Created
July 20, 2011 20:10
-
-
Save thinkerbot/1095804 to your computer and use it in GitHub Desktop.
IP cheats
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # determine interfaces in promiscuous mode (ie sniffing) | |
| ifconfig | grep PROMISC | |
| # DNS lookup, reverse lookup | |
| nslookup | |
| # List all processes, for all users | |
| # UID PID PPID C STIME TTY TIME CMD | |
| ps -afx |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0xBEEF # => 48879 | |
| 16.to_s(2) # => "10000" | |
| 31.to_s(2) # => "11111" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ gem install sinatra | |
| $ ruby -rubygems hi.rb | |
| # Note curl increments its ephemeral port | |
| $ curl -g http://127.0.0.1:4567/hi | |
| $ tcpdump -ilo0 -nS | |
| 11:43:14.336818 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [S], seq 2261560682, win 65535, options [mss 16344,nop,wscale 3,nop,nop,TS val 695638148 ecr 0,sackOK,eol], length 0 | |
| 11:43:14.336858 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [S.], seq 1643186250, ack 2261560683, win 65535, options [mss 16344,nop,wscale 3,nop,nop,TS val 695638148 ecr 695638148,sackOK,eol], length 0 | |
| 11:43:14.336868 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [.], ack 1643186251, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.336878 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [.], ack 2261560683, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.336926 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [P.], seq 2261560683:2261560833, ack 1643186251, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 150 | |
| 11:43:14.336937 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [.], ack 2261560833, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.339441 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [P.], seq 1643186251:1643186438, ack 2261560833, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 187 | |
| 11:43:14.339463 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [.], ack 1643186438, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.339496 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [P.], seq 1643186438:1643186450, ack 2261560833, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 12 | |
| 11:43:14.339505 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [.], ack 1643186450, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.339917 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [F.], seq 2261560833, ack 1643186450, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.339939 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [.], ack 2261560834, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.339946 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [.], ack 1643186450, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.340757 IP 127.0.0.1.4567 > 127.0.0.1.58884: Flags [F.], seq 1643186450, ack 2261560834, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| 11:43:14.340778 IP 127.0.0.1.58884 > 127.0.0.1.4567: Flags [.], ack 1643186451, win 65535, options [nop,nop,TS val 695638148 ecr 695638148], length 0 | |
| $ tcpdump -ilo0 -nSX | |
| 11:44:47.271840 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [S], seq 4041908115, win 65535, options [mss 16344,nop,wscale 3,nop,nop,TS val 695639077 ecr 0,sackOK,eol], length 0 | |
| 0x0000: 4500 0040 c287 4000 4006 0000 7f00 0001 E..@..@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea 9f93 0000 0000 ................ | |
| 0x0020: b002 ffff fe34 0000 0204 3fd8 0103 0303 .....4....?..... | |
| 0x0030: 0101 080a 2976 9c25 0000 0000 0402 0000 ....)v.%........ | |
| 11:44:47.271891 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [S.], seq 1946351726, ack 4041908116, win 65535, options [mss 16344,nop,wscale 3,nop,nop,TS val 695639077 ecr 695639077,sackOK,eol], length 0 | |
| 0x0000: 4500 0040 3db0 4000 4006 0000 7f00 0001 E..@=.@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f86e f0ea 9f94 ........t..n.... | |
| 0x0020: b012 ffff fe34 0000 0204 3fd8 0103 0303 .....4....?..... | |
| 0x0030: 0101 080a 2976 9c25 2976 9c25 0402 0000 ....)v.%)v.%.... | |
| 11:44:47.271903 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [.], ack 1946351727, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 6b94 4000 4006 0000 7f00 0001 E..4k.@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea 9f94 7402 f86f ............t..o | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.271912 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [.], ack 4041908116, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 c3f6 4000 4006 0000 7f00 0001 E..4..@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f86f f0ea 9f94 ........t..o.... | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.271956 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [P.], seq 4041908116:4041908266, ack 1946351727, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 150 | |
| 0x0000: 4500 00ca 47d5 4000 4006 0000 7f00 0001 E...G.@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea 9f94 7402 f86f ............t..o | |
| 0x0020: 8018 ffff febe 0000 0101 080a 2976 9c25 ............)v.% | |
| 0x0030: 2976 9c25 4745 5420 2f68 6920 4854 5450 )v.%GET./hi.HTTP | |
| 0x0040: 2f31 2e31 0d0a 5573 6572 2d41 6765 6e74 /1.1..User-Agent | |
| 0x0050: 3a20 6375 726c 2f37 2e31 392e 3720 2875 :.curl/7.19.7.(u | |
| 0x0060: 6e69 7665 7273 616c 2d61 7070 6c65 2d64 niversal-apple-d | |
| 0x0070: 6172 7769 6e31 302e 3029 206c 6962 6375 arwin10.0).libcu | |
| 0x0080: 726c 2f37 2e31 392e 3720 4f70 656e 5353 rl/7.19.7.OpenSS | |
| 0x0090: 4c2f 302e 392e 386c 207a 6c69 622f 312e L/0.9.8l.zlib/1. | |
| 0x00a0: 322e 330d 0a48 6f73 743a 2031 3237 2e30 2.3..Host:.127.0 | |
| 0x00b0: 2e30 2e31 3a34 3536 370d 0a41 6363 6570 .0.1:4567..Accep | |
| 0x00c0: 743a 202a 2f2a 0d0a 0d0a t:.*/*.... | |
| 11:44:47.271971 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [.], ack 4041908266, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 31ce 4000 4006 0000 7f00 0001 E..41.@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f86f f0ea a02a ........t..o...* | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.274305 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [P.], seq 1946351727:1946351914, ack 4041908266, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 187 | |
| 0x0000: 4500 00ef e2c3 4000 4006 0000 7f00 0001 E.....@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f86f f0ea a02a ........t..o...* | |
| 0x0020: 8018 ffff fee3 0000 0101 080a 2976 9c25 ............)v.% | |
| 0x0030: 2976 9c25 4854 5450 2f31 2e31 2032 3030 )v.%HTTP/1.1.200 | |
| 0x0040: 204f 4b20 0d0a 436f 6e6e 6563 7469 6f6e .OK...Connection | |
| 0x0050: 3a20 4b65 6570 2d41 6c69 7665 0d0a 4461 :.Keep-Alive..Da | |
| 0x0060: 7465 3a20 5765 642c 2032 3720 4a75 6c20 te:.Wed,.27.Jul. | |
| 0x0070: 3230 3131 2031 373a 3434 3a34 3720 474d 2011.17:44:47.GM | |
| 0x0080: 540d 0a43 6f6e 7465 6e74 2d54 7970 653a T..Content-Type: | |
| 0x0090: 2074 6578 742f 6874 6d6c 3b63 6861 7273 .text/html;chars | |
| 0x00a0: 6574 3d75 7466 2d38 0d0a 5365 7276 6572 et=utf-8..Server | |
| 0x00b0: 3a20 5745 4272 6963 6b2f 312e 332e 3120 :.WEBrick/1.3.1. | |
| 0x00c0: 2852 7562 792f 312e 382e 362f 3230 3130 (Ruby/1.8.6/2010 | |
| 0x00d0: 2d30 322d 3035 290d 0a43 6f6e 7465 6e74 -02-05)..Content | |
| 0x00e0: 2d4c 656e 6774 683a 2031 320d 0a0d 0a -Length:.12.... | |
| 11:44:47.274329 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [.], ack 1946351914, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 59cf 4000 4006 0000 7f00 0001 E..4Y.@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea a02a 7402 f92a ...........*t..* | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.274337 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [P.], seq 1946351914:1946351926, ack 4041908266, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 12 | |
