SmartSniff 过滤器的规则
[require|exclude] : [local|remote|both] : [tcp|udp|tcpudp|icmp|all] : [IP Range|Ports Range] [显示|排除] : [本地|远程|双向] : [tcp|udp|tcpudp|icmp|all] : [ip地址范围|端口范围]监听
nc -l 8888 nc -k -l 8888 # 持续监听连接
nc 127.0.0.1 8888检查端口
nc -v -w 5 127.0.0.1 8888端口扫描
nc -v -w 2 -z 127.0.0.1 20-80 # -w 超时时间 -z 发送0值 nc -u -v -w 2 -z 127.0.0.1 20-80 # udp文件传输
nc -l 8888 > data.gz nc 127.0.0.1 8888 < data.gz多个文件或大文件传输
nc -l 8888 | tar -C /www -xz tar cz /www | nc 127.0.0.1 8888加密传输
nc -l 8888 | openssl enc -aes-256-cbc -d -pass pass:dotcoo | tar -C /www -xz tar cz /www | openssl enc -aes-256-cbc -pass pass:dotcoo | nc 127.0.0.1 8888发送/接收
while true ; do date "+%Y-%m-%d %H:%M:%D"; done | nc 127.0.0.1 8888 nc -k -l 8888 | while read line ; do echo $line; done请求/响应
mkfifo msg & tail -f msg | nc -k -l 8888 | while read req; do echo Request ":" $req ; echo world > msg; echo Response ":" world; done echo hello | nc 127.0.0.1 8888广播/订阅
# 广播 用golang 或 nodejs实现比较好 nc 127.0.0.1 8888 | while read line ; do echo $line; done # 订阅 cat list.txt | while read host port ; do echo close | nc $host $port; done # 广播 nc -k -l 8888 | while read line ; do echo $line; done # 订阅复杂远程调用
cat << EOF | nc 127.0.0.1 80 GET / HTTP/1.1 Host: 127.0.0.1 EOF指定网卡
tcpdump -i lo指定IP
tcpdump host 192.168.1.101指定通讯双方IP
tcpdump host 192.168.1.101 and \(192.168.1.102 or 192.168.1.103\)排除IP
tcpdump host 192.168.1.102 and not 192.168.1.103来源IP
tcpdump src host 192.168.1.102目标IP
tcpdump dst host 192.168.1.102指定端口
tcpdump port 80TCP数据
tcpdump tcpUDP数据
tcpdump udp打印数据包内容
tcpdump -A写入文件
tcpdump -w data.pcap读取文件
tcpdump -r data.pcap显示IP不显示域名
tcpdump -nHTTP请求
sudo tcpdump -Xs 0 \(tcp[20:4]=0x47455420 or tcp[20:4]=0x504f5354 or tcp[20:4]=0x48545450\) and host 192.168.1.120 and port 80 sudo tcpdump -Xs 0 -i lo0 \(tcp[20:4]=0x47455420 or tcp[20:4]=0x504f5354 or tcp[20:4]=0x48545450\)GUI工具
CocoaPacketAnalyzer SmartSniff Wireshark更多参考
http://drops.wooyun.org/%E8%BF%90%E7%BB%B4%E5%AE%89%E5%85%A8/8885
扫一扫
1654
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
