NetCat Last Day (4)
Results 1 to 3 of 3

Thread: NetCat Last Day (4)

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786

    NetCat Last Day (4)

    In NetCat Day One i said I would illustrate how to script nc sessions. None of the ones listed can be considered hacking into a server but still might cause you to get dumped by your isp so use your head. But these tuts wouldn't be complete without explaining how nc scripts work


    FTPSCAN: attempts an anoymous logon to a list of ftp servers

    ftpscan.txt
    =+=+=+=+=+=+=+=+
    user anonymous
    pass BGates@ms.com
    foo
    bye
    =+=+=+=+=+=+=+=+

    cmd line:

    for /f "tokens=1" %x IN (c:\ftplist) DO nc -vv %x 21 <ftpscan.txt |more >>c:\ftpanon.txt

    the above command must be made on one line. The results are saved to c:\ftpanon.txt


    if the output file is large use the edit>>find option in notepad to find entrys containing the string "foo". Because for the word to appear in ftpanon.txt nc had to be logged in.

    the "for" command will not work in win9x you must be using NT or above. The nc script will however work without it:

    nc -vv xxx.xx.xxx.x 21 <ftpscan.txt |more >>ftpanon.txt


    Heres one to help enumerate web servers on a given list:

    webenum.txt
    =+=+=+=+=+=+=+=+
    GET /http/1.0

    =+=+=+=+=+=+=+=+

    http protocol dictates two "\n" or new line characters at the end of a request in order to get a response so include a blank line after the get statement (hit enter twice after typing it in and save)

    cmd line:

    for /f "tokens=1" %x IN (c:\wwwlist) DO nc -vv %x 80 <wwwscan.txt |more >>websvrs.txt

    the same command would work on 1214

    there was a post on AO by nebulus200
    http://www.antionline.com/showthread...066#post596630
    regarding the detection of servers vulnerable to XTS (cross trace scripting). The signiture of this prank has been released for IDS devices like snort. So i really would recomend you be careful using this one but here's how it works:

    trace.txt
    =+=+=+=+=+=+=+=+
    TRACE / HTTP/1.0
    X-Header: test

    =+=+=+=+=+=+=+=+

    for /f "tokens=1" %x IN (c:\wwwlist) DO nc -vv %x 80 <wwwscan.txt |more >>websvrs.txt

    Well that sums it up for this series of netcat tutorials.

    hope you learned something from them
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #2
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888

    Talking Greetings: :)

    I Say again very good stuff Tedob1, I now will reference my last post... here --> http://www.antionline.com/showthread...hreadid=239104





    I have a question; are you the bug, or the windshield?

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    Sorry aeallison for not linking to the previous ones. with the amount of interest they've generated looking them up requires more energy than its worth right now. hell they don't even get listed in the index. Before the weekend is over though ill gather them together zip them up and give a link to them. wouldn't be good to leave a job unfinished. Very plesed you like them. thanks
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides