πŸ‘¨β€πŸ’»
Jawad's Notes
  • πŸ‘¨β€πŸ«INFOSEC
    • πŸ•ΈοΈWeb
      • Burp Suite: Setting Foxyproxy
      • XSS
      • Wappalyzer
      • Directory Traversal
      • LFI
        • PHP Wrappers
        • RFI
      • Reverse Shell
        • Command Injection Quick Tips
      • File Upload
      • WPScan
      • SQL Injection
        • Schemas
        • SQLmap
        • MSSQL
        • MySQL
        • PostgreSQL
    • πŸ”§Tools
      • Whois
      • DNSRecon
      • DNSenum
      • nslookup
      • Netcat
        • Powercat
      • Nmap
        • Nmap Scripting Engine
        • Test-NetConnection
        • Grep
      • Server Message Block (SMB)
      • SNMP
      • SMTP
      • ExifTool
      • Search Engine Hacking
      • Source Control Hacking
      • Nessus
      • Canarytokens
      • Qualys SSL Server Test
      • Security Headers
      • theHarvester
      • Shodan
      • Gobuster
        • Dirb
      • Searchsploit
      • Password Cracking
        • Hashcat
        • John The Ripper
        • Hydra
        • hashID
        • CPU vs GPU
    • 🐧Linux
      • Symbols
      • cat
      • curl
      • openvpn
      • tcpdump
      • Remote Desktop
      • SmbShare
      • Tmux
      • Convert Windows-style line endings (CRLF) to Unix-style (LF)
      • SSH
    • πŸ–₯️Macros in Office
    • 🍎Enhancing Your MacOS Terminal Experience
    • 🚩CTF
      • SQL Injection
        • WHERE clause allowing retrieval of hidden data
        • Allowing login bypass
        • UNION attack, determining the number of columns returned by the query
        • UNION attack, finding a column containing text
        • UNION attack, retrieving data from other tables
        • UNION attack, retrieving multiple values in a single column
        • Querying the database type and version on Oracle
Powered by GitBook
On this page
  1. INFOSEC
  2. Linux

tcpdump

If you're attempting a command injection and want to confirm whether your commands are being executed on the target, you can always try pinging your machine and capture the ping using tcpdump.

sudo tcpdump -i tun0 icmp

  • -i tun0: Specifies the network interface on which tcpdump should listen for traffic. In this case, tun0 is typically associated with a VPN interface. Network interfaces for VPNs can vary based on the configuration and the software used. tun0 is commonly used for configurations where traffic is routed through a tunnel interface, such as with OpenVPN.

  • icmp: This is a filter to limit the output to ICMP packets only. ICMP is used by the ping utility to send echo requests and receive echo replies. Capturing ICMP packets helps in monitoring ping requests and responses which are used for diagnostics such as network reachability.

Checking Your Network Interface:

The command assumes you are using tun0 as your network interface, but this might not be the case, especially if your system configuration differs or if you are using multiple VPNs or other network interfaces. You can check the available network interfaces and identify your VPN interface by running ifconfig ; the interface name could be tun0, tun1, eth0, etc.,

PreviousopenvpnNextRemote Desktop

Last updated 11 months ago

πŸ‘¨β€πŸ«
🐧