Netcat is a utility which reads and writes data across network connections, using TCP or UDP. It is known as a "Swiss-army knife for TCP/IP". Here are some useful netcat tricks.
Simple Client
To connect to the SMTP server (srv), we type:
nc srv 25
One-shot Server
To provide a uptime service on a unix/linux system, we type:
nc -l -p Port# -e /usr/bin/uptime
where Port# is the service port number, uptime the utility reporting system uptime.
Simple Server
To provide a fixed web page (index.html) service on a unix/linux, we type:
while true; do {echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c < index.html)\r\n\r\n"; cat index.html; } | nc -l -p Port#; done
To implement a log server that logs the first 500 bytes data from any client, we type:
while true; do nc -l -p Port# | head -c 500 >> LogFile; date >> LogFile; done
where LogFile is the name of our log file, each log record is followed by a time stamp.
To set up a backdoor shell, we type:
nc -l -p Port# -e /bin/sh
File Transfer
To push a file (FileName) from host A to host B (hostB) , we type
nc -l -p Port# > FileName
on host B, and
nc -q 10 hostB Port# < FileName
on host A.
To pull a file (FileName) from host A (hostA) back to host B, we type
nc -q 10 -l -p Port# < FileName
on host A, and
nc hostA Port# > FileName
on host B.
Chat Service
To set up chat server (srv), we type:
nc -l -p Port#
on srv, and on chat client, we type:
nc srv Port#
Port Scanner
Netcat can be a port scanner. It does not have as many features as nmap, but if we just want to see what ports numbered between 1 to 1024 are open on host with IP address 192.168.0.1, we type:
nc -z -v -n -w 1 192.168.0.1 1-1024
where -z specifies scanning, -v verbose, -n no DNS, -w 1 timeout after 1 second.
UDP mode
The option -u puts netcat to operate in UDP mode.
Showing posts with label socket. Show all posts
Showing posts with label socket. Show all posts
Sunday, February 3, 2013
Saturday, January 5, 2013
find all file descriptors used by a process
A file descriptor (FD) is an abstract indicator for a file accessing. In Unix-like systems, file descriptors can refer to many different objects besides files, such as pipes, unix domain sockets, and internet sockets.
lsof (list open files) is an open source command to report a list of open files and the processes that opened them. To find all file descriptors used by the process with pid, we may issuing the command:
lsof -p pid
To find all internet sockets used by the process with pid, we may issue:
lsof -i -n -P | grep pid
where, -i specifies listing IP sockets only, -n no translation of hostnames, and -P no translation of port names.
What if lsof is not available on your system?
If your system implements the procfs (proc filesystem, /proc), all file descriptors used by the process with pid can be found in the directory /proc/pid/fd. Therefore, on linux systems, you may issue:
ls -l /proc/pid/fd
to get your job done. However, other approach is needed for FreeBSD systems, since procfs is being gradually phased out on FreeBSD. Both fstat (-- identify active files) and procstat (-- get detailed process information) allow us to achieve our goal. You may issue:
fstat -p pid
or,
procstat -f pid
where, pid is the process id of your interest.
lsof (list open files) is an open source command to report a list of open files and the processes that opened them. To find all file descriptors used by the process with pid, we may issuing the command:
lsof -p pid
To find all internet sockets used by the process with pid, we may issue:
lsof -i -n -P | grep pid
where, -i specifies listing IP sockets only, -n no translation of hostnames, and -P no translation of port names.
What if lsof is not available on your system?
If your system implements the procfs (proc filesystem, /proc), all file descriptors used by the process with pid can be found in the directory /proc/pid/fd. Therefore, on linux systems, you may issue:
ls -l /proc/pid/fd
to get your job done. However, other approach is needed for FreeBSD systems, since procfs is being gradually phased out on FreeBSD. Both fstat (-- identify active files) and procstat (-- get detailed process information) allow us to achieve our goal. You may issue:
fstat -p pid
or,
procstat -f pid
where, pid is the process id of your interest.
Subscribe to:
Posts (Atom)