| 0x0000: 4500 0040 25db 4000 4006 0000 7f00 0001 E..@%.@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f92a f0ea a02a ........t..*...* | |
| 0x0020: 8018 ffff fe34 0000 0101 080a 2976 9c25 .....4......)v.% | |
| 0x0030: 2976 9c25 4865 6c6c 6f20 576f 726c 6421 )v.%Hello.World! | |
| 11:44:47.274341 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [.], ack 1946351926, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 6aa5 4000 4006 0000 7f00 0001 E..4j.@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea a02a 7402 f936 ...........*t..6 | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.276540 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [F.], seq 4041908266, ack 1946351926, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 bace 4000 4006 0000 7f00 0001 E..4..@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea a02a 7402 f936 ...........*t..6 | |
| 0x0020: 8011 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.276570 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [.], ack 4041908267, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 76e2 4000 4006 0000 7f00 0001 E..4v.@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f936 f0ea a02b ........t..6...+ | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.276576 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [.], ack 1946351926, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 c3ee 4000 4006 0000 7f00 0001 E..4..@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea a02b 7402 f936 ...........+t..6 | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.276796 IP 127.0.0.1.4567 > 127.0.0.1.58886: Flags [F.], seq 1946351926, ack 4041908267, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 2e95 4000 4006 0000 7f00 0001 E..4..@.@....... | |
| 0x0010: 7f00 0001 11d7 e606 7402 f936 f0ea a02b ........t..6...+ | |
| 0x0020: 8011 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% | |
| 11:44:47.276811 IP 127.0.0.1.58886 > 127.0.0.1.4567: Flags [.], ack 1946351927, win 65535, options [nop,nop,TS val 695639077 ecr 695639077], length 0 | |
| 0x0000: 4500 0034 72fc 4000 4006 0000 7f00 0001 E..4r.@.@....... | |
| 0x0010: 7f00 0001 e606 11d7 f0ea a02b 7402 f937 ...........+t..7 | |
| 0x0020: 8010 ffff fe28 0000 0101 080a 2976 9c25 .....(......)v.% | |
| 0x0030: 2976 9c25 )v.% |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'sinatra' | |
| get '/hi' do | |
| "Hello World!" | |
| end |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 13:56:00.528841 IP local.pinnacol.com > local.pinnacol.com: ICMP echo request, id 60677, seq 39, length 64 | |
| Ping capture, 0x0054 (84 bytes): | |
| 0 1 2 3 4 5 6 7 8 9 A B C D E F | |
| 0x0000: 4500 0054 cb44 0000 4001 0000 7f00 0001 | |
| 0x0010: 7f00 0001 0800 8d2a ed05 0027 4e27 32d0 | |
| 0x0020: 0008 11a6 0809 0a0b 0c0d 0e0f 1011 1213 | |
| 0x0030: 1415 1617 1819 1a1b 1c1d 1e1f 2021 2223 | |
| 0x0040: 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 | |
| 0x0050: 3435 3637 | |
| IP Header - 5 words (20 bytes): | |
| 0 1 2 3 4 5 6 7 8 9 A B C D E F | |
| 0x0000: 4500 0054 cb44 0000 4001 0000 7f00 0001 | |
| 0x0010: 7f00 0001 | |
| 32-bit Word 1/4 per-line (32-bit): | |
| 0 1 2 3 4 5 6 7 8 9 A B C D E F | |
| 0x0000: 4500 0054 | |
| Byte 1/16 per-line (8-bit): | |
| 0 1 2 3 4 5 6 7 8 9 A B C D E F | |
| 0x0000: 45 | |
| Nibble 1/32 per-line (4-bit, one hex digit): | |
| 0 1 2 3 4 5 6 7 8 9 A B C D E F | |
| 0x0000: 4 | |
| Sizes: | |
| 1 byte: 256 (0-255) | |
| 2 bytes: 65536 (0-65535) | |
| Conversions: | |
| 65536 = 2**16 = 1024 * 64 = 256 * 256 | |
| One byte ( 0-255 ), 16 bits, 2 hex digits, 3 decimal digits (up to 255) | |
| 2: .... .... | |
| 16: .. | |
| 10: ... | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment