Programming (part 3) Network Pings

Video Activity

This video covers command line arguments and how to give a command in the number of times you want a network to ping another network. It also discusses how to use data manipulation to see specifically which networks respond to ping.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
14 hours 26 minutes
Difficulty
Advanced
CEU/CPE
15
Video Description

This video covers command line arguments and how to give a command in the number of times you want a network to ping another network. It also discusses how to use data manipulation to see specifically which networks respond to ping.

Video Transcription
00:03
All right, so now we want to add something for if they do use it correctly. So we have our help information. All right, So if
00:12
no command line argument, then do this. But what if they do of a command line argument that we can use its l statement if then this else
00:21
so above the backwards if we wanted else?
00:26
Now we're going to use something called a four loop. There are different kinds of loops. There's, like, a while. But Weiland, for generally the ones you're going to see that most of.
00:35
But what we want to do is say four
00:40
X in.
00:43
Then we want
00:45
the
00:46
backwards quote. Single quote sequence s E Q. 122 54. Backwards. Single quote
00:56
colon do again. This is gonna be a programming language specific. I mean, the key idea here is that we want to do something over and over again. A certain amount of times
01:07
based on
01:07
certain value. So basically four x in sequence 122 54. So X is going to be one the first time to the next time. Three the next time zone and so poor
01:19
all the way up to 254 after 254. It'll finish on. The four loop will be over. So four acts in sequence. 122 54. Do I want a paying? And I want to paying
01:33
my network combined
01:36
again. My first command line argument's gonna be my network.
01:38
Adopt will contaminate. Actually, that's not true. It was. Could count in eight by themselves. Like that would be it,
01:46
but we need to dot Between that, we would need one onto one sick day
01:51
but one Dodge and then
01:55
becomes next. And then we won't X. Whatever X is for the first time. If we give it 192.168 dot one as our command line argument the first time through it 192.168 That one that one. The next time 192168 That one not too so on and so forth all the way up to 254.
02:14
So each time X will be one more
02:19
then to finish done. So that denotes the end of the four loop again, we have
02:25
end of the if of the bottom,
02:29
good say that
02:30
may have noticed something is wrong. So give it
02:35
command line argument 19 to 1 61 in my case.
02:39
So instead of doing a pink sweep here, we're actually just picking 192.168 That one that one over and over and over again. Toe but varies from operating system operating system on windows but have folded on Lee Ping's four times.
02:54
And Lenox. It's just going to ping forever unless we tell it otherwise. So this isn't very useful.
03:00
So can we perhaps
03:04
fix this
03:06
first gonna be here forever
03:07
to control ziti? Get rid of it.
03:10
Um,
03:12
so can we fix this? My first place that I would generally go to is the man. Paige
03:17
and I want to see if there's some way I could tell it. I just wanted ping ones.
03:23
And sure enough, there is his dad ish. See, for count, Stop after sending count Echo request packets so that will allow us to
03:32
not paying forever. The streamline this a bit.
03:38
So we want to do Ping Darcy
03:42
one. So that should
03:44
fix your problem.
03:47
So we got yes, from one.
03:51
It's like no, from to know from three you know, from for some of them. So for
03:55
it will go through and try everything up to 2 54 I do have other Reims running as well as my printer's around here somewhere and whatnot. Since I'm on the bridge network,
04:06
everything was on. The network will call back to May.
04:10
If it does respond to pain Jigen, it may not and still be up.
04:15
My controls you to get rid of it.
04:17
So the output is not that attractive, right? The output is, in fact, pretty terrible.
04:25
So what did we learn in our previous section? That might could be helpful. We do some data manipulation.
04:32
What if we look back at our results?
04:36
We get a response. We get to 64 bites from I p address.
04:42
But if we don't get a response, it looks like we get destination host unreachable.
04:48
So what if we just want to see the ones that are up? That's our goal. Here is we want to see which ones are responding to pain.
04:56
So what if I pipe
05:00
my output?
05:01
Grab it
05:03
64 bites.
05:06
What did I do wrong? Doesn't see it as a string
05:12
to put locations around this.
05:16
Now we're not getting all of that out. Put. All we're getting is our 64 bites from 192.1 succeeds. We'll not one on. If I waited long enough, I would get so more like when they're this 1 77 76 So we're bit higher up right now. We're deciding a router.
05:33
Yours may be different.
05:39
So what we really want is this I p address here. We don't need all of this 64 bites from and what not.
05:46
So what we can do is we can use that cut command hype this and cut the limiter is going to be space. And what feel do we want?
05:56
Let's see. So this just field Juan Field to Field three Field Force. We want field for
06:03
see what we get now,
06:06
almost there.
06:09
We have just that extraneous colon on the end, which is fine. It's perfectly readable. But if we want to put the output of the script into
06:17
another script or into another program, if we need to say, for instance, a list of live ivy addresses that we can use,
06:26
then this isn't going to be ideal.
06:30
So we need some way to get rid of this. So you might have to do some Googling for this one. We didn't show it
06:38
in the previous model that I mentioned it.
06:41
One way to do this would be to the said command
06:46
and correct syntax error that is single quote
06:50
s slash dots dollar signs slash, slash single quote. So basically that saying Take the last character and turned it into nothing
07:02
that honestly would probably be something I would. Google, I said, is not all that awesome.
07:09
So let's try that
07:15
now. It was perfect. So if we let that run, that would go through on DDE.
07:19
Hit all of our I P addresses and it would find
07:24
additional
07:26
systems open. We could, of course, do that
07:30
but Penn so we could do a double greater than sign to send this all to a file. So we wanted to save all our live I P addresses to a file, book it and put it
07:42
later into
07:44
another script.
07:46
We could do that as well
07:48
again, just a little example of
07:51
scripting with Bash.
07:55
It's certainly worth knowing, if only to make your life a little bit easier, maybe not as functional and some of the higher level languages. But you know howto type into a
08:07
Lennox terminal and probably do some basics with badge. And you just have to get your
08:11
syntax for ifs on your fours and wild or other loops. You know, it might not be something you're familiar with. Even if you are familiar with another programming language, it is a bit different. I don't typically see that
08:24
backwards.
08:26
Yes, and then the
08:28
colon do
08:31
not something you typically see in a lot of your other languages. So it may always be a little bit New Year's
08:37
really difficult to be completely flew in it. All the programming languages for sure. You'll certainly get mixed up.
08:43
Who? It's look at
08:46
Python next. So we are going to use Python in our exploit development section.
08:50
And again, I am going to give you python scripts or skeletons, so all you'll have to do is work on the
08:58
actual exploits string. You won't have to worry about setting up a network socket and python and things like that, but I do encourage you to learn it. Heights on is used a lot in information security like our python also use Ruby a lot,
09:13
and so knowing one or both of those would definitely be worthwhile.
Up Next