enlaces:utilidades_de_red
Diferencias
Muestra las diferencias entre dos versiones de la página.
Ambos lados, revisión anteriorRevisión previaPróxima revisión | Revisión previa | ||
enlaces:utilidades_de_red [2018/11/01 16:35] – [Netcat] cayu | enlaces:utilidades_de_red [2019/01/22 15:34] (actual) – [Parser y formateador de salida NMap] cayu | ||
---|---|---|---|
Línea 348: | Línea 348: | ||
http:// | http:// | ||
- | |||
- | ==== Network Grep - ngrep ==== | ||
- | |||
- | Muestra y busca paquetes. Ngrep se esfuerza por proveer de la mayoría de características comunes del " | ||
- | |||
- | |||
- | Usage examples: | ||
- | |||
- | < | ||
- | ngrep '' | ||
- | |||
- | ngrep '' | ||
- | |||
- | ngrep '' | ||
- | |||
- | ngrep '' | ||
- | |||
- | ngrep ' | ||
- | |||
- | ngrep -iq 'rcpt to|mail from' tcp port 25 (monitor current delivery and print sender and recipients) | ||
- | |||
- | ngrep ' | ||
- | |||
- | ngrep -q ' | ||
- | Microsoft operating system?) | ||
- | |||
- | ngrep -iq ' | ||
- | |||
- | ngrep ' | ||
- | |||
- | ngrep ' | ||
- | |||
- | ngrep -v '' | ||
- | |||
- | ngrep -d le0 '' | ||
- | </ | ||
- | |||
- | |||
- | Useful flags: | ||
- | |||
- | < | ||
- | -A n (prints out " | ||
- | |||
- | -l (pipe the output of ngrep to another program for more processing) | ||
- | |||
- | -v (print all lines not matching the expression) | ||
- | |||
- | -d (specify the device you want to monitor) | ||
- | </ | ||
- | |||
- | |||
- | http:// | ||
- | |||
- | |||
- | Un posteo interesante en un blog : http:// | ||
- | |||
Línea 470: | Línea 414: | ||
- | ==== MSN Dump ==== | ||
- | |||
- | Sniffea eh interpreta lo que va por el puerto 1863 :p | ||
- | |||
- | <code perl> | ||
- | # | ||
- | # quick dirty msn sniffer | ||
- | # http:// | ||
- | # $Id: msndump.pl, | ||
- | |||
- | #To capture live traffic from device eth0 run: | ||
- | #msndump.pl -i eth0 | ||
- | |||
- | #To capture from tcpdump traffic.pcap file run: | ||
- | #msndump.pl -r traffic.pcap | ||
- | |||
- | # you need Net::Pcap and Net::Packet | ||
- | # use cpan or get manually | ||
- | # http:// | ||
- | # http:// | ||
- | |||
- | my $lowuid=' | ||
- | my $lowgid=' | ||
- | |||
- | my $filter = 'tcp and port 1863'; | ||
- | |||
- | # no modify below | ||
- | use Getopt:: | ||
- | use Net::Pcap; | ||
- | use NetPacket:: | ||
- | use NetPacket:: | ||
- | use Fcntl; | ||
- | $|=1; | ||
- | my $flags |= O_NONBLOCK; | ||
- | |||
- | my %opts; | ||
- | getopt(" | ||
- | if ( (!($opts{i})) && (!($opts{r})) ) { | ||
- | print "[ msndump - miscname.com ]\n Usage: | ||
- | exit; | ||
- | } | ||
- | |||
- | if ((!$opts{r}) && ($> != ' | ||
- | die ("you need uid 0\n"); | ||
- | } | ||
- | |||
- | # main loop | ||
- | my $exitvar = ' | ||
- | while ($exitvar == ' | ||
- | |||
- | # create pcap | ||
- | my $pcap = & | ||
- | if (!($pcap)) { | ||
- | die ("cant capture\n" | ||
- | } | ||
- | |||
- | # drop privs | ||
- | my $GID=" | ||
- | my $UID=" | ||
- | my $EGID=" | ||
- | |||
- | # -w if set | ||
- | if ($opts{w}) { | ||
- | open (FILEOUT,"> | ||
- | fcntl(FILEOUT, | ||
- | } | ||
- | |||
- | # capture loop | ||
- | if (($opts{c}) && ($opts{c} =~ /(\d+)/)) { | ||
- | print " | ||
- | | ||
- | $exitvar = ' | ||
- | } else { | ||
- | | ||
- | my %stats; | ||
- | Net:: | ||
- | print "saw $stats{ps_recv} packets, dropped $stats{ps_drop}\n"; | ||
- | } | ||
- | |||
- | # free it | ||
- | print " | ||
- | Net:: | ||
- | # close fh | ||
- | if ($opts{w}) { | ||
- | print "wrote $opts{w}.\n"; | ||
- | close FILEOUT; | ||
- | } | ||
- | } | ||
- | |||
- | # sub procs below | ||
- | sub cap_pkt { | ||
- | |||
- | my ($pcap, | ||
- | my $snaplen = 14096; # seen some big im's :( | ||
- | my $promisc = 1; # promisc of course | ||
- | my $timeout = 0; # timeout | ||
- | |||
- | # file.pcap? | ||
- | if ($opts{r}) { | ||
- | print " | ||
- | $pcap = Net:: | ||
- | if (!($pcap)) { | ||
- | | ||
- | } | ||
- | } else { | ||
- | |||
- | # set dev from cmdline | ||
- | $dev = $opts{i}; | ||
- | print " | ||
- | |||
- | # get netmask for filter | ||
- | if ((Net:: | ||
- | die (" | ||
- | } | ||
- | | ||
- | # open it | ||
- | $pcap = Net:: | ||
- | if (!($pcap)) { | ||
- | die (" | ||
- | } | ||
- | } | ||
- | |||
- | # sanity check | ||
- | if (!($pcap)) { | ||
- | die (" | ||
- | } elsif (!($mask)) { | ||
- | $mask = ' | ||
- | } | ||
- | |||
- | # make filter struct | ||
- | if (Net:: | ||
- | die (" | ||
- | } | ||
- | # apply | ||
- | Net:: | ||
- | |||
- | return $pcap; | ||
- | } | ||
- | |||
- | sub proc_pkt { | ||
- | |||
- | my($user_data, | ||
- | my ($user, | ||
- | |||
- | my $ip_obj = NetPacket:: | ||
- | #my $ip_obj = NetPacket:: | ||
- | |||
- | # check if its a message (or a p2p file transfer) | ||
- | # if your reading this, include ' | ||
- | if (($ip_obj-> | ||
- | ; | ||
- | } else { | ||
- | print $ip_obj-> | ||
- | # extract goodies | ||
- | if ( (($ip_obj-> | ||
- | $user = " | ||
- | } | ||
- | |||
- | if ($ip_obj-> | ||
- | $msg = $1; | ||
- | } | ||
- | |||
- | # display if we have both | ||
- | if (($user) || ($msg)) | ||
- | { | ||
- | | ||
- | { | ||
- | $user = " | ||
- | } | ||
- | if (!($opts{w})) { | ||
- | print " | ||
- | print " | ||
- | print " | ||
- | } else { | ||
- | print FILEOUT " | ||
- | print FILEOUT " | ||
- | print FILEOUT " | ||
- | } | ||
- | } | ||
- | } | ||
- | } | ||
- | </ | ||
==== Python Proxy ==== | ==== Python Proxy ==== | ||
Línea 739: | Línea 501: | ||
} | } | ||
</ | </ | ||
+ | |||
+ | ==== hping3 ==== | ||
+ | **hping3** is a free packet generator and analyzer for the TCP/IP protocol. Hping is one of the de-facto tools for security auditing and testing of firewalls and networks, and was used to exploit the Idle Scan scanning technique now implemented in the Nmap port scanner. The new version of hping, hping3, is scriptable using the Tcl language and implements an engine for string based, human readable description of TCP/IP packets, so that the programmer can write scripts related to low level TCP/IP packet manipulation and analysis in a very short time. | ||
+ | |||
+ | Like most tools used in computer security, hping3 is useful to security experts. | ||
+ | |||
+ | hping3 should be used to… *Traceroute/ | ||
+ | |||
+ | == Few commands == | ||
+ | Finding Hping3 | ||
+ | < | ||
+ | hping3 –h | ||
+ | </ | ||
+ | hping3 Default | ||
+ | < | ||
+ | hping3 -S 192.168.1.105 -p 80 | ||
+ | </ | ||
+ | Fragment Packets with hping3 | ||
+ | < | ||
+ | hping3 -f 192.168.1.105 -p 80 | ||
+ | </ | ||
+ | Sending Data with hping3 | ||
+ | < | ||
+ | hping3 -f 192.168.1.105 -p 80 -d 10 -E malware | ||
+ | </ | ||
+ | Traceroute with hping3 | ||
+ | < | ||
+ | hping3 -z -t 1 -S google.com -p 80 | ||
+ | </ | ||
+ | Predicting Sequence Numbers with hping3 | ||
+ | < | ||
+ | hping3 -Q -S google.com -p 80 | ||
+ | </ | ||
+ | hping3 for Uptime | ||
+ | < | ||
+ | hping3 --tcp-timestamp -S google.com -p 80 | ||
+ | </ | ||
+ | |||
+ | Ref.: @cyberhawksecurity | ||
+ |
enlaces/utilidades_de_red.1541090123.txt.gz · Última modificación: 2018/11/01 16:35 por cayu