Activity 2.1: Host Discovery

Summary:

During this lab we explored some fun one liners using nmap, fping, and ping to output ip addresses of hosts that are up.

Host-Discovery:

One liner using nmap to show ip addresses and outputs it to a file called sweep.txt

nmap -sP 10.0.5.2-50 -oG - | awk '/Up$/{print $2}' >> sweep.txt

One liner using fping to display hosts that are up in the range of 10.0.5.2 to 50 and output it to a file called sweep2.txt

sudo fping -A -a -q -a -i 1 10.0.5.2 10.0.5.50 | awk '{print $1} >> sweep2.txt'

One liner using nmap to show ip addresses and outputs it to a file called sweep.txt

nmap -sn 10.0.5.2-50 -oG - | awk '/Up$/{print $2}' > sweep.txt

Reflection:

This lab was very fun but it was a very rude awaking to one liners.

nmap

-sn = No port scan

-oG - = Greppable output for all lines

-sP = Ping scan

awk

awk is it's own langauge that allows you to manipulate/grab the data you want.

EX: https://www.geeksforgeeks.org/awk-command-unixlinux-examples/

Input:

ajay manager account 45000
sunil clerk account 25000
varun manager sales 50000
amit manager account 47000
tarun peon sales 15000
deepak clerk sales 23000
sunil peon sales 13000
satvik director purchase 80000

Code: Splitting Fields

awk '{print $1,$4}' employee.txt

Output:

ajay 45000
sunil 25000
varun 50000
amit 47000
tarun 15000
deepak 23000
sunil 13000
satvik 80000

Code: Line matching

awk '/manager/ {print}' employee.txt

Output

ajay manager account 45000
varun manager sales 50000
amit manager account 47000

fping

-A = Dispaly IP address instead of DNS name.

-a = show systems that are alive.

-q = Quiet doesn't show per-probe results.

-i = The miniumum amount of time (in milliseconds between sending a ping packet to any target).

-r = Retry limit

Reasources:

https://stackoverflow.com/questions/37301094/display-hosts-alive-with-fping

PreviousAssignment 1.2: The Kali Virtual Machine NextActivity 3.1: DNS Enumeration

Last updated 2 years ago