nagpentest

how to move files between 2 systems using nc. works on both linux and windows. on source/sending machine      #nc --lvp 2222 < sending_this_file.txt on target/receiving machine     #nc -nv target_ip_address 2222  > receiving _this_file.txt Building off of the previous example, we can accomplish more useful tasks. Because we are establishing a regular TCP connection, we can transmit just about any kind of information over that connection. It is not limited to chat messages that are typed in by a user. We can use this knowledge to turn netcat into a file transfer program. Once again, we need to choose one end of the connection to listen for connections. However, instead of printing information onto the screen, as we did in the last example, we will place all of the information straight into a file: netcat -l 4444 > received_file On the second computer, create a simple text file by typing: echo "Hello, this is a file" > original_file

Nmap scripts will cause nmap to do a port scan so they can find out which ports are open but nmap scipts without a version scan may not properly measure the target's configuration and vulnerabilities specially for services on non-configuration. By default nmap will check the top 100 most used ports for TCP/and or UDP # nmap -PN -sS target_ip_address -p 1-1024 --packet-trace  [ PN = indicates that we dont want to ping the target system, just scan it ;      sS   = do a SYN scan also known as stealth scan or half open scan ;     -p = list of the ports to scan ;      --packet-trace = makes nmap display the status and packet summary information      -PB   = same as default; use ICMP Echo Request; SYN to TCP 433; ACK to TCP 80, and ICMP Timestamp request (if UID 0)      -PE   = formerly -PI; send ICMP echo request (ICMP type 8)     -F = fast; will scan the top 100 most popular ports of TCP/UDP     --top-ports [N] = to scan the N most popular ports from teh nmap servi

# for i in 'seq 1 255'; do hping3 --count 1 x.x.x.$i; done [hping_an_address_space] # for i in 'seq 1 255'; do hping3 --count 1 x.x.x.$i 2>/dev/null | grep ip=; done [list those that repond, grep output for "ip="; taking the standard rror message and throwing them away ] # hping3 target_IP_address <-- # tcpdump -nn host your_IP_address and host target_IP_address -p -i tap0 <-- (possibly stop iptables on the source linux machine # hping3 -icmp -data 40 -file text.txt target_IP_address -p -i tap0 <-- (payload size of 40 bytes populated with a file called test.txt) # hping3 --icmp --interval 10 --beep target_IP_addres <-- (will continue to beep when  the source could ping the target_IP_address. beep will stop as soon as the network is disconnected) #!/bin/bash if [ "$1" == "" ] then echo "Uaage   /pingweeps.sh [network]" echo "E.g :/pingsweep.sh 102.168.1" else for ip in   `seq 1 254`