Wednesday, July 30, 2014

SendIP - an arbitrary IP packet generating tool

SendIP is a tool which allows creating (and, of course, sending) arbitrary IP (v4 and v6) packets.

How To Install

Download Tarbell package from here.
Steps to install:
  1. Untar it in some folder. (tar -xzvf sendip-2.5-mec-0.tar.gz)
  2. sudo make
  3. make install
  4. Now if you type sendip on Linux CLI, it should show all the available Modules. (Ex: ipv4 ipv6 icmp tcp udp bgp rip ripng ntp ah dest esp frag gre hop route)

How To Use


  • -p module //load the specified module (see below)
  • -v  be verbose
  • -h  print this message
  • -d  data //add this data as a string to the end of the packet. rN to generate N random(ish) data  bytes; //zN to generate N nul (zero) data bytes; 0x or 0X followed by hex  digits; 0 followed by octal digits; decimal number for decimal digits


Example:

  • ICMP4: sendip -v -p ipv4 -is 2.2.2.2 -p icmp -d r10 2.2.2.3 
  • ICMP6: sendip -v -p ipv6 -6s 9901::180 -p icmp -d "hello" 9901::100
  • TCP4 : sendip -v -p ipv4 -is 2.2.2.2 -p tcp -ts 1000 -td 1005 -tfs 1 -tn 0 2.2.2.3
  • TCP6 : sendip -v -p ipv6 -6s 9901::180 -p tcp -ts 1000 -td 1005 -tfs 1 -tn 0 9901::100
  • UDP4 : sendip -v -p ipv4 -is 2.2.2.2 -p udp -us 34001 -ud 34002 2.2.2.3
  • UDP6 : sendip -v -p ipv6 -6s 9901::180 -p udp -us 34001 -ud 34002 9901::100

Generate Various IPv6 Extension Header with ICMPv6 as next header.

  • Route(43):    sendip -v -p ipv6 -6s 9901::180 -6n 43 -p route -p icmp -d "hello" 9901::100
  • Frag(44): sendip -v -p ipv6 -6s 9901::180 -6n 44 -p frag -p icmp -d "hello" 9901::100
  • AH(51): sendip -v -p ipv6 -6s 9901::180 -6n 51 -p ah -p icmp -d "hello" 9901::100
  • HopByHop(0)sendip -v -p ipv6 -6s 9901::180 -6n 0 -p hop -p icmp -d "hello" 9901::100
  • Dest Opt(60)sendip -v -p ipv6 -6s 9901::180 -6n 60 -p dest -p icmp -d "hello" 901::100
  • ESC(50): sendip -v -p ipv6 -6s 9901::180 -6n 32 -p esc -p icmp -d "hello" 9901::100

Thursday, August 1, 2013

Capture and read packets in Linux CLI using TCPDUMP

tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, tcpdump is free software.

In this post, i will try to show you how to use tcpdump command and capture required package.
  • 'tcpdump' - capture the traffic passing through 'eth0' or management interface.
  • 'tcpdump -i eth1' -  use minus (-) i option to capture packet passing through eth1
  • 'tcpdump -e -i eth1' -  use minus (-) e option to capture packets passing through eth1 with ethernet header details.
  • 'tcpdump -i eth1 tcp' - capture tcp packets only which are passing through eth1
  • 'tcpdump -i eth1 tcp and src host 2.2.2.2' - capture tcp packets which is sent from 2.2.2.2
  • 'tcpdump -i eth1 tcp or src host 2.2.2.2' - capture tcp packets or packets whose src ip is 2.2.2.2
  • 'tcpdump -i eth1 tcp and greater 1000' - capture tcp packets whose length is greater then 1000B.
  • tcpdump -n -i eth1 tcp : minus (-) n used to avoid DNS lookups. Don't convert host addresses to names.
Save tcpdump in a file- use minus (-) w option which can be read using WhireShark.
  • 'tcpdump -i eth1 -w /dir/file.pcap tcp and host 10.102.174.42'
Read .pcap file using tcpdump
  • 'tcpdump -e -r src9.pcap | grep http'
All available filters that you can apply to capture required packets -
  • dst host 2.2.2.2  or dst host 9901::123 - destination host
  • host 2.2.2.2  or host 9901::123 - has this IP
  • ether src fa:38:3c:50:63:72
  • ether dst, ether host
  • src port 21
  • dst port 80
  • src portrange 10-90
  • less 100
  • vlan 5

Tuesday, July 30, 2013

Vi Editor basic user guide

vi is a screen-oriented text editor originally created for the Unix operating system.
Here are the few basic and necessary shortcuts to use vi editor effectively-
  • '0'(zero) -move cursor to start of current line
  • ':n' -move cursor to line n
  • ':$' -move cursor to last line in file
  • 'x' -delete single character under cursor
  • 'dd' -delete entire current line
  • 'dw' -delete the single word beginning with character under cursor
  • 'yy' -copy (yank, cut) the current line into the buffer
  • 'Nyy' -copy (yank, cut) the next N lines, including the current line, into the buffer
  • 'p' -put (paste) the line(s) in the buffer into the text after the current line
  • '/string' -search forward for occurrence of string in text
  • '?string' -search backward 
  • 'n'  -move to next occurrence of search string
  • 'N'  -search for previous occurrence 
  • 'u' -Undo last change
  • 'ctrl + r'  - Redo 
  • ':s/OLD/NEW/g'  -Replace OLD with NEW Globally (all) on current line
  • ':%s/OLD/NEW/g'   -Replace OLD with NEW Every occurrence in file

Sunday, July 28, 2013

Some Linux cli tips that you should know

In this post I'm giving few Linux CLI tips/shortcuts which i found very helpful and increase your speed while you are working on Linux using CLI. These tricks are very useful for those who are new to Linux.

  1. 'CTL+L' - Clear screen. (you can use 'clear' also to clear the screen).
  2. 'CTL+R' - Search recent commands from History.
  3. 'CTL+A' - Take the cursor to the start of current command.
  4. 'CTL+E' - Take the cursor to the end of currnet command.
  5. 'CTL+W' - To erase one word in current command.
  6. 'CTL+U' - To erase whole command.
  7. 'CTL+Y' - To type the above command which was erased by 'CTL+U'.
  8. 'CTL+D' - Exit or logout current session.
  9. 'screen' - run multiple session inside a single session. 'CTL+A' then 'N' to go to next session and 'CTL+A' then 'P' to go to previous session.
  10. 'CTL+C' - To halt current command
  11. 'CTL+Z' - Stop current command
  12. '!!' - Repeat previous command

Thursday, December 6, 2012

Some Basic Networking Commands : Linux/Windows

I this post i am gonna write about some basic Networking commands used in Windows/Linux that i found important.
  • Display Network configuration and interfaces
    1. windows : "ipconfig" or "ipconfig /all"
    2. Linux: "ifconfig" or "ifconfig interface-name"
  • Show all running Tasks/Applications
    1. windows : "tasklist
    2. Linux: "ps aux" or "top" (Top is used to show memory and CPU used by running process)
  • Kill a task
    1. windows : "taskkill -pid 4000" or "taskkill -im iexplore.exe" ( Here -im is for image name)
    2. Linux: "kill -9 pid"
  • Displays the active TCP connections and ports on which the computer is listening
    1. windows : "netstat -a"
    2. Linux: "netstat -an"
  • Diagnose the Domain Name System (DNS) : Resolves a hostname to IP address
    1. windows : "nslookup google.com
    2. Linux: "dig google.com"
  • Ping : tool used to test whether a particular host is reachable or not.
    1. windows/Linux IPv4 : "ping 74.125.236.73"
    2. Windows/Linux IPv6: "ping6 9901::1"
  • Path Ping : To see all the routers present in path to Destination
    1. windows : "pathping google.com
    2. Linux: "tracepath google.com"
  • Assign IP/Subnet to Linux interfaces
    1. Linux - IPv4 : "ifconfig eth0 192.168.1.2 netmask 255.255.255.0"
    2. or Linux - IPv4 : "ifconfig eth0 2.2.2.2/24"
    3. Linux - IPv6 : "ifconfig eth1 inet6 add 9901::2/64 "
  • Delete IP from Linux interfaces
    1. Linux - IPv4 : "ifconfig eth1 del 2.2.2.3 netmask 255.255.255.0"
    2. Linux - IPv6 : "ifconfig eth1 inet6 del 9901::2/64"
  • Change MTU(Maximum Transmit Unit through an Interface) of Linux interfaces
    1. Linux : "ifconfig interface_name mtu value"
    2. Linux : "ifconfig eth1 mtu 1300"
  • Print routing tables
    1. windows : "netstat -r" or "route print"
    2. Linux- IPv4: "route -A inet" or "route -4" or "ip route"
    3. Linux -IPv6: "route -A inet6" or "route -6" or "ip -6 route"
    • Add/Delete static routes
      1. windows- IPv4 : "route add 10.10.10.0 mask 255.255.255.0 192.168.1.12"
      2. Windows - IPv6 : "netsh interface ipv6 add route 9901::/64 "Local Area Connection" 2001::1"
      3. Linux-IP4: "route add -net 3.3.3.0 netmask 255.255.255.0 gw 1.1.1.1"
      4. Linux-IP4: "ip route add 3.3.3.0/24 via 1.1.1.1"
      5. Linux-IP6: "route -A inet6 add 9901::/64 gw 2001:0db8:0:f101::1"
      6. Linux-IP6: "ip -6 route add 9901::/64 via 2001:0db8:0:f101::1"
    • Trace route : to diagnostic tool for displaying the route
      1. windows : "tracert google.com"
      2. Linux: "traceroute google.com"
    • Secure Shell :SSH is a network protocol for secure data communication and remote command execution
      1. SSH-IPv4 : "ssh username@IPv4_address" Ex: ssh root@74.125.236.73 then it will ask you for password.
      2. SSH-IPv6: "ssh username@IPv6_address"  Ex : ssh username@9901::1.
    • Secure FTP : SFTP is a network protocol that provides file access, file transfer, and file management functionalities over any reliable data stream.
      1. SFTP-IPv4 : "sftp username@IPv4_address". Ex: sftp root@74.125.236.73
      2. Linux: "sftp username@[IPv6_address]". Ex:  sftp username@[9901::15]
    • Secure Copy or SCP : Secure copy or SCP is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol.
      1. SCP Linux : scp  username@IP:/Dir/File_name /local_dir
      2. Ex:     scp  root@10.217.208.40:/root/roy.txt .
      3. SCP windows : For windows you can use, WinSCP. Its a GUI based tool.

