Capture the Flag Tools Recap
If you didn’t make it to tonight’s meeting, or just want more information about the tools we covered, we have you covered. Below you’ll find what we covered and links for more information.
Netcat
Netcat is a utility included with almost every Linux distribution which allows users to make connections and send data over the network.
To run Netcat as a server (listen for connections)
:~$ nc -l -p [port]
To send data to a host with Netcat
:~$ nc [hostname] [port]
Netcat itself is not available for Windows, but Ncat, an improved version of Netcat, is available along with Nmap. You can find more information about Ncat here.
Nmap
Nmap is a “network mapper” tool which can be used to discover hosts which are responding on a network and discover what services are available on those hosts. Versions for Linux, Mac, and Windows and documentation are available from the Nmap homepage.
To discover hosts on a subnet
:~$ nmap -sP [address range]
Address ranges may be given in a variety of styles outlined in the documentation.
To scan a host for active service versions and operating system
# nmap -sV -O [host address]
Wireshark
Wireshark is a network packet sniffer which can be used to analyze captured network traffic. It may be used to inspect individual packets or reconstruct streams of data sent over the network. The tool is available for Linux, Mac, and Windows. Download and usage information can be found at Wireshark’s homepage, http://wireshark.org.
Aircrack
Aircrack-ng has grown into a suite of tools used to audit wireless network security. The set of tools was built for Linux, and, while there is a Windows port, most suggest that you use a Linux LiveCD to run Aircrack. The suite is available on the BackTrack Linux LiveCD distribution.
The example given during the meeting was based on the Simple WEP Crack tutorial on the Aircrack-ng site.