oiv_1968 Posted March 28, 2019 Author Share Posted March 28, 2019 Доброго всем времени суток! Так как же с цепочкой прокси? Долго не смог сделать. Но вот наткнулся на https://github.com/rofl0r/proxychains-ng Ну и гугл помог. Сначала собрал для PC(Debian), но там без проблем вообще. Испытал - работает. А как с UC7112LX-Plus? Сначала было печально. Но вот потом с бубном и матом вот: proxychains-ng.zip Испытал! Работает. Испытал цепочку локальных прокси. Конечно через curl (ранее про него говорилось уже). Долго конечно делал(собирал, а где-то и изменял код выбирая в #ifdeb #define - но фактически ничего не менял). Для работы файл libproxychains4.so надо поместить в /lib и файл proxychains4 соответственно в /usr/bin Повторно напомню, что такие(указанные) директории у меня на SD карте. А пример файла конфигурации тут: https://github.com/rofl0r/proxychains-ng/blob/master/src/proxychains.conf его можно использовать как из локальной директории с указанием через -f <file.conf> или он будет найден самим proxychains4 в /etc/proxychains.conf www-data@Moxa:~/ramdisk$ proxychains4 -f proxychains.conf curl -L -k -I www.moxa.ru [proxychains] config file found: proxychains.conf [proxychains] preloading /lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.14 [proxychains] Strict chain ... 127.0.0.1:8080 ... 192.168.0.234:8080 ... 192.168.0.3:8080 ... www.moxa.ru:80 ... OK HTTP/1.1 301 Moved Permanently Server: nginx/1.14.1 Date: Thu, 28 Mar 2019 11:58:14 GMT Content-Type: text/html Content-Length: 185 Connection: keep-alive Location: https://www.moxa.ru/ [proxychains] Strict chain ... 127.0.0.1:8080 ... 192.168.0.234:8080 ... 192.168.0.3:8080 ... www.moxa.ru:443 ... OK HTTP/1.1 200 Ok Server: nginx/1.14.1 Date: Thu, 28 Mar 2019 11:58:15 GMT Content-Type: text/html; charset=utf-8 Content-Length: 27520 Connection: keep-alive Expires: Thu, 19 Nov 1981 08 Cache-Control: private, no-cache, must-revalidate, max-age=0 Pragma: no-cache Status: 200 Ok X-Generated-By: UMI.CMS X-CMS-Version: dev X-XSS-Protection: 0 Set-Cookie: PHPSESSID=gfsoa9df891c0j5ugq7gpusbk3; expires=Thu, 11-Apr-2019 11:58:15 GMT; Max-Age=1209600; path=/; HttpOnly Set-Cookie: customer_currency=13; expires=Mon, 01-Apr-2019 15:58:15 GMT; Max-Age=360000; path=/ www-data@Moxa:~/ramdisk$ Как видно на самой UC7112LX-Plus поднят ещё и прокси (порт 8080), потом другой прокси и прокси для выхода в интернет. А далее отработал curl с выводом в консоль. Link to comment
oiv_1968 Posted March 28, 2019 Author Share Posted March 28, 2019 В 01.03.2019 в 09:17, oiv_1968 сказал: Доброго времени суток! Кроме netcat вот ещё и socat socat.zip Ранее не применял, но вчера после сборки испытал. Работает! На мой взгляд в ряде применений удобнее netcat, ну сами знаете. Уважаемые знатоки! А можно ли им как говориться наводить многоарочные мосты? А зачем? А много где. Вот к примеру связать /dev/ttyMO на устройстве и сокет socat tcp-listen:1234,fork /dev/ttyM0 Сам подсмотрел конечно. Но тут всё что придёт на сокет (порт 1234) уйдёт в порт /dev/ttyM0 и уйдёт обратно. И запустил на устройстве Для примера запустил на PC telnet 192.168.0.240 1234 Trying 192.168.0.240... Connected to 192.168.0.240. Escape character is '^]'. 1234 1234 1234 ;lkj;lkj;j ;lkj;lkj;lkj;lkj При нажатии "enter" набранная стока уходит в порт устройства и мигает "TX" и если pin2 и pin3 для этого замкнуть то и "RX" и эхо вернётся обратно в PC. Аналогично испытал монитор "Modbus Pol" монитор Modbus. Всё работает. Но для этого порт устройстве перевести в режим RS485. Вот так: root@Moxa:~# chmod 777 /dev/ttyM0 root@Moxa:~# setinterface Usage: setinterface device-node [interface-no] device-node - /dev/ttyM0 ~ /dev/ttyM3 interface-no - following: none - to view now setting 0 - set to RS232 interface 1 - set to RS485-2WIRES interface 2 - set to RS422 interface 3 - set to RS485-4WIRES interface root@Moxa:~# setinterface /dev/ttyM0 1 root@Moxa:~# Тут сначала дали разрешение на последовательный порт для всех, посмотрели подсказку на изменение режима и изменили режим работы на RS485. Скорость и другие параметры порта я не трогал. Для работы с устройствами Modbus по сети через UC7112LX-Plus. Установив socat на устройство спокойно производится проброс последовательного "соединения" по локальной сети. Можно применять и локальные программы на PC для работы с удалённым устройством через моха. Удобно для отработки с неизвестным устройством. Надо посмотреть может и конфигурация прокатит ну например для ОВЕН устройств ввода-вывода... и не надо их демонтировать для изменения настроек, которые вдруг приходится менять. А ранее было такое вдруг стало надо перейти с 9600 на 115200 после того как был установлен повторитель интерфейса на длинной линии. И приходилось их каждай снимать и конфигуратором(программой) изменять. Было не очень весело. А тут можно и штатный контроллер применять без демонтажа. А штатный это IA240LX Link to comment
