Window Command Line Ninjitsu

2 02 2010

It is great to have window command line as our attacking tool. Not only it is rapidly deploy, but it also gives us lots of ease. No anymore installation, just only cmd.exe, is all we need. Sample sourcecode is more than I can say.

for iteration

  1. for /l %i in (start,step,stop) do …
  2. sequential command: cmd1 & cmd2 & cmd3
  3. conditional command: cmd1 && cmd2 (if cmd1 works well)

C:\>for /l %i in (1,1,3) do echo "Hey " %i
C:\>echo "Hey " 1
"Hey " 1
C:\>echo "Hey " 2
"Hey " 2
C:\>echo "Hey " 3
"Hey " 3

To disable command printed out, insert @ in front of that command
C:\>for /l %i in (1,1,3) do @echo "Hey " %i
"Hey " 1
"Hey " 2
"Hey " 3

OK, moving to the ping sweep example
C:\>for /l %i in (51,1,60) do @ping -n 1 -w 1 192.168.55.%i | find "Reply"
Reply from 192.168.55.52: bytes=32 time<1ms TTL=127
Reply from 192.168.55.53: bytes=32 time<1ms TTL=127
Reply from 192.168.55.55: bytes=32 time<1ms TTL=127
Reply from 192.168.55.56: bytes=32 time<1ms TTL=127

We can delve deeper by resolving its FQDN

C:\>for /l %i in (51,1,60) do @ping -n 1 -w 1 192.168.55.%i | find "Reply" && nslookup 192.168.55.%i 2>nul | find "Name"
Reply from 192.168.55.52: bytes=32 time<1ms TTL=127
Name:    itc-gis2006-uri.ob.local
Reply from 192.168.55.53: bytes=32 time<1ms TTL=127
Name:    itc-gis2006-013.ob.local
Reply from 192.168.55.55: bytes=32 time<1ms TTL=127
Name:    itc-luk.ob.local
Reply from 192.168.55.56: bytes=32 time<1ms TTL=127
Name:    itc-chan.ob.local

We can parse text files by window command line, too.
C:\>for /f "tokens=1,4 delims=:" %i in (inp1.txt) do @echo %i %j
owner ip
John 192.168.1.5
Tommy 192.168.1.6
Sam 192.168.1.7

More details, you can visit for /f visit through text or find articles about pen  testing ninjitsu by Ed Skoudis.


Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: