network_tricks

AWK Commands to Parse Nessus

Use this command to pull the IPs out of the Ping Sweep that was run earlier.

grep report <range>-ping.lst | awk '{print $5}' > <range>-host.lst

Parse out the Ports using the following:

grep tcp <range>-fullport | awk -F/ '{print $1}' | sort -un > port.lst

To enable your network interface via commandline

ifconfig eth0 192.168.1.2 netmask 255.255.255.0
route add default gw 192.168.1.1

To check what options are running on a web server that has SSL enabled:

openssl s_client -connect 192.168.1.1:443

Then once you've connected:

OPTIONS / HTTP/1.1

-Or-

TRACE / HTTP/1.1
Host: IP or Hostname of server you're connected to.

Check if a DNS server allowed non-recursive queries (i.e. cache snooping)

dig @ip_address cnn.com +norecurse

If this returns a result, someone has visited this site and it exists in the cache.

If this does not return a result, it could be that no one has ever visited the site or the server does not allow non-recursive queries. To be sure which case it is, run the following command:

dig @ip_address cnn.com

Query a DNS server with DIG

Find out the name servers for a zone:

dig @server domain ns

Request all records for a zone from an authoritative server (Zone Transfer):

dig @server domain axfr

How to use Dig to check if a DNS server is using random source ports

dig +short @<IP_DNS_SERVER> porttest.dns-oarc.net txt

Bash Loops

FOR Loops

for VARIABLE in 1 2 3 4 5 .. N
do
    command1
    command2
    commandN
done
for (( EXP1; EXP2; EXP3 ))
do
    command1
    command2
    command3
done

WHILE Loops

while [ condition ]
do
   command1
   command2
   command3
done

How to Mount an NFS Share:

mount -t nfs nameofcomputer:/remote_directory /local_directory
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-Share Alike 2.5 License.