Difference between revisions of "Linux Commands"
Jump to navigation
Jump to search
Line 26: | Line 26: | ||
==Scanning== | ==Scanning== | ||
===tcpdump=== | ===tcpdump=== | ||
Parameters | Parameters | ||
* -n -- use numbers | * -n -- use numbers | ||
* -i <interface> | * -i <interface> | ||
Line 36: | Line 36: | ||
* -s <snaplen> -- length to capture (-s0 for all data) | * -s <snaplen> -- length to capture (-s0 for all data) | ||
Filter string | Filter string | ||
* Protocol | * Protocol | ||
** ether, ip, ip6, arp, rarp, tcp, udp | ** ether, ip, ip6, arp, rarp, tcp, udp | ||
Line 59: | Line 59: | ||
<pre>tcpdump [-i tap0] -n udp and src 10.10.10.10</pre> | <pre>tcpdump [-i tap0] -n udp and src 10.10.10.10</pre> | ||
* Show all TCP port 80 packets going to or from host 10.10.10.10 | * Show all TCP port 80 packets going to or from host 10.10.10.10 | ||
<pre>tcpdump [-i tap0] -n tcp and port 80 and host 10.10.10.10 | <pre>tcpdump [-i tap0] -n tcp and port 80 and host 10.10.10.10</pre> | ||
===hping3=== | ===hping3=== | ||
TCP Flags | |||
* --syn, --fin, --rst, --push, --ack, --urg | |||
Target selection | |||
* --rand-dest | |||
* --interface <int> | |||
Source selection | |||
* --spoof <hostname> | |||
* --rand-source | |||
Port selection | |||
* --destport <port> | |||
* --destport +<port> -- increment by one for each packet received | |||
* --destport ++<port> -- increment by one for each packet sent | |||
* --scan <portrange> | |||
* --baseport <port> | |||
* --keep -- don't increment the source port | |||
Speed options | |||
* --fast, --faster, --flood | |||
* --interval <N> -- interval in seconds | |||
* --interval u<N> -- interval in microseconds | |||
Other options | |||
* --count <N> | |||
* --beep | |||
* --file <filename> | |||
* --data <N> | |||
===Traceroute=== | |||
Parameters | |||
-f <N> -- Initial TTL | |||
-g <hostlist> -- Loose source route | |||
-I -- use ICMP Echo instead of UDP | |||
-m <N> -- maximum number of hops (default 30) | |||
-n -- numeric | |||
-p <baseport> -- set the base UDP port | |||
-w <N> -- wait N seconds (default 5) |
Revision as of 14:43, 15 July 2008
Recon
whois
$ whois [-h whois_server] name
nslookup
$ nslookup <target>
dig
- Types of record: NS, A, HINFO, MX, TXT, CNAME, SOA, RP, PTR, SRV
$ dig [@server] <name> [type]
- Zone transfer
$ dig [@server] <domain> -t AXFR * Iterative zone transfer <pre>$ dig [@server] <domain> -t IXFR=<N>
BiLE.pl
$ ./BiLE <target> <result_file> $ ./BiLE-weigh.pl <site_of_interest> <BiLE_output.mine> $ ./tld-expand.pl $ ./vet-IPrange.pl $ ./qtrace.pl
Scanning
tcpdump
Parameters
- -n -- use numbers
- -i <interface>
- -v -- be verbose
- -r <file>/-w <file> -- read from/write to file
- -x -- print hex
- -A -- print ASCII
- -X -- print hex and ASCII
- -s <snaplen> -- length to capture (-s0 for all data)
Filter string
- Protocol
- ether, ip, ip6, arp, rarp, tcp, udp
- Type
- host <host>
- net <network>
- port <portnum>
- portrange <start-end>
- Direction
- src
- dst
- Logic
- and
- or
- Show TCP against target 10.10.10.10 in ASCII
tcpdump [-i tap0] -n -A tcp and dst 10.10.10.10
- Show all UDP from 10.10.10.10
tcpdump [-i tap0] -n udp and src 10.10.10.10
- Show all TCP port 80 packets going to or from host 10.10.10.10
tcpdump [-i tap0] -n tcp and port 80 and host 10.10.10.10
hping3
TCP Flags
- --syn, --fin, --rst, --push, --ack, --urg
Target selection
- --rand-dest
- --interface <int>
Source selection
- --spoof <hostname>
- --rand-source
Port selection
- --destport <port>
- --destport +<port> -- increment by one for each packet received
- --destport ++<port> -- increment by one for each packet sent
- --scan <portrange>
- --baseport <port>
- --keep -- don't increment the source port
Speed options
- --fast, --faster, --flood
- --interval <N> -- interval in seconds
- --interval u<N> -- interval in microseconds
Other options
- --count <N>
- --beep
- --file <filename>
- --data <N>
Traceroute
Parameters -f <N> -- Initial TTL -g <hostlist> -- Loose source route -I -- use ICMP Echo instead of UDP -m <N> -- maximum number of hops (default 30) -n -- numeric -p <baseport> -- set the base UDP port -w <N> -- wait N seconds (default 5)