I am conducting penetration testing. I am trying to increment the packet number without manually exit outing the ping and pinging again. I tried with "sleep 5," but the ping doesn't end after 5 seconds. I have to do ^C and then the incremental command executes. Any suggestion? My host and attacker are in a separate virtual machine.
for i in {1..10000}; do sudo hping3 -c $i -d 120 -S -w 64 -p <port_number>--flood --rand-source <ip_address> --traceroute; date ; sleep 5;done
Edit: For those who are facing the same problem- use timeout
For my case: for i in {1..1000}; do sudo timeout 60 hping3 -c $i -d 120 -S -w 64 -p 80 --flood --rand-source 192.168.189.135 --tr-stop; date ; sleep 1;done.
Related
I have created a simple bash script to start capturing traffic from all interfaces I have in my Linux machine (ubuntu 22), but this script should stop capturing traffic 2 hours after the machine has reboot. Below is my bash script
#!/bin/bash
cd /home/user/
tcpdump -U -i any -s 65535 -w output.pcap &
pid=$(ps -e | pgrep tcpdump)
echo $pid
sleep 7200
kill -2 $pid
The script works fine if I run it, but I need to have it running after every reboot.
Whenever I run the script, it works without problem
user#linux:~$ sudo ./startup.sh
[sudo] password for user:
tcpdump: data link type LINUX_SLL2
tcpdump: listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 65535 bytes
1202
35 packets captured
35 packets received by filter
0 packets dropped by kernel
but when I set it in the crontab as
#reboot /home/user/startup.sh
it does not start at reboot. I used ps -e | pgrep tcpdump to make sure if the script is running but there is not an output, it seems that it is not starting the script after the reboot. I don't know if I need to have root permissions for that. Also, I checked the file permission, and it has
-rwxrwxr-x 1 user user 142 Nov 4 10:11 startup.sh
Any suggestion on why it is not starting the script at the reboot?
Suggesting to update your script:
#!/bin/bash
source /home/user/.bash_profile
cd /home/user/
tcpdump -U -i any -s 65535 -w output.pcap &
pid=$(pgrep -f tcpdump)
echo $pid
sleep 7200
kill -2 $pid
Suggesting to inspect crontab execution log in /var/log/cron
The problem here was that even though the user has root permission, if an script needs to be run in crontab at #reboot, crontab needs to be modified by root. That was the only way I found to run the script. As long as I am running tcpdump, this will require root permission but crontab will not start it at the boot up if it is not modified by sudo.
I need a bash script which kills als SOCAT-Proccesses and restarts them again. I managed it via crontab after a reboot, but this produces too much downtime to reboot again after there are too many SOCAT-Proccesses.
I used
#!/bin/sh
killall socat &
sleep 3s
socat UDP4-LISTEN:PORT,fork,su=nobody UDP6:[IPV6]:PORT & disown
socat TCP4-LISTEN:PORT2,fork,su=nobody TCP6:[IPV6]:PORT2 & disown
exit
Now I have the problem that the script
does not run completely in background
often stops after executing the first SOCAT-Command.
I also tried nohup, but it also does not run completely in background.
What exactly should instigate this script to run?
Do you want to run it periodically, manually or when socat fails?
We certainly should understand why socat is failing in the first place.
I think it would be a good idea to output some logging from your script and kill socat with SIGKILL (-9).
A starting point here:
$ cat /usr/local/bin/restart_ip_addr_fam_bridge.sh
#!/bin/sh
IPV6="::1"
PORT=10001
PORT2=10002
while [ true ]; do
killall -9 socat 2> /dev/null
socat -T3600 UDP4-LISTEN:$PORT,reuseaddr,fork,su=nobody UDP6:[$IPV6]:$PORT &
socat TCP4-LISTEN:$PORT2,reuseaddr,fork,su=nobody TCP6:[$IPV6]:$PORT2 &
# Wait for a request to run or you could wait for a fixed time here
while [ ! -f /tmp/req_restart_ip_addr_fam_bridge ]; do
sleep 3
done
rm -f /tmp/req_restart_ip_addr_fam_bridge
printf "%s: Restarting IP address family bridge\n" "$(date '+%D %T')" >> /tmp/restart_ip_addr_fam_bridge.log
chmod 666 /tmp/restart_ip_addr_fam_bridge.log
# Avoid busy wait
sleep 5
done
exit
You can run it at startup, for example, adding this line to /etc/rc.local:
/usr/local/bin/restart_ip_addr_fam_bridge.sh &
And request it to restart your socat bridges with:
$ touch /tmp/req_restart_ip_addr_fam_bridge
See the running log with:
$ cat /tmp/restart_ip_addr_fam_bridge.log
08/20/22 15:14:43: Restarting IP address family bridge
Test your socat bridges:
$ nc -6 -l ::1 10002 | $ nc -4 127.0.0.1 10002
Typed from IPv4 TCP client | Typed from IPv4 TCP client
Be careful restart_ip_addr_fam_bridge.sh here is running as root from rc.local script.
Probably this is not very desirable/safe depending on your application.
EDIT: Added timeout for socat UDP bridge as recommended by #dest-unreach.