oiv_1968 Posted April 1, 2019 Author Share Posted April 1, 2019 Доброго времени суток! Прошу прощения за беспокойство! Вот proxychains-ng... точнее установка (в сессии root): proxychains-ng.zip Надо только распаковать на устройство, и запустить install.sh: root@Moxa:/home/httpd/ramdisk/inst/proxychains-ng# ./install.sh --- proxychains-ng ----- setup to MOXA IA240LX, IA241LX, UC7112LX-Plus... ...copy proxychains4 to /usr/bin ...copy proxychains4.so to /usr/lib ...copy proxychains.conf to /etc --- end --- root@Moxa:/home/httpd/ramdisk/inst/proxychains-ng# В директории /etc будет файл proxychains.conf в конце файла ... ... ... # ProxyList format # type ip port [user pass] # (values separated by 'tab' or 'blank') # # only numeric ipv4 addresses are valid # # # Examples: # # socks5 192.168.67.78 1080 lamer secret # http 192.168.89.3 8080 justu hidden # socks4 192.168.1.49 1080 # http 192.168.39.93 8080 # # # proxy types: http, socks4, socks5 # ( auth types supported: "basic"-http "user/pass"-socks ) # [ProxyList] # add proxy here ... # meanwile # maintest: # http 192.168.0.234 8080 www-data www-data В конце указать список прокси по порядку указав протокол и пользователя с паролем если таковые есть. Если нет, то заполнять не надо. Там в примере всё показано. Link to comment
oiv_1968 Posted April 4, 2019 Author Share Posted April 4, 2019 Простите за назойливость, но вот: Это консольный браузер lynx. Прямо запущен по ssh в устройстве. Возможно будет удобен в ряде случаев. Но вот честно сказать, только собрал и как надо не испытал. В данном случае из одного устройства IA240 зашли в UC7112LX-Plus Этот архив: lynx.zip распаковать в устройство, произвести запуск install.sh в root. В директорию /usr/bin будет скопирован lynx а в директорию /usr/local/etc файлы конфигурации. Программа сразу будет в консоли, как команда: www-data@Moxa:~$ lynx --help USAGE: lynx [options] [file] Options are: - receive options and arguments from stdin -accept_all_cookies accept cookies without prompting if Set-Cookie handling is on (off) -anonymous apply restrictions for anonymous account, see also -restrictions -assume_charset=MIMEname charset for documents that don't specify it -assume_local_charset=MIMEname charset assumed for local files -assume_unrec_charset=MIMEname use this instead of unrecognized charsets -auth=id:pw authentication information for protected documents -base prepend a request URL comment and BASE tag to text/html outputs for -source dumps -bibhost=URL local bibp server (default http://bibhost/) -book use the bookmark page as the startfile (off) -buried_news toggles scanning of news articles for buried references (on) -cache=NUMBER NUMBER of documents cached in memory -case enable case sensitive user searching (off) -center toggle center alignment in HTML TABLE (off) -cfg=FILENAME specifies a lynx.cfg file other than the default -child exit on left-arrow in startfile, and disable save to disk -child_relaxed exit on left-arrow in startfile (allows save to disk) -cmd_log=FILENAME log keystroke commands to the given file -cmd_script=FILENAME read keystroke commands from the given file (see -cmd_log) -connect_timeout=N set the N-second connection timeout (18000) -cookie_file=FILENAME specifies a file to use to read cookies -cookie_save_file=FILENAME specifies a file to use to store cookies -cookies toggles handling of Set-Cookie headers (on) -core toggles forced core dumps on fatal errors (off) -crawl with -traversal, output each page to a file with -dump, format output as with -traversal, but to stdout -curses_pads uses curses pad feature to support left/right shifting (on) -debug_partial incremental display stages with MessageSecs delay (off) -delay=NNN set NNN-second delay at statusline message (0.000) -display=DISPLAY