Teach you how to easily obtain local area network devices

[[430847]]

Preface

With the rapid development of science and technology, the ways of surfing the Internet are becoming more and more colorful. In the past, when there was no wireless network, people could only use mobile phone cards to surf the Internet. That was the 2G era, which was the era when CMDA was popular. Now, with the rise of WiFi, the number of people using mobile data is gradually decreasing, because it costs money. I am such a person who has to look for WiFi hotspots everywhere to save 1MB. So what does the knowledge I mentioned have to do with today's topic? Of course, otherwise why would I say it? I am just bored. Of course not, because when we connect to WiFi, we are actually in a local area network, so naturally some discussions on one of the above topics arise.

1. WiFi

It is said that the concept of WiFi was proposed by a woman. It is not difficult to create a WiFi hotspot. Generally, WiFi hotspots can be created by routers, computers, and mobile phones.

1. Router

I don't think I need to introduce too much here. Generally, friends who have applied for broadband will have an optical modem and a wireless router. The password is on the back of the router.

2. Computer

If you want to open the WiFi hotspot on your computer, you must connect the network cable to the router to achieve a faster speed. Then we can download a Cheetah WiFi or 360 WiFi. A few years ago, I played with a mobile phone, Coolpad, which had a very fast speed. Even the speed of the computer with the hotspot turned on was not as smooth as the Coolpad mobile phone with the hotspot. So this led to the fact that a loser like me was ruthlessly blacklisted by others.

3. Mobile Phone

For mobile phones, it is also very simple. You just need to turn on the mobile data traffic in the phone, and then turn on the hotspot sharing function. Of course, if your computer is a desktop computer without a wireless network card, you can use USB to connect to the computer host and connect to the USB network.

2. Equipment Query

I saw a very good software a few days ago. Today I want to explain to you that you must not use it for bad things. Download address: https://u062.com/file/7715018-454391455. After downloading, unzip it. There is only one file in it, but please follow the requirements step by step. You must also install Npcap, because this software is responsible for sniffing data connections. After installation, there will be an additional option in the network connection, as shown in the figure:

You see, it must be enabled to sniff resources.

3. Basic Commands

Here I will introduce some of the most basic and common commands for you to use. Why not introduce them all? You will know when you see the end. Let's cut the crap and get straight to the point. As follows:

 --osscan-limit: Limit OS detection to foreground targets  
 --osscan-guess: guess the operating system to be more aggressive  
 –traceroute route tracking
 -sL simply list the target scan list
 -sT TCP connection scan, this is the most basic TCP scan method. This scan is easy to detect
 -sS TCP half-open scan
 -sF,-sX,-sN Secret FIN packet scanning, Xmas Tree, Null scanning mode
 -sP Batch scan the number of hosts alive in a network segment through Ping
 -sU UDP connection scan
 -sA ACK scan, can be used to pass through the firewall
 -sW Sliding window scan, very similar to ACK scan
 -sR RPC scanning, used in combination with other different port scanning methods
 -b FTP bounce attack, connect to an FTP server behind the firewall as a proxy, and then perform a port scan
 -P0 Do not ping the host before scanning, speeding up the scanning process
 - Before scanning, determine which hosts are running
 -PS If the user is in the administrator group, SYN scanning will be used, otherwise ACK
 -PI scans the target host to see if it is running via ICMP connection
 -PB uses -PT and -PI scan types to scan in parallel. If the firewall can filter one of the packets, using this method, you can pass through the firewall.
 --ttl Set IP lifetime  
 --spoof-mac <mac address/prefix/vendor name>: spoof your mac address  
 --badsum: Fake TCP/UDP/SCTP checksum for outgoing packets  
 -e Use the specified interface
 -O This option activates the scanning of TCP/IP fingerprint features to obtain the remote host's logo, that is, the operating system type
 -I turns on the reverse flag scanning feature of nmap
 -f Use fragmented IP packets to send SYN, FIN, XMAS, NULL . Increase the difficulty of packet filtering and intrusion detection systems
 -v Verbose mode, which gives detailed information about the scanning process
 -S <IP> Set source address
 -g port Set the source port for scanning
 -oN redirect scan results to a readable file
 -oS Scan results are output to standard output
 --host_timeout Set the time to scan a host in milliseconds. By default, there is no timeout limit.  
 --max_rtt_timeout Maximum timeout waiting time  
 --min_rtt_timeout minimum timeout waiting time  
 -M count How many sockets to use for connection when performing TCP connection scanning

The ones listed by the editor are not all of them, but basically most of them are what we use frequently. If all of them are listed, I think it may scare you and discourage you, as follows:

Flexible learning is advocated now, so there is no need to worry so much. Let’s take a look at the examples prepared by the editor.

1. Scan all hosts under the network segment

Do you see what the red arrow points to? Yes, it is a host under the LAN segment. Any record in this format indicates that there is a surviving host.

2. Specify the IP range for scanning

Of course, we can also specify how many IPs to scan, as follows:

As you can see, there is no surviving host.

3. Scan the open ports of the specified IP

We can also check their ports. First, we need to check the IP of our computer, as shown in the figure:

Then analyze the ports of this IP to see which ports are open, as shown in the figure:

Here I scanned some commonly used ports and added some delays. But just looking at this is useless, so now we need to proceed to the next step.

4. Sniff the details of the surviving host devices in the LAN segment

The matter ends here. I believe that everyone is rather disdainful of tools with too many commands, but the tool we are talking about today is different. What is the difference? It has a GUI version, as follows:

With this, everyone can completely free their hands.

5. Route tracking function

I believe everyone is familiar with it. It can help us understand the network traffic situation, easily find the network nodes passed from our computer to the destination, and see the time spent passing through each node. As shown in the figure:

6. Learn and use interface tools

What is the benefit of using the command line tool as an interface? Obviously, you don't need to enter so much code, just click OK. First, we select the target IP or domain address we want to scan, as shown in the figure:

Here I chose to scan the port numbers of all TCP connections and collected detailed information. As we all know, there are a total of 65535 ports, so the parameters above are very detailed. We don’t need to enter them ourselves. You just need to select the options you use when scanning. Isn’t it smart? So the editor scanned Baidu, as follows:

We can see that ports 80 and 443 are scanned, which correspond to the Http protocol and Https protocol. In addition, we can also see its network topology, as shown in the figure:

It is very intuitive to understand the gateway address of the current host and the scanned IP address. After the scan is completed, the final result will be obtained, as shown in the figure:

You can see that it only took us three minutes to complete the scan, which is relatively fast. However, there are faster methods, which I will not reveal here.

IV. Conclusion

Through the understanding of local area network, I believe everyone should know some basic hacker skills. Although new technologies are constantly changing, I still want to say that technology will never be outdated, only people will become outdated.