CTF All The Things
  • CTF All The Things
  • Useful Stuff
    • Bash-fu
    • Bash mkdir and cd
    • Upgrade Shell
    • Static Binaries
  • Discovery & Scanning
    • NMAP
    • Gobuster
    • SMB
    • SNMP
    • SQLMap
    • Hydra
    • Nikto
    • WPScan
    • Joomla
    • TCPDump
  • Gaining Access
    • Remote Desktop
    • Evil-WinRM
    • Reverse Shells
    • Web Shells
    • SSH Port Forwarding
  • Enumeration & Exploitation
    • Things To Check First
    • Enumeration Scripts
    • Capabilties
    • SUID Binaries
    • Active Services
    • Port Enumeration
    • Steganography
    • Cracking Hashes
  • Reversing
  • Exfiltration
    • Netcat Redirect
    • SSH/SCP
    • Bash wget
    • HTTP Server
  • Maintaining Access
  • Pencer CTF Blog
Powered by GitBook
On this page
Edit on GitHub
  1. Discovery & Scanning

TCPDump

Sometimes it's useful to check connectivity back to us from within a box.

Start tcpdump listening on Kali:

tcpdump -i tun0

Ping Kali tun0 IP, method to do this will vary depending on box:

22:33:43.401625 IP kali.39206 > 10.10.10.8.http: Flags [.], ack 1744, win 276, options [nop,nop,TS val 2785576152 ecr 720506], length 0
22:33:43.402242 IP kali.39206 > 10.10.10.8.http: Flags [F.], seq 406, ack 1744, win 276, options [nop,nop,TS val 2785576153 ecr 720506], length 0
22:33:43.440371 IP 10.10.10.8.http > kali.39206: Flags [.], ack 407, win 257, options [nop,nop,TS val 720511 ecr 2785576153], length 0
PreviousJoomlaNextGaining Access

Last updated 2 years ago