set the display variable for X exec'ed programs -display_charset=MIMEname charset for the terminal output -dont_wrap_pre inhibit wrapping of text in <pre> when -dump'ing and -crawl'ing, mark wrapped lines in interactive session (off) -dump dump the first file to stdout and exit -editor=EDITOR enable edit mode with specified editor -emacskeys enable emacs-like key movement (off) -enable_scrollback toggles compatibility with comm programs' scrollback keys (may be incompatible with some curses packages) (off) -error_file=FILE write the HTTP status code here -force_empty_hrefless_a force HREF-less 'A' elements to be empty (close them as soon as they are seen) (off) -force_html forces the first document to be interpreted as HTML (off) -force_secure toggles forcing of the secure flag for SSL cookies (off) -forms_options toggles forms-based vs old-style options menu (on) -from toggle transmission of From headers (on) -ftp disable ftp access (off) -get_data user data for get forms, read from stdin, terminated by '---' on a line -head send a HEAD request (off) -help print this usage message -hiddenlinks=[option] hidden links: options are merge, listonly, or ignore -historical toggles use of '>' or '-->' as terminator for comments (off) -homepage=URL set homepage separate from start page -html5_charsets toggles use of HTML5 charset replacements (off) -image_links toggles inclusion of links for all images (off) -index=URL set the default index file to URL -ismap toggles inclusion of ISMAP links when client-side MAPs are present (off) -justify do justification of text (off) -link=NUMBER starting count for lnk#.dat files produced by -crawl (0) -list_inline with -dump, forces it to show links inline with text (off) -listonly with -dump, forces it to show only the list of links (off) -localhost disable URLs that point to remote hosts (off) -lss=FILENAME specifies a lynx.lss file other than the default -mime_header include mime headers and force source dump -minimal toggles minimal versus valid comment parsing (on) -newschunksize=NUMBER number of articles in chunked news listings -newsmaxchunk=NUMBER maximum news articles in listings before chunking -nobold disable bold video-attribute -nobrowse disable directory browsing -nocc disable Cc: prompts for self copies of mailings (off) -nocolor turn off color support -nofilereferer disable transmission of Referer headers for file URLs (on) -nolist disable the link list feature in dumps (off) -nolog disable mailing of error messages to document owners (on) -nomargins disable the right/left margins in the default style-sheet (off) -nomore disable -more- string in statusline messages -nonrestarting_sigwinch make window size change handler non-restarting (off) -nonumbers disable the link/form numbering feature in dumps (off) -nopause disable forced pauses for statusline messages -noprint disable some print functions, like -restrictions=print (off) -noredir don't follow Location: redirection (off) -noreferer disable transmission of Referer headers (off) -noreverse disable reverse video-attribute -nostatus disable the miscellaneous information messages (off) -notitle disable the title at the top of each page (off) -nounderline disable underline video-attribute -number_fields force numbering of links as well as form input fields (off) -number_links force numbering of links (off) -output_filename_mode with -crawl and -traversal, how to name the file: 0 default 1 use page title (0) -partial toggles display partial pages while downloading (on) -partial_thres [=NUMBER] number of lines to render before repainting display with partial-display logic (-1) -passive-ftp toggles passive ftp connection (on) -pauth=id:pw authentication information for protected proxy server -popup toggles handling of single-choice SELECT options via popup windows or as lists of radio buttons (off) -post_data user data for post forms, read from stdin, terminated by '---' on a line -preparsed show parsed text/html with -source and in source view to visualize how lynx behaves with invalid HTML (off) -prettysrc do syntax highlighting and hyperlink handling in source view (off) -print enable print functions (DEFAULT), opposite of -noprint (on) -pseudo_inlines toggles pseudo-ALTs for inlines with no ALT string (on) -raw toggles default setting of 8-bit