Tip:
Highlight text to annotate it
X
this tactic has brought to you by hack violent viewers like you
support us directly at hack shop dot com
welcome back tip the show we take acting seriously
we break down concepts tools and techniques for hackers gurus and I
teenagers
and Shana Morrison today I'm checking out options and your tips
so what's go ahead and start with the help file format cat not gonna take this
off because it might
so let's go ahead and jump onto my linux machine
we're gonna type in and SeaTac H and we have our beautiful menu
now we haven't gone over all the different options that are available to
you so let's go ahead and take a quick look at
a few of the other ones in here so first off we checked out tak
age which is the help file tak L for less intact p for port
but we didn't get to use tact gern
case G so these two options let's start with the lower case G this lets you
force
data stream through your network to a certain path
now the uppercase G will track that connection in can be used for
troubleshooting network problems
now after that as we go down menu is tacked oh the one right in the middle
that says
output equals file this files going to dump data into a file if your choice and
then it can be used as a sniffer for a man in the middle attack
so one example there's a really good example could be grabbing chat sessions
while they are transferring 11
from one plant to another computer and then dumping that information into a
text file
next up we have that s option tak
s de Armas also kinda mean but also source
equals address so this option can be used for something like this
netcat can protect your server from on authorized access by telling you about
any new connections trying to make the way in it can block them entirely
or can awesome thing route them to another port now sits neck at can only
handle one connection per instance
you have to make it open a new instance each time that it is hit with an
external probe
so this will make netcat close inbound connections
and then run another instance of it in another program very cool
now some other options that you will notice on this listing conclude attack
lower case TV for TCP known
tact you don't happen are at the bottom for you DP moan and talk
are for randomizing the local and remote ports now while we are going to go into
details on all these options because there are quite a few
I do hope that this whole netcat series has really helped to get started
now in a few moments we'll be checking out using netcat with interactive
program without using the tacky option but first
let's take a quick break the hacks opposite tack fives premier store for
all your pen testing needs including one of my favorites
the USB rubber ducky which looks like a flash drive
genotypes like a keyboard it can type scripts into a computer ridiculously
fast
like this we expect from mister gray in the forums he said this one is what
ok on a more serious note and it can be used to recover history and passwords
via the USB rubber ducky
horse so cool this is awesome I could definitely use the sometimes especially
when I forget my password
because I use different ones all over the place now of course we could
do the show without your support so we would like to thank you was something
special
you can use the coupon code snobs with any order
of the hack shop for your very own site hacked it stickers
thanks again for supporting the show up
and now we're back and I still have my sunglasses on
now I've got a handy tip from a fan but also attempt
up my own so let's start off with mine
now though it's uncommon you can also use Mac as a proxy so here's an example
what I decided to do so on my Linux computer I'm gonna take
in NC tech L tak p
1337 and then I'm going to pipe
this into Google www
pope schemes will NC
www every damn Google dot com on port
eighty now when I press and her this is going to make neck at listen on port
1337
and will pipe all the connections to redirect to Google dot com import eighty
now if we go into my browsers are open that real quick
well and if we go over to
127 that 0 da 0 doubt wine
named pipe this through that same port 1337
we don't get anything it's just going to load for very very long time
and over in the terminal we get a whole bunch of gibberish it doesn't really
make any sense
another when you can try is example dot com which will give you some HTML or
it'll just give you a 404 page
now we're just seeing this information in the terminal net kak
but because we haven't whole neck had to fight back out to the browser
so this is going to be a bi directional pipe as well I'm gonna do next
so I'm gonna close this term nope can close that
and we see that the connection was reset that's no good so we're gonna open up
terminal again
the startup neck again once your hands and the in a little bit
name ago so now what I'm going to do is have netcat pipe data on port 1337 to
Google dot com at Port eighty
which in turn will pipe information back album that cat on port 133
8 so to do this I have my bi directional pipes I'm gonna type in
and sea-tac Eltek p 1337
my pipe my first bite and see WWW dot
Google dot com on port eighty
me Pipit right back to reduce second pipe
and this one is going to be and seed tech ok so listen on port
Ann 1338 of course you can change the sports to whatever you want to
so I'm gonna press and her on this and now in the browser I'm gonna go again to
do the same
place 127 does your thoughts here a doubt one if I hit 1337 again
nothing happens but if I go up here in type in 1338
we get Google that comp now go back to my terminal you also see
actual HTTP information that is being really back to you from Google
so how cool it takes us directly to the site super easy
now our second tip in previous episodes
we covered in that cat with a tacky to create shell
tacky will allow you to execute any kind program but what if your
version a black cat doesn't have the tacky option for instance the knack at
netcat OpenBSD package
included with most boon to installations doesn't have Tasha
eat well linden it's there's is a pretty simple hack
where you can actually use and it's called back pipe
sewer pipe sometimes called if i phone or file in file out
is a special device that allows us to easily shuttle data back and forth
between a process
so we're going to make this using the MK did not command so I'm gonna type and
its go ahead and cancel out there
and Kate not slashed EMP
flashback pipe
p
so this is going to create the special filed back pipe in the temp directory
with the PE option which makes a named pipe
now we can pipe the input in the output over interactive program to listening
that cat session
so for that we're going to need an interactive program so how about we use
the world-famous text adventure from 1981
dork yeah cuz it's awesome
so I have stored downloaded in my home directory slash resort
and I can run it with crops so I'm gonna type that in
fr 0 TZ and then I took type in whole slosh
is or work slash data slashed
resort one dot debt
press Enter so it starts up this really cool adventure game and of course you
can grab your own copy on that over Apple Inc which are linked to mention
notes you can run anytime with the sprouts utility so you will probably
need to install frost's as well as you know apt-get install frauds
now is or can france installed we need to Brian
something a little bit different so we can run this file
sign in to type in frauds data
slashed resort one-dot
dat space 0 and then we type n
carrots slash temps
flashback pipe stairs are backed by
again and we're going to Pike this to NC tak
L attack p and I'm gonna use the port 1,2,3,4,5
one know a carrot to close that
and then we use lashed out slash back pipe
and finally we can connect from our other machine suddenly hit Enter on that
one
I'll and it gives me an invalid option
0 *** I know I did that okay so we have the command up here and I forgot to
add the home directory slashes or get the friend
at the beginning so don't forget to do that Press enter
now on our other machines I'm also using my Windows box for this example I'm
going to type in a separate
netcat command to basically pipe
over to this one and get all the information from sort all the input and
output
so for this 1 I'm going to type n netcat
and then I'm gonna type in the IP address have my Linux computer
where's orcas running 1145 same port 23 45
enter and we got it
so it looks very chinky on here but you can basically really what's going on so
west of house
you're standing in an open field Westover a white house with a ported
up something there is a small mailbox here so I'm going to type in
open mailbox the mailbox for real leaflets
a what see look at leaflet
though rick is a game and adventure Dana
danger in Lok honey I
has you get the point you so now we can have fun text adventure goodness over
neck at
who new so without about wraps it up but as far as our series goes on at cat but
I would like to know what you would like to see me cover on
are for their future hot tips do you want to see more on that capped
you can I send me a comment below or you can email us to read tips
at hack 5.0 ordered and be sure to check out our sister show hack pfeiffer
printable fun this and more great stuff just like that I'll be there reminding
you to trust your technologist
up
welcome at tip I
school we I from ***
up