NeilSec: Security Learning Blog

Pentesting, infosec, hacking, learning.

  • Home
  • Knowledgebase

host

2018-01-24 by Neil Leave a Comment

host is a simple tool for looking up DNS records. Usage: host [-aCdlriTwv] [-c class] [-N ndots] [-t type] [-W time] [-R number] [-m flag] hostname [server] host -t ns domain.com - get nameservers host -t mx domain.com - get mx records host www.domain.com - get IP address Continue Reading

tcpdump

2018-01-22 by Neil Leave a Comment

To analyse a capture file tcpdump -r capture_file.pcap general monitoring -i any = listen on any interface -i eth0 = listen on eth0 interface -n = do not resolve hostnames -q = quiet (less verbose) -t = timestamp -tttt = maximally readable timestamp -v,vv,vvv = verbosity -A = display in ASCII -X = display in Hex -w = write to file -r = read a capture file tcp = capture TCP only (tcpdump -i eth0 tcp) filter for source destination IP tcpdump -n src host 192.168.3.45 -r dumpfile.pcap tcpdump -n dst host 192.168.3.45 -r dumpfile.pcap filter for port number tcpdump Continue Reading

awk

2018-01-22 by Neil Leave a Comment

awk is a pattern scanning and processing language. However it can be used more simply as a command line filter that operates at the field level rather than the line level like grep does. A typical awk statement: awk -F: '{print $3}' This is in two sections. The first is awk -F: which means use a colon as the field separator if you used -F" ", that would mean use a space as the field separator The second part is: '{print $3}' This is saying to print the 3rd field as defined by the field seperator by -F For example, the passwd file gives us entries such as this Continue Reading

netcat, ncat & sbd

2018-01-17 by Neil 2 Comments

netcat Netcat is a tool that reads or writes to/from TCP and UDP network sockets. It can act as a client or server or scanner. The simplest possible use is: As a network client nc 10.0.0.1 25  - netcat will attempt to connect (as a client by default) to port 25 (using TCP by default) on that IP address. It accepts a number of options: -v = verbose - give more information -vv = very verbose -n = no DNS lookup As a listener nc -nlvp 5555 - will bind to local port 5555 and listen for incoming connections -l = listen mode -p = port number You can then use another instance Continue Reading

Next Page »

About Me

I’m currently a systems admin / consultant at a IT firm who looks after the computer systems of small businesses in the UK. IT security is only a part of that job. However I’ve always enjoyed breaking into, getting around, subverting and otherwise hacking things, systems and ideas. In tackling some low-level IT security tasks I reignited my interest in the field and this blog charts my progress in the world of Computer Security, legal Hacking, Penetration Testing, Infosec – whatever you want to call it. As a Windows guy I’m learning about Linux, shell-scripting, python and all the other skills needed in this field.

Tags

Apache Boot-to-Root CTF curl dib Dirbuster FreeBSD Hack The Box Linux mysql NFS Penetration Testing PHP RCE shell VulnHub Wordpress

Categories

© 2023 · NeilSec;