[Vulnerability Reap] Moniker disables the vulnerability | OLE logic vulnerability (CVE-2017-8570)

2023-01-25   ES  

tcpdump commandis a SNIFFER tool that can print the header information of all data packets passing through the network interface, or it can also be used

The-woption saves the data packet into the file to facilitate future analysis.

The network interface here is the network card, so you need to check the name of the network card

The name of the

ifconfig -a

network card is these 3, I use the third wireless network card. It’s WLPLS0

TCPDUmp Options Explanation

-A: Try to convert the network and broadcast address into a name; 
 -c <Package number>: After receiving the specified number of data packets, stop the dumping operation; 
 -D: The compiled data packet is encoded into a readable format and dumped to the standard output; 
 -DD: The compiled data packet is encoded into the format of the C language and dumped to the standard output; 
 -DDD: convert the compiled data packet into a format of decimal numbers and dump to the standard output; 
 -E: Display the file header of the connection level on each column; 
 -F: Use the digital to display the network address; 
 -F <expression file>: specify files containing expression internal; 
 -I <Network Interface>: Use the specified network section to send out the data packet; 
 -L: Use a buffer of the standard output column; 
 -N: Do not convert the network address of the host into a name; 
 -N: Do not list the domain name; 
 -O: Do not optimize the data packet; 
 -P: Do not allow the network interface to enter the mixed mode; 
 -Q: Quick output, only list a minority transmission protocol information; 
 -R <data packet file>: Read the data packet data from the specified file; 
 -S <Data packet size>: Set the size of each packet; 
 -S: List the number of TCP associations with absolute rather than relative values; 
 -T: Dispatable time stamps are displayed on each column; 
 -TT: Display unsatisfactory time stamps on each column dumping data; 
 -T <Data Pack Type>: Transfer the data packet specified by the expression method to translate the data packet type set; 
 -V: Display instruction execution process in detail; 
 -VV: Display the instruction execution process in detail; 
 -X: List the data packet data with the hexadecimal code; 
 -w <Package file>: Write the data packet data to the specified file.

Commonly used commands:

1. Grasp the current server WLPLS0 (your machine may be ETH0) network card port 8080 network data

 sudo tcpdump -n -i wlp1s0 port 8080

2. Formation of IP grasping

# Catch all network data with ETH0, the purpose or source address of 192.168.29.162 

     Command: TCPDUMP -N -I ETH0 Host 192.168.29.162 

 # source address 

     Command: TCPDUMP -I E EE eRC Host 192.168.29.162 

 # Destination address 

     Command: TCPDUMP -I E eion1 DST HOST 192.168.29.162

Reference:http://man.linuxde.net/tcpdump

source

Related Posts

js array, JS object, JSON array, JSON object, JSON string difference and connection

Animation simulatory carton blasting (implemented by AnimationSet) yang

Winsocki/O model overlap I/O model

Django Rest Framework

[Vulnerability Reap] Moniker disables the vulnerability | OLE logic vulnerability (CVE-2017-8570)

Random Posts

reactnative basic component

mysql certificate problem uses SSL connection to report an error

Solving the Mu class linux tutorial xshell cannot connect CentOS, VMware Install CentOS6.3, connect xshell

Oracle Data Block Block illustrates the ancestor of the guest family

Little Bai Xue Python —— Use Baidu Translation API to achieve translation function