I'm trying to scan the ports on the "Starting Point" CHallenge from Hackthebox.
i downloaded the .ovpn and established the vpn connnection in my Kali VM
typed in:
ports=$(nmap -p- --min-rate=1000 -T4 10.10.10.27 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)
but when i try
nmap -sC -sV -p$ports 10.10.10.27
I get the error message that my port specifications are illegal.
Happy for every help i can get!
My nmap scans worked on the first try. When I restarted my machine on another day, I had the same issue.
Re-download the connection pack.
This worked for me.
Related
RHEL6 | High Sev
Vulnerability Title
SMTP unauthenticated 3rd-party mail relay
Vuln Description
lity is that other organizations, in an attempt to stop the flow of spam, may throw away any mail originating from your server (including legitimate mail from your users).
Following FIX Helped, take backup of file
Comment out the below entry
cd /etc/mail
[root#mail]# cat sendmail.mc | grep -v ^dnl | grep -i smart
define(SMART_HOST',relaymail.sapient.com')dnl
[root#mail]#
[root#mail]#
Below entry should be commented out
[root# mail]# cat sendmail.mc | grep -v ^dnl | grep -i mailerta
FEATURE(mailertable',hash -o /etc/mail/mailertable.db')dnl
[root#mail]# cp -p sendmail.mc sendmail.mc.bkp.date +%F
[root#mail]#
[root#mail]# m4 sendmail.mc > sendmail.cf
Add below entry in /etc/mail/mailertable to disable offsite mail relay
gmail.com smtp:[192.168.100.x]
. error:Mail to external domain is prohibited
[root# mail]#
it helped to fix.
Hopefully will help, i searched a lot and finally this worked so thought to share.
Is there an option that allows me to print a time stamp for the system time of each run of netstat? Done some looking on the man page, but nothing seems to do the trick.
For instance, if I start a run of netstat -vI 10 at 9:30:00, I'd want:
<9:30:00> [INSERT_DATA_HERE]
<9:30:10> [INSERT_DATA_HERE]
etc.
Or is it better if I just write a script to run a 'date' command and pipe the catted output to a text file?
If you are running the current Solaris version (Solaris 11.*), you can use the -T u or -T d option to get a timestamp for each statistic line.
Otherwise, with Solaris 10 and older, there is no builtin option but you can put the start timestamp and the interval in the netstat output filename that way:
netstat -v -I interface 10 > netstat-vI-10s-$(date +%FT%T).out
In my office firewall I use a command like this:
$ sudo tcpdump -v -s 1500 -i eth0 port 25 | grep 'smtp: S'
to monitor LAN clients sending mail (I need to early detect any possible spammer bot from some client, we have very looooose security policies, here... :-().
So far, so good: I have a continuous output as soon any client sends an email.
But, if I add some filter to get a cleaner output, something like this:
$ sudo tcpdump -v -s 1500 -i eth0 port 25 | grep 'smtp: S' | perl -pe 's/(.*?\)) (.*?)\.\d+ \>(.*)/$2/'
(here I intend to get only source ip/name), I do not get any output until tcpdump output is more than (bash?) buffer size... (or at least I suppose so...).
Nothing changes using 'sed' instead of 'perl'...
Any hint to get a continuous output of filtered data?
Put stdbuf before the first command:
sudo stdbuf -o0 tcpdump ...
But, if I add some filter to get a cleaner output, something like
this:
Use the --line-buffered option for grep:
--line-buffered
Use line buffering on output. This can cause a performance
penalty.
try maybe a sed --unbuffered (or -u sometimes like on AIX) to have a stram version (not waiting the EOF)
I have two web servers running with One load balancer with Haproxy. I need to block IP's that are coming to my load balancer more than often. How do I check all the incoming IP's? Is there a log?
If you want to see the established connections on a Linux server, use this command (via SSH):
netstat -ntu | grep ESTAB | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head -n 10
If you want to log more verbose HAProxy activity, use this setting in haproxy.cfg:
log 127.0.0.1 local0 info
You can view the more verbose output in /var/log/haproxy_0.log
You should try this :
echo 'Client IP: '.$_SERVER["REMOTE_ADDR"];
echo 'Client IP: '.$_SERVER["HTTP_CLIENT_IP"];
These commands displays loadbalancer's IP. More at : https://serverfault.com/a/331909
Okay, I want to have Nmap scan an IP range for computers with a certain port open (port 80 in this case) and have it output all the IP's it finds into a text file, stored in this format:
192.168.0.1
192.168.0.185
192.168.0.192
192.168.0.195
So to output the file, I tried using this command:
nmap -sT -p 80 -ttl 40 192.168.0.0-255 -oG - | grep "80/open" > output.txt
Where "output.txt" is the output file that contains the results. So a line of output.txt looks
like this:
Host: 192.168.0.1 () Ports: 80/open/tcp//http///
So I basically want it only to output the IP address with port 80 open, and nothing else.
I want it to not output the "Host: " or the "()" and "Ports: 80/open/tcp//http///" lines. So is there anyway I can have Nmap not put that stuff into the output file? Or make it only
output the IP addresses? I tried looking at the map page, it was of little help. And I looked all over the Internet and that wasn't very useful either. So does anyone know how I can do this? Thanks
Awk is your friend!
$ nmap -sT -p 80 192.168.0.0/24 -oG - | awk '/ 80\/open/{print $2}' > output.txt
This will find lines with port 80 open (notice the space before 80, if you plan to scan more than the one port!), and print field 2, splitting on whitespace. Another way to do it would be:
$ nmap -sT -p 80 --open 192.168.0.0/24 -oG - | awk '$4=="Ports:"{print $2}' > output.txt
This one uses the --open argument to Nmap to only produce output for hosts with open ports. The awk command checks that this is a "Ports" line, not a "Status" line (which may only show up when using -v, but I'm not positive) before printing the IP address.
Note that it is usually in your best interests to save the scan results to a file, to avoid needing to repeat the scan if you decide to extract some different information. If you choose to do this, I would recommend using the XML output (-oX), since there are lots of analysis tools that have parsers built for it already.
Having nmap produce exactly what you want would indeed be nice. But as a more general solution:
$ nmap ... | grep ... | tr '/' ' ' | awk '{ print $2,$5; }
192.168.0.1 80
Or maybe:
nmap ... | grep ... | tr '/' ' ' | cut -d' ' -f2,8
I found a script called scanreport.sh very useful. Although its not necessary, you could just use awk as suggested, but thought it might be of interest.
It gives the ability to output the nmap results nicely by service or port (with highlighting). It uses the grep-able output from nmap (-oG) after a quick tidy from grep -v ^# nmapoutput.txt > report.txt
Example
nmap -sS 192.168.1.22 -oG /directory/of/choice/results.txt
grep -v ^# results.txt > report.txt
./scanreport.sh -f report.txt
Host: 192.168.1.22 ()
22 open tcp ssh OpenSSH 5.3p1 Debian 3ubuntu4 (protocol 2.0)
80 open tcp http Apache httpd 2.2.14 ((Ubuntu))
./scanreport.sh -f report.txt -p 80
Host: 192.168.1.22 ()
80 open tcp http Apache httpd 2.2.14 ((Ubuntu))
./scanreport.sh -f report.txt -s ssh
Host: 192.168.1.22 ()
22 open tcp ssh OpenSSH 5.3p1 Debian 3ubuntu4 (protocol 2.0)
Plenty of stuff on google about it but here a link to one ref.
./scanreport.sh