1211 Day after Class shell summary

1211shell

High waves Archive: Learning Notes December 11, 2017 13:10:56

Shortcut keys: Ctrl + 1 title 1 Ctrl + 2 title 2 Ctrl + 3 title 3 Ctrl + 4 Example Ctrl + 5 Program Code Ctrl + 6 Body

Format Description: Blue font: Comments Yellow background: Important Green background: note

1. Directory

1.1 Mesh record I

Chapter I. 1

1.1.1 NAMP-SP 10.0.0.0/24 1

1.1.2 Time-c 1-w 10.0.0.6 1

1.1.3 The concurrency of the shell 1

1.1.41 small examples, imitation web containers. 2

1.1.5 NC Command Summary 2

1.1.6 while Loop 1 plus to 100. 3

1.1.7 iptables parameter-F purge rule-l lists all rules. 3

1.1.8 website intrusion detection. 3

1.1.9 View the directory of the file where the process resides. Netstat find process ll/proc/process number/exe 3

1.1.10 the way to prevent script interrupts. Screen introduction. 4

1.1.11 while loop read file 4

1.1.12 gets an article per line per word per character 5

1.1.13 Dos attacks consume light bandwidth or web connection number and other resources. 6

1.1.14 ELK 6

1.1.15 WAF 6

1.1.16 IDs is an abbreviation for "Intrusion Detection systems" in English, which means "intrusion detection system" in Chinese. 6

Chapter I.

1. NAMP-SP 10.0.0.0/24

The intruder uses Nmap to scan the entire network for a target. Ping the scan by using the "-SP" command. By default, Nmap sends an ICMP echo and a TCP ACK to each host that is scanned, and the host responds to any kind of response by Nmap.
Example: Scanning the 192.168.7.0 network:
# NMAP-SP 192.168.7.0/24

Sp "option tells Nmap to just ping the scan. This option is useful when you have a set of IP addresses to scan, and you don't know which one is available.

There are a series of command parameters related to security scan

1. Time-c 1-w 10.0.0.6

-W Timeout

-C Times

1. Concurrency of the shell

The general concurrency idea in the shell is to get the executed program to prototype in the background, and then you just need to get the results.

The disadvantage is that many processes are opened. Process multiple systems will get stuck. There is no thread level. Not easy to implement.

Parallel Background , Unable to control sequential result output .

excessive consumption of resources .

simultaneously open 254 a process

no bottom control concurrency .

Shell File Descriptor , Controlling concurrency .

the process of opening more , Thread Level .

1. A small example of an imitation web container.

[email protected] server]# cat web.sh

#!/bin/bash

While True

Do

Nc-l < aa.html

Done

NC 10.0.0.17 80

Ok

1. Summary of NC commands

Common functions:

1. Port scan

nc -v -w 2192.168.2.34 -z 21-24

1. Simple Chat Tool

1. Operation memcache

1. Copy files

from 192.168.2.33 Copy files to 192.168.2.34

in the 192.168.2. on: nc-l 1234 > Test.txt

in the 192.168.2. on: NC 192.168. 2.34 < test.txt

1. While Loop 1 is added to 100.

1. awk ' Begin{for (i=0;i<100;i++) sum+=i;print sum} '

1 Plus to 100

1. Iptables parameter-F purge rule-l lists all rules.

1. Website intrusion detection.

2. inotify Check the site's directory for modified delete events
3. MD5 check . md5sum-c

   the reasons for the invasion are :

   permissions are not set. 777 the problem

   Root The password is too simple

   Web Services, etc. start up without using a dedicated user with a high-privileged Root User .

1. View the directory of the file where the process resides. Netstat find process ll/proc/process number/exe

[Email protected] ~]# NETSTAT-TLNP

Active Internet connections (only servers)

Proto recv-q send-q Local address Foreign address State Pid/program Name

TCP 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1228/sshd

TCP6 0 0::: 8080:::* LISTEN 1272/java

TCP6 0 0::: $:::* LISTEN 1228/sshd

[Email protected] 1272]# Ll/proc/1272/exe

lrwxrwxrwx 1 Jenkins Jenkins 0 Dec 08:38/proc/1272/exe-/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4. X86_64/jre/bin/java

[Email protected] 1272]# Ll/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre/bin/java

-rwxr-xr-x 1 root root 7304 Oct 22:27/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4.x86_64/jre/bin/java

[Email protected] 1272]# Ll/usr/bin/java

lrwxrwxrwx 1 root root 1 08:59/usr/bin/java-/etc/alternatives/java

1. A way to prevent a script from breaking. Screen introduction.

2. First step Download Screen . Yum insatll screen-y
4. Step Two Enter the command Screen
6. Step three, execute your own commands.
8. Fourth Step Ctrl+a+d after the background execution is complete .
10. View Screen-ls a file that sees a process number . Screen-r Process Number Enter the process to the foreground .

1. While loop read file

[email protected] ~]# while read i;do echo "$i = = =";d One <aa.txt

FJHJNKJFDJKKJF = = =

FJHJN43KJFDJ343454KKJF = = =

FJHJNKJ76FDJKKJF = = =

Chinese in the shell is 16 binary numeric parsing.

Windows is GBK encoded

1. Gets each line of the article per word per character

[email protected] scripts]# cat readline.sh
#!/bin/bash
N=1
While read I
Do
echo "Section${n}Line$i "
M=1
For x in $i
Do
echo "Section${m}a word$x "
Echo $x |grep-o.
((m++))
Done
((n++))
done< $

1. Dos attacks consume light bandwidth or web connections and other resources.

Intentionally attacking the network protocol to implement the defect or consume the target object's broadband resources. The attack object includes broadband, file system capacity, or open processes or allowed connections.

DDoS attacks. Distributed flat resources. CC Proxy Server distributed resource.

1. ELK

1. WAF

1. IDS is an abbreviation for "Intrusion Detection systems" in English, which means "intrusion detection system" in Chinese.

Intrusion Detection System

Antivirus software for Linux

1211 Day after Class shell summary