character translations or CJK mode for the startup character set (off) -realm restricts access to URLs in the starting realm (off) -read_timeout=N set the N-second read-timeout (18000) -reload flushes the cache on a proxy server (only the first document affected) (off) -restrictions=[options] use -restrictions to see list -resubmit_posts toggles forced resubmissions (no-cache) of forms with method POST when the documents they returned are sought with the PREV_DOC command or from the History List (off) -rlogin disable rlogins (off) -scrollbar toggles showing scrollbar (off) -scrollbar_arrow toggles showing arrows at ends of the scrollbar (on) -selective require .www_browsable files to browse directories -session=FILENAME resumes from specified file on startup and saves session to that file on exit -sessionin=FILENAME resumes session from specified file -sessionout=FILENAME saves session to specified file -short_url enables examination of beginning and end of long URL in status line (off) -show_cfg Show `LYNX.CFG' setting (off) -show_cursor toggles hiding of the cursor in the lower right corner (on) -show_rate toggles display of transfer rate (on) -soft_dquotes toggles emulation of the old Netscape and Mosaic bug which treated '>' as a co-terminator for double-quotes and tags (off) -source dump the source of the first file to stdout and exit -stack_dump disable SIGINT cleanup handler (off) -startfile_ok allow non-http startfile and homepage with -validate (off) -stderr write warning messages to standard error when -dump or -source is used (off) -stdin read startfile from standard input (off) -tagsoup use TagSoup rather than SortaSGML parser (off) -telnet disable telnets (off) -term=TERM set terminal type to TERM -tlog toggles use of a Lynx Trace Log for the current session (on) -tna turn on "Textfields Need Activation" mode (off) -trace turns on Lynx trace mode (off) -trace_mask customize Lynx trace mode (0) -traversal traverse all http links derived from startfile -trim_input_fields trim input text/textarea fields in forms (off) -underline_links toggles use of underline/bold attribute for links (off) -underscore toggles use of _underline_ format in dumps (off) -unique_urls toggles use of unique-urls setting for -dump and -listonly options (off) -use_mouse turn on mouse support (off) -useragent=Name set alternate Lynx User-Agent header -validate accept only http URLs (meant for validation) implies more restrictions than -anonymous, but goto is allowed for http and https (off) -verbose toggles [LINK], [IMAGE] and [INLINE] comments with filenames of these images (on) -version print Lynx version information -vikeys enable vi-like key movement (off) -width=NUMBER screen width for formatting of dumps (default is 80) -with_backspaces emit backspaces in output if -dumping or -crawling (like 'man' does) (off) -xhtml-parsing enable XHTML 1.0 parsing (off) www-data@Moxa:~$ Браузер работает, но при обращении к большому содержимому затык. Сбрасывает какое-то содержимое в /tmp похоже надо что-то в настройках менять. Link to comment
oiv_1968 Posted April 5, 2019 Author Share Posted April 5, 2019 Доброго времени суток! вот про lynx: Making HTTP connection to 192.168.0.234 Sending HTTP request. HTTP request sent; waiting for response. HTTP/1.1 200 OK Data transfer complete /bin/gzip -d --no-name /tmp/lynxXXXXGPoHpw/L541-7561TMP.html.gz Alert!: Error uncompressing temporary file! lynx: Start file could not be found or is not text/html or text/plain Exiting... www-data@Moxa:~$ ругается на gzip. Смотрим: www-data@Moxa:~$ gzip --help BusyBox v1.13.3 (2009-06-04 09:41:31 CST) multi-call binary Usage: gzip [OPTION]... [FILE]... Compress FILEs (or standard input) Options: -c Write to standard output -d Decompress -f Force www-data@Moxa:~$ а он gzip и не умеет --no-name. Ну соответственно и выскакивет по ошибке. Кстати w3m посмотрел на debian - он в самый раз но вот при сборке требует GC Library. Как его выключить если вообще возможно? Link to comment
oiv_1968 Posted April 5, 2019 Author Share Posted April 5, 2019 Зато только что elinks собрал и испытал. Конечно криво собрал... пока криво. Но выводит таблички и т.п. Пока убрал ssl, иначе не собирается пока. Вечером openssl буду проверять, собрал вот дома. Может прикрутится. Link to comment
