![首頁 Logo Keith ]p !!](themes/mytheme/logo.png){kind=logo}
更新時間: 2018-09-21
目錄
- 安裝
- 軍刀六用
- 1) telnet
- 2) port listening
- 3) transferring file
- 4) port scanning
- 5) proxy
- 6) backdoor
-
Scripts
- chk-port.sh
安裝
apt-get install netcat
Telnet
# it handles binary data as regular data
nc -t 192.168.1.2
# use another source ip
nc -s <source_ip> -t <target> 25
opt:
-s, --source addr
-p, --source-port port
-C, --crlf # Use CRLF for EOL sequence
Port_Listening (Chatting)
nc -l -p 12345
Transferring File
# 公開檔案 (傳送)
$ tar -jcf - /data | nc -l -p 6666
# 提取檔案 (接收)
$ nc <對方ip> 6666 | tar -jxf
Port Scanning
$ nc -v -n -z -w 1 192.168.1.2 1-1000
-n # prevents DNS lookup
-z # Zero-I/O mode. In both cases, no data is transfered.
In connect mode
it means that as soon as the port is open it is immediately shutdown and closed.
In listen mode
it makes netcat refusing all the incoming connections thus running in timeout (if set), or waiting forever.
-w1 # makes the connection timeout after 1 second of inactivity
i.e.
成功
nc -z -w 1 192.168.251.42 1433
Connection to 192.168.251.42 1433 port [tcp/ms-sql-s] succeeded!
失敗
nc -z -w 1 192.168.251.42 1434
echo $?
1
UDP
-u # Use UDP instead of the default option of TCP.
-v # Have nc give more verbose output.
-w N # sec
i.e.
nc -v -w 1 -u 192.168.123.33 500
Connection to 192.168.123.33 500 port [udp/isakmp] succeeded!
* 加 -v 後, 會有 3 個 udp package 發去對方.
# nc send single udp packet
echo '' | nc -u -w 1 datahunter.org 4001
Proxy
# Input (TCP Port: 1234) --> Web --> Output (TCP Port: 2345)
$ nc -l -p 1234 | nc www.google.com 80 | nc -l -p 2345
BackDoor
$ nc -l -p 12345 -e /bin/bash
Scripts
chk-port.sh
#!/bin/bash
msg="IPSec_Fail - Server-X"
email="admin@domain1 admin@domain2"
# check mssql
nc -z -w 1 192.168.251.42 1433
if [ $? != 0 ];then
echo $msg
echo "$msg" | mail -s "$msg" $email
fi
