Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Nmap Network Exploration and Security Auditing Cookbook, Third Edition

You're reading from   Nmap Network Exploration and Security Auditing Cookbook, Third Edition Network discovery and security scanning at your fingertips

Arrow left icon
Product type Paperback
Published in Sep 2021
Publisher Packt
ISBN-13 9781838649357
Length 436 pages
Edition 3rd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Paulino Calderon Paulino Calderon
Author Profile Icon Paulino Calderon
Paulino Calderon
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Chapter 1: Nmap Fundamentals 2. Chapter 2: Getting Familiar with Nmap's Family FREE CHAPTER 3. Chapter 3: Network Scanning 4. Chapter 4: Reconnaissance Tasks 5. Chapter 5: Scanning Web Servers 6. Chapter 6: Scanning Databases 7. Chapter 7: Scanning Mail Servers 8. Chapter 8: Scanning Windows Systems 9. Chapter 9: Scanning ICS/SCADA Systems 10. Chapter 10: Scanning Mainframes 11. Chapter 11: Optimizing Scans 12. Chapter 12: Generating Scan Reports 13. Chapter 13: Writing Your Own NSE Scripts 14. Chapter 14: Exploiting Vulnerabilities with the Nmap Scripting Engine 15. Other Books You May Enjoy Appendix A: HTTP, HTTP Pipelining, and Web Crawling Configuration Options 1. Appendix Β: Brute-Force Password Auditing Options 2. Appendix C: NSE Debugging 3. Appendix D: Additional Output Options 4. Appendix Ε: Introduction to Lua 5. Appendix F: References and Additional Reading

Running Lua scripts against a network connection with Ncat

Ncat allows users to read, write, redirect, and modify network data in some very interesting ways. Think about it as an enhanced version of the traditional tool netcat. Ncat offers the possibility of running external commands once a connection has been established successfully. Users may use Lua scripts to perform actions on the network sockets created by Ncat.

The following recipe will show you how to run an HTTP server contained in a Lua script with Ncat.

How to do it...

  1. Running Lua scripts against network connections in Ncat is very straightforward; just use the --lua-exec option to set the Lua script you want to execute and the listening port or host to connect to:
    $ncat --lua-exec <path to Lua script> --listen <port>
  2. To start a web server with Ncat, locate the httpd.lua script inside your Ncat's script folder and use the following command:
    $ncat --lua-exec /path/to/httpd.lua --listen 8080 --keep-open
  3. Ncat will start listening on port 8080 and execute the specified Lua script. You may verify that the script is running correctly by pointing a web browser in that direction and checking whether the Got a request for message appears on the output.

How it works...

If you have used netcat before, you are already halfway there. Similar to netcat, Ncat can be put into listening (--listen) and connect mode. However, netcat lacks the --lua-exec option, which serves the purpose of executing an external Lua script against the network socket. This option is very handy for scripting tasks aimed at testing or debugging a wide range of services. The main strength of using this execution mode is that the programs are cross-platform as they are executed on the same built-in interpreter.

The httpd.lua script is an example distributed with Ncat to illustrate service emulation, but it should be clear that our options are endless. Lua is a very powerful language, and many tasks can be scripted with very few lines.

There's more...

Ncat offers a wide range of options that are documented thoroughly at https://nmap.org/ncat/guide/index.html. Do not forget to stop there and go over the full documentation.

Other ways of executing external commands with Ncat

Ncat supports three options to execute external programs:

  • --exec: This runs commands without shell interpretation.
  • --sh-exec: This runs commands by passing a string to a system shell.
  • --lua-exec: This runs a Lua script using the built-in interpreter.
You have been reading a chapter from
Nmap Network Exploration and Security Auditing Cookbook, Third Edition - Third Edition
Published in: Sep 2021
Publisher: Packt
ISBN-13: 9781838649357
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image