oiv_1968 Posted April 5, 2019 Author Share Posted April 5, 2019 А это консольный браузер elinks (зашли по ssh на устройство, а в нём ходим по сайтам) Вот: Не имеем выход через прокси... А proxychains4 elinks 2>/dev/null зачем? тут все пути URL с прокси и указываем. Вот GOOGLE: https://yadi.sk/d/l53H3_9u19qSjg Link to comment
oiv_1968 Posted April 5, 2019 Author Share Posted April 5, 2019 А какая возможность выложить? У меня такой маленький доступный размер! Или это возможно если в новой теме? Link to comment
oiv_1968 Posted April 5, 2019 Author Share Posted April 5, 2019 В 04.04.2019 в 15:57, Незнайка сказал: Если можно, разрешите мне выложить elinks.zip, который вксит 2.2 Мб! Там даже не установка, а просто исполняемый файл в архиве!!! А консольный браузер... поверьте удобен! Link to comment
Незнайка Posted April 6, 2019 Share Posted April 6, 2019 7 hours ago, oiv_1968 said: Если можно, разрешите мне выложить elinks.zip, который вксит 2.2 Мб! Там даже не установка, а просто исполняемый файл в архиве!!! А консольный браузер... поверьте удобен! У меня такая же квота как и у вас Сам через Яндекс.диск файлы выкладываю... Link to comment
oiv_1968 Posted May 14, 2019 Author Share Posted May 14, 2019 Доброго времени суток! вот собрал gzip, установил alias что бы не быть привязанным к директории (это глупо конечно)... www-data@Moxa:~$ gzip gzip: compressed data not written to a terminal. Use -f to force compression. For help, type: gzip -h www-data@Moxa:~$ gzip -h Usage: gzip [OPTION]... [FILE]... Compress or uncompress FILEs (by default, compress FILES in-place). Mandatory arguments to long options are mandatory for short options too. -c, --stdout write on standard output, keep original files unchanged -d, --decompress decompress -f, --force force overwrite of output file and compress links -h, --help give this help -k, --keep keep (don't delete) input files -l, --list list compressed file contents -L, --license display software license -n, --no-name do not save or restore the original name and time stamp -N, --name save or restore the original name and time stamp -q, --quiet suppress all warnings -r, --recursive operate recursively on directories -S, --suffix=SUF use suffix SUF on compressed files -t, --test test compressed file integrity -v, --verbose verbose mode -V, --version display version number -1, --fast compress faster -9, --best compress better With no FILE, or when FILE is -, read standard input. Report bugs to <bug-gzip@gnu.org>. www-data@Moxa:~$ ...потому как busybox: www-data@Moxa:~$ busybox BusyBox v1.13.3 (2017-06-28 14:40:08 CST) multi-call binary Copyright (C) 1998-2008 Erik Andersen, Rob Landley, Denys Vlasenko and others. Licensed under GPLv2. See source distribution for full notice. Usage: busybox [function] [arguments]... or: function [arguments]... BusyBox is a multi-call binary that combines many common Unix utilities into a single executable. Most people will create a link to busybox for each function they wish to use and BusyBox will act like whatever it was invoked as! Currently defined functions: [, [[, addgroup, adduser, arp, awk, basename, brctl, cat, chgrp, chmod, chown, chpasswd, chroot, clear, cmp, cp, cut, date, delgroup, deluser, depmod, df, dirname, dmesg, du, echo, egrep, env, expand, expr, false, fdisk, fgrep, find, free, fuser, getty, grep, gunzip, gzip, head, hostname, hwclock, id, ifconfig, ifdown, ifup, insmod, ip, kill, killall, klogd, ln, logger, login, ls, lsmod, md5sum, mesg, mkdir, mkfifo, mknod, mktemp, modprobe, more, mount, mv, netstat, nice, nohup, passwd, pidof, ping, ps, pwd, renice, reset, rm, rmdir, rmmod, route, run-parts, sed, sleep, sort, start-stop-daemon, stty, su, sulogin, sync, syslogd, tail, tar, tcpsvd, tee, telnet, test, tftp, top, touch, tr, traceroute, true, umount, uname, unzip, uptime, usleep, vi, wc, wget, which, xargs, yes, zcat www-data@Moxa:~$ как видно новый внешний gzip имеет этот -n, --no-name do not save or restore the original name and time stamp Имеется ли возможность заменить старый gzip на новый www-data@Moxa:~$ gzip -V gzip 1.6 Copyright (C) 2007, 2010, 2011 Free Software Foundation, Inc. Copyright (C) 1993 Jean-loup Gailly. This is free software. You may redistribute copies of it under the terms of the GNU General Public License <http://www.gnu.org/licenses/gpl.html>. There is NO WARRANTY, to the extent