 libc connect: Connection refused (in socks5_connect() at socks5.c:185) getaddrinfo(whois.verisign-grs.com): Non-recoverable failure in name resolution [manjaro@manjaro Desktop]$ I asked friend to do the same operation on his distro, and for him it work perfectly :( could someone help me with that ?

I've just notice this format when doing whois just now. What is the meaning of T and Z format in whois output? E.g. user@linux:~$ whois example.com Domain Name: EXAMPLE.COM Registry Domain ID: 2336799_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.iana.org Registrar URL: http://res-dom.iana.org Updated Date: 2019-08-14T07:04:41Z Creation Date: 1995-08-14T04:00:00Z Registry Expiry Date: 2020-08-13T04:00:00Z I assume T07:04:41Z was updated on 7:04:41. So this is time right? Hour, minute, second? What about T and Z? Is this UTC time? GMT+0?

I have asked this question about filtering out a LOG file The LOG file is : Jan 26 01:05:47 server54 kernel: [41s58.6w4335] INPUT:DROP: IN=eth4 OUT= MAC=d3:ss:43:23:23:43 SRC=1.1.1.1 DST=127.0.0.0 LEN=40 TOS=0x00 PREC=0x00 TTL=254 ID=65259 PROTO=TCP SPT=53252 DPT=22 WINDOW=14600 RES=0x00 RST URGP=0 The command is : tail -f -n 2 /var/log/kern.log | grep 'INPUT' \ | sed -E 's/^([0-9a-zA-Z: ]*[0-9]{2}:[0-9]{2}:[0-9]{2}).* \ (SRC=[0-9.:]+).*(DST=[0-9.:]+).*$/\1 \2 \3/g' and the output is : Jan 26 01:05:47 SRC=1.1.1.1 DST=127.0.0.0 Now I need to feed the result to whois command to get the country(Name or Code) of Source IP address(SRC=) and it would give me a result like this : Jan 26 01:05:47 SRC=1.1.1.1(US) DST=127.0.0.0(GH) I just wonder if there is such a capability in that command(tail) or bash script to goes into two direction , I mean, After printing out the filtered LOG, it get the source ip address by another sed and remove the SRC= : sed -E 's/^.*(SRC=[0-9.:]+).*$/\1/g'| \ sed -e 's/SRC=//g' | whois ?!!! and then feed it to whois command and return and add it it to printing result. Or i have to go to another approach because after each pipe the previous result is gone.

I have a list of IP addresses within a comma delimited CSV file. They are all located within column A. (ip.csv) I would like to use WHOIS, or if there is a better way please advise to check each of these IP addresses and then output the details to a new csv file (resolved.csv). This will need a column per descriptor in the WHOIS record, such as inetnum, netname, descr, country... Ultimately I am looking to parse the results to some form of useful data. Having installed WHOIS the whois 86.63.229.33 works great but this is complicated for new user. Merci

If I do time whois google.com it takes about a second to come back with a response to if a domain is registered or not. If I do (a non-existant domain) time whois fslafdjlsadjflsjdf.com It comes back very quickly. I want to be able to query several thousand domains to verify if they are registered or not (just a simple true/false) and I want to do it quickly. What is the best way to do this? The fact that the failure comes back so quickly seems to suggest there is something that will give back quick negatives.

Using the command line tools available in a common GNU/Linux distro (e.g. Fedora/Debian/Ubuntu/etc), is there a general way to get the value of some specific WHOIS field (e.g. the registrant's organisation name), ideally without having to build a custom WHOIS parser that is hard-coded to handle the differences between each registry's output? This seems worth asking, because the output from the whois command does not appear to be very consistent. For example, compare: $ whois trigger.io [...] Owner OrgName : Amir Nathoo [...] with: $ whois facebook.com [...] Registrant Organization: Facebook, Inc. [...] I would like, instead, to be able to pass, as arguments to some command: - the domain name - the desired field and have the output simply be the value of the desired field. For instance, based on the examples above, something like: $ some_whois_command -field organization_name trigger.io Amir Nathoo $ some_whois_command -field organization_name facebook.com Facebook, Inc. Is this possible? *Ideally, I would like the solution to centre on the whois command, e.g. with some suitable usage of -i, -q, -t, and/or -v, as I want to learn how to make effective use of these options. I will accept another solution as correct if necessary, however.*

When you do: $ whois stackoverflow.com does your Linux first do a DNS query, find the IP of stackoverflow.com, and then ask the information directly there? Or does it ask a "root" whois server (is the IP of the "root whois server" hardcoded in a Linux distribution, in a similar fashion to /etc/bind/db.root?), which then delegates to another whois server who gives the information? What is the connection flow? my computer doing whois ... ---> root whois server ---> another whois server ---> information or my computer doing whois ... ---> DNS server (?) ---> ... ?

I can use a web-service to lookup the IP Address allotted to a website and then do a reverse lookup to get more info. about range of the IP Address to whom it was allocated to. But from what brief understanding I have, this works well only with high-level domains only and gltds are with regional registries. For e.g. - $ host stackexchange.com stackexchange.com has address 151.101.1.69 stackexchange.com has address 151.101.65.69 stackexchange.com has address 151.101.129.69 stackexchange.com has address 151.101.193.69 Looking up any one of them gives me - $ whois 151.101.1.69 gives me output of one of the CDN providers of stackexchange.com but if I try the same say gov.in I come up short. $ host gov.in gov.in mail is handled by 5 mailgw.nic.in. It is only via a web-service I can come to know that gov.in is under apnic and the address range given therein. Is there any other way to do that from within the CLI ? To have IP Address range lookups of root domains from within command-line ? Edit - Giving more info. as asked by Jasen - https://www.site24x7.com/find-ip-address-of-web-site.html I gave it indianvisaonline.gov.in as the IP Address I wanted info. on In turn it gave me 164.100.129.11 which while doing a whois reveals is a range of addresses owned by NIC which is under apnic. I want to know if there is a way to do this without going to a webpage. Could the part of https://www.site24x7.com/find-ip-address-of-web-site.html be done a. without needing that web service or b. if we need that web service, do it within the command-line without resorting to using a web-browser. Best scenario would be if a. could be achieved, failing that b. would also be good.

I am trying to lookup the WhoIs entry for the following domain: anorien.csc.warwick.ac.uk However, while typing the URL directly into the browser displays a web-page, when I type: whois anorien.csc.warwick.ac.uk into the Linux command-line I get the following error: No such domain anorien.csc.warwick.ac.uk How is this possible?

i have Kali Linux version 2016.1 installed on my system. i am trying to run command "whois " but there is an error "bash: whois: command not found"

Sometimes, I look up the whois for an IP address, and only see NIC handles listed. How do I look up those handles directly using the command line whois client? I've tried whois but that doesn't work. I see that there is a -T option, but for the life of me can't figure out what type I should put for a NIC handle. Better yet, is there a way to have each NIC handle listed by whois automatically looked up as part of the original query?

What's the best way to trim the massive disclaimer from the end of the whois output? It looks something like this: >>> Last update of WHOIS database: 2017-01-30T20:17:39Z <<< For more information on Whois status codes, please visit https://icann.org/epp Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to(a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.