echo 0x01
Jan 2022 »
Here are my one-liners that I often use in the scenarios. I call these funny little helpers. You can then easily use this with copy and paste.
Table of Content
FLH - funny little helpers
- my IP Address
- Target IP Address
- check for SSH
- check for HTTP
- get HTTP Header
- HOSTS Entry
- arp-scan
- Portscan using Netcat
- nmap-scan
my IP Address
export IP=$(ifconfig wlan0 | grep "inet " | awk '{print $2}')
Target IP Address
export TIP=$(sudo arp-scan $RANGE | grep PCS | awk '{print $1}')
or use alternarives (like arp-scan or netdiscover)
check for SSH
echo > /dev/tcp/$TIP/22; [ $? -eq 0 ] && echo 'SSH OPEN' || echo 'SSH CLOSED'
check for HTTP
echo > /dev/tcp/$TIP/80; [ $? -eq 0 ] && echo 'HTTP Server running' || echo 'HTTP Server not running'
get HTTP Header
printf "HEAD / HTTP/1.0\r\n\r\n" | nc $TIP 80
same like
curl -IL "http://$TIP"
HOSTS Entry
however, this operation only works if you are generally operating as a super user.
$THOST must be declared first, e.g. with export THOST=example.box
for checking echo $THOST
echo "${TIP} ${THOST}" >> /etc/hosts ; cat /etc/hosts | grep $THOST
arp-scan
sudo arp-scan $RANGE | grep PCS | awk '{print $1}'
Portscan using Netcat
a really primitive port scan that checks the range from 21 to 8080
nc -zv $TIP 21-8080
nmap-scan
nmap -T4 -A -v $(sudo arp-scan $RANGE | grep PCS | awk '{print $1}')
or
nmap -T4 -A -v $(echo $TIP)