      Monday, October 29, 2012

      How to Use Android Phone as a Modem

      In this post I am gonna show you how to use Your Android 4.1 (Jelly beans)  Phone as a Modem to access internet in your Tablet/Laptop.
      There are three ways to do this.

      1.Wireless : This is the easiest and simplest way.This will create a wireless network.There is no need to have USB cable. Just follow these steps:

      • In your Smart phone go to Settings -> More -> Mobile networks. checks on the Data enabled and set your access point name and Network Operators.
      • Now go to Settings -> More -> Tethering & Portable hotspot. Click on the Setup Wi-Fi Hotspot and set SSID and Password. Password must have at least 8 characters. Click on save.
      • Now Enable Portable Wi-Fi hotspot.
      • Go to your laptop, iPad or any device which supports WiFi, search for available wireless networks and select “AndroidAP” option.
      • Thats it. You are now connected with internet. Just go to your Browser and open google.com.

      2. PDANet : PDANet With over 6 million downloads and a 4.5+ user ratings in Android Market, PdaNet has become one of the top 10 Android applications of all time. At just one click, PdaNet instantly shares the Internet access of your Android phone with your computer. It does NOT require root access or hacking your phone's firmware. It works on all Android phones.
      Follow the steps below to install and configure PDANet. For more info click here.
      • Go the Android Market on your cell phone. Use the search function and enter the following search: "pdanet". Download and Install the PDANet 3.50.
      • Go to Settings enable USB debugging mode. Settings -> Developer options -> USB debugging.
      • Download and Install the PDANet for your Windows and Mac. Restart your computer once installation is complete
      • Now connect your android Device using USB cable.
      • Open PdaNet on your Android and tap "Enable USB Tether" to enable your Android to act as the modem for your computer. 
      • Now click on PDANet icon on your computer and choose "connect internet". This will connect your PC to the Internet via your cell phone. Just go to your Browser and open Google.com.
      • Your can also send SMS by your phone using PDANet. Just click on PDANet Icon and select "start SMS agent". A new window will be opened. Choose contact and send SMS.

      3. FoxFi : FoxFi enables WiFi or Bluetooth Hotspot on your Android phone - no tether plan or rooting required. Bluetooth mode works for all phones. WiFi mode currently works on most Samsung/Motorola/LG phones and new HTC phones with Android 4.0 (HTC One etc).
      • To install FoxFi just go to Google play and search for this app.
      • For WiFi mode enter WiFi Name and password ( at least 8 characters) then Activate WiFi Hotspot.
      • For Bluetooth, Activate Bluetooth DUN.

      Thursday, October 11, 2012

      Google search features and image search

      In this post I am gonna show you , how to use Google Search effectively.

      1. Image Search : Drag the image to search box on image.google.com to find the similar image on Internet. The first result guesses the best possible information about the image. You can color filter the search by clicking on "Visually similar" on left pannel to find similar type of images for that image.
      2. Define "word": Google can be used as a dictionary using 'Define' keyword.  Ex: Define gravity
      3. Site keyword : To search with in a website site keyword is used. Ex: engineering site:iitbhu.ac.in
      4. Filetype keyword :  To search specific file over the internet. Ex: filetype:mp3 jenifer lopez 
      5. Intext : Operator to ensure the word you want, is actually on the page you find. Ex: engineering site:iitbhu.ac.in intext:cse
      6. Weather "city-name" : To know weather of a city. Ex: weather bangalore
      7. Minus operator : To exclude  keywords in the search result .Ex : engineering site:iitbhu.ac.in -cse
      8. Sunrise "city" : To know the time of sunrise in particular city. Ex: sunrise bangalore
      9. Time "City" : Ex: time bangalore
      10. Movies "city" :Ex: movies Bangalore
      11. Population "City" : Population of a city,country. Ex: population india
      12. Area "city" : Ex- area bangalore