I am not sure if this is even possible. But I am using this command to get network throughput.
ifstat -t -S -i wlan0
Run just like that it updates inline on the console but when I pipe it, it appends a new line to the file.
ifstat -t -S -i wlan0 >> /tmp/transfer.txt
Time wlan0
HH:MM:SS KB/s in KB/s out
21:33:35 4.27 201.47
21:33:36 4.20 178.88
21:33:37 4.41 190.76
21:33:38 4.32 186.61
21:33:39 5.07 177.42
21:33:40 4.15 182.87
21:33:41 5.70 180.93
21:33:42 4.21 194.71
21:33:43 3.80 181.35
21:33:44 3.86 185.57
21:33:45 3.92 189.78
21:33:46 4.08 195.29
etc...
OK I understand using this will overwrite the file.But only after I run it the first time.Not DURING the execution of the app.
ifstat -t -S -i wlan0 >> /tmp/transfer.txt
I really do not need to keep a log of all the transfer rates and only interested in writing that one line on every update while the application is running. Instead of appending lines during executions, I want it to create a new file or overwrite it every second.
Technically you're not piping, but redirecting output.
Looks like you want to use > instead of >>?
For obtaining just the last line while ifstat is executing you could extract it in a 2nd file like this:
while true; do tail -1 /tmp/transfer.txt > /tmp/transfer2.txt; sleep .5; done
To overwrite the file each time with out keeping a log.
while true; do ifstat -t -i wlan0 1 1 | tail -1 > /tmp/transfer.txt; sleep .5; done;
You can try one of the following (I do not have your version of ifstat, so I cannot verify this on my own system).
while /bin/true; do ifstat -t -i wlan0 1 > tmp/transfer.txt; sleep 1; done
or perhaps just
ifstat -t -i wlan0 > tmp/transfer.txt
So, don't use the -S flag since this does not work when redirecting to file.
Each time, when I manually run tcpdump, I have to use Ctrl+C to stop it. Now I want to schedule my tcpdump with cronjob and I only need it to run for 1 and half hours. Without manually running Ctrl+C or kill command, how can it be stopped automatically? Here is the command I am testing:
tcpdump -i eth0 'port 8080' -w myfile
I can schedule another cronjob to kill the tcpdump process, but it seems not a good idea.
You can combine -G {sec} (rotate dump files every x seconds) and -W {count} (limit # of dump files) to get what you want:
tcpdump -G 15 -W 1 -w myfile -i eth0 'port 8080'
would run for 15 seconds and then stop. Turn 1.5 hours into seconds and it should work.
you could use timeout
timeout 5400 tcpdump -i eth0 'port 8080' -w myfile
You could do it like this:
tcpdump -i eth0 'port 8080' -w myfile &
pid=$!
sleep 1.5h
kill $pid
The approach that worked best for me on Ubuntu 14.04
sudo -i
crontab -e
and then add the line
30 17 * * * /usr/sbin/tcpdump -G 12600 -W 1 -s 3000 -w /home/ubuntu/capture-file.pcap port 5060 or portrange 10000-35000
Notes
-G flag indicate number of second for dump to run, this example runs daily from 5:30 PM to 9:00 PM
-W is the number of iterations tcpdump will execute
Cron job will not be added until you save and exit the file
This example is for capturing packets of an Asterisk phone server
You can use
watch tcpdump -i eth0 'port 8080' -w myfile
This will run every 2 seconds.
I want to create bash script that will verify by ping list of IP’s
The problem is that ping to any address take few seconds ( in case no ping answer ) in spite I defined the ping as the following:
Ping –c 1 126.78.6.23
The example above perform ping only one time – but the problem is the time , waiting few seconds until ping ended ( if no answer )
In my case this is critical because I need to check more than 150 IP’s ( usually more 90% of the IP’s are not alive )
So to check 150 IP’s I need more than 500 seconds
Please advice if there is some good idea how to perform ping quickly
remark my script need to run on both OS ( linux and solaris )
The best idea is to run ping in parallel
and then save the result in a file.
In this case your script will run not longer than a second.
for ip in `< list`
do
( ping -c1 $ip || echo ip >> not-reachable ) &
done
Update. In Solaris -c has other meaning, so for solaris you need
run ping other way:
ping $ip 57 1
(Here, 57 is the size of the packet and 1 is the number of the packets to be sent).
Ping's syntax in Solaris:
/usr/sbin/ping -s [-l | -U] [-adlLnrRv] [-A addr_family]
[-c traffic_class] [-g gateway [ -g gateway...]]
[-F flow_label] [-I interval] [-i interface] [-P tos]
[-p port] [-t ttl] host [data_size] [npackets]
You can make a function that aggregates the two methods:
myping()
{
[ `uname` = Linux ] && ping -c 1 "$i" || ping "$ip" 57 1
}
for ip in `< list`
do
( myping $ip || echo ip >> not-reachable ) &
done
Another option, don't use ping directly but use ICMP module from some language.
You can use for example Perl + Net::Ping module from Perl:
perl -e 'use Net::Ping; $timeout=0.5; $p=Net::Ping->new("icmp", $timeout) or die bye ; print "$host is alive \n" if $p->ping($host); $p->close;'
Does Solaris ship with coreutils OOTB these days? Then you can use timeout to specify an upper limit:
timeout 0.2s ping -c 1 www.doesnot.exist >/dev/null 2>&1
You could use hping3, which is scriptable (in Tcl).
As already stated, a simple way is to overcome the timing issue run the ping commands in parallel.
You already have the syntax for Linux (iputils) ping.
With Solaris, the proper option to send a single ping would be
ping -s 126.78.6.23 64 1
Installing nmap from sources would provide a more powerful alternative though.