multi-port connection
ncÀº ÇÑ È£½ºÆ®¿¡ ÇÑ ¹ø¿¡ ¿©·¯ connection À» ¸¸µé¼ö ÀÖ½À´Ï´Ù. ÀÌ ¶§ ´ÙÀ½°ú °°ÀÌ ¿©·¯°³ÀÇ Æ÷Æ®¸¦ ±â¼úÇÒ ¼ö ÀÖ´Ù.
1. nc [target host] 20-30
ÀÌÈķΠǥÁØÀÔ·ÂÀ¸·Î ÀԷµǴ µ¥ÀÌÅ͵éÀº [target host] ÀÇ 20-30 »çÀÌ·Î ÇѲ¨¹ø¿¡ º¸³»Áö°Ô µË´Ï´Ù.
port scanning
[target host] ÀÇ ÁöÁ¤µÈ ¹üÀ§³»¿¡¼ÀÇ ¾î¶² Æ÷Æ®°¡ ¾î¶»°Ô »ç¿ëµÇ°í ÀÖ´Â °¡¸¦ °Ë»öÇÒ ¼ö ÀÖ´Ù.
2. nc -v -w 3 -z 210.183.235.15 20-30, 70-90
À§ÀÇ ¸í·ÉÀº ´ÙÀ½ °á°ú¿Í °°ÀÌ 20-30, 70-90 ±îÁöÀÇ Æ÷Æ®µé¿¡ ´ëÇÑ Á¤º¸¸¦ º¸¿©ÁØ´Ù.
3. [root@tsc13 ~/work]
4. # nc -v -w 3 -z ostsc.co.kr 20-30, 70-90
5. DNS fwd/rev mismatch: ostsc.co.kr.ostsc.co.kr != ns.ostsc.co.kr
6. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 22 (ssh) open
7. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 80 (http) open
8. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 79 (finger) open
À̰ͺ¸´Ù ´õ ÀÚ¼¼ÇÑ Á¤º¸¸¦ ¾ò°íÀÚ ÇÒ¶§´Â
9. echo QUIT l nc -v -w 3 [target host] [ports] ¶ó°í Çϸé ÀÀ´äÀ̳ª ¿¡·¯¸Þ¼¼Áö·Î ºÎÅÍ ¹öÀü Á¤º¸ µîµµ ¾òÀ» ¼ö ÀÖ½À´Ï´Ù.
¾Æ·¡ÀÇ ½ÇÇà°á°ú¸¦ º¸¸é °¢ Æ÷Æ®¿¡¼ ¾Ë·ÁÁÖ´Â ¸Þ¼¼Áö¸¦ È®ÀÎ ÇÒ ¼ö ÀÖ½À´Ï´Ù.
10. [root@tsc13 ~/work]
11. # echo QUIT|nc -v -w 3 ostsc.co.kr 10-80
12. DNS fwd/rev mismatch: ostsc.co.kr.ostsc.co.kr != ns.ostsc.co.kr
13. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 80 (http) open
14. <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
15. <html><head>
16. <title>501 Method Not Implemented</title>
17. </head><body>
18. <h1>Method Not Implemented</h1>
19. <p>QUIT to /index.html not supported.<br />
20. </p>
21. <hr />
22. <address>Apache/2.0.51 (Fedora) Server at 210.183.235.13 Port 80</address>
23. </body></html>
24. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 79 (finger) open
25. ** UNAUTHORIZED ACCESS PROHIBITED *** YOUR CONNECTION ATTEMPT HAS BEEN LOGGED. GO AWAY.ostsc.co.kr.ostsc.co.kr [210.183.235.13] 53 (domain) open
26. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 22 (ssh) open
27. ostsc.co.kr.ostsc.co.kr [210.183.235.13] 15 (netstat) open
28. ** UNAUTHORIZED ACCESS PROHIBITED *** YOUR CONNECTION ATTEMPT HAS BEEN LOGGED. GO AWAY.ostsc.co.kr.ostsc.co.kr [210.183.235.13] 11 (systat) open
29. ** UNAUTHORIZED ACCESS PROHIBITED *** YOUR CONNECTION ATTEMPT HAS BEEN LOGGED. GO AWAY.
ncÀ» ÀÌ¿ëÇÏ¿© DATA¸¦ Àü¼ÛÇÏ´Â ¹æ¹ýÀ» ¾Ë¾Æº¸°Ú½À´Ï´Ù.
Àü¼Û¹ÞÀ» ½Ã½ºÅÛ¿¡¼´Â ncÀ» ´ë±â¸ðµå·Î ÀÛµ¿½ÃÄÑ µÓ´Ï´Ù.
30. nc -l -p 1234 l uncompress -c l tar xvfp -
µ¥ÀÌÅ͸¦ º¸³¾ ½Ã½ºÅÛ¿¡¼´Â ¾Æ·¡Ã³·³ ¸í·ÉÀ» ³»¸³´Ï´Ù
31. tar cfp - /some/dir l compress -c l nc -w 3 [other machine] 1234
¼º´ÉÅ×½ºÆ®
nc¸¦ ÀÌ¿ëÇØ¼ Å« µ¥ÀÌÅ͸¦ ¼·Î º¸³»°í ¹ÞÀ½À¸·Î½á networkÀÇ performance¸¦ Å×½ºÆ®ÇÒ¼ö ÀÖ½À´Ï´Ù. ¼·Î ¼ø¼¸¦ ´Þ¸®Çؼ ÇØ º¸¾Ò½À´Ï´Ù.
A ¼¹ö
32. $ yes BBBBBBBBBBBBBBBBBBBBBB l /tmp/nc x.x.x.x 2222 >/dev/null Broken pipe $ yes AAAAAAAAAAAAAAAAAAAAAA l /tmp/nc -v -v -l -p 2222 >/dev/null listening on [any] 2222 ... connect to [x.x.x.x] from x.x.x.x [x.x.x.x] 2790 sent 6643712, rcvd 9542784
A°¡ ¸¹ÀÌ ¹ÞÀ½ B ¼¹ö
33. $ yes AAAAAAAAAAAAAAAAAAAAAA l nc -v -v -l -p 2222 >/dev/null listening on [any] 2222 ... 203.239.110.12: inverse host lookup failed: Unknown host connect to [x.x.x.x] from (UNKNOWN) [x.x.x.x] 1672 sent 11145216, rcvd 8092008 $ yes BBBBBBBBBBBBBBBBBBBBBB l nc x.x.x.x 2222 >/dev/null Broken pipe
B°¡ ¸¹ÀÌ º¸³¿
ÇÁ·Î±×·¥¿¡¼ Ȱ¿ë
½© ½ºÅ©¸³Æ®¿¡¼ µ¥ÀÌÅÍÀÇ Àü¼Û¿¡ »ç¿ëÇÒ¼öµµ º¸³¾ ¼ö ÀÖ½À´Ï´Ù
ÄÄÇ»ÅÍ Æ÷·»½Ä¿¡ Ȱ¿ë
ºÐ¼®ÇÒ ½Ã½ºÅÛ¿¡¼ ncÀ» ÀÌ¿ëÇØ¼ Á¶»ç´ë»ó ½Ã½ºÅÛÀ¸·ÎºÎÅÍ º¹»çÇÒ ÆÄƼ¼ÇÀ» ÀúÀåÇϵµ·Ï ¼³Á¤ÇØ µÓ´Ï´Ù.
34. #nc -l -p 10000 > target.hda2.dd
Á¶»ç´ë»ó ½Ã½ºÅÛ¿¡¼ dd ¸í·ÉÀ» ÀÌ¿ëÇØ¼ ÆÄƼ¼ÇÀ» º¹»çÇϰí À̸¦ ncÀ» ÀÌ¿ëÇØ¼ ºÐ¼®ÇÒ ½Ã½ºÅÛÀ¸·Î Àü¼ÛÇÕ´Ï´Ù.
35. #dd if=/dev/hda2 bs=1024 | nc 210.183.234.15 10000 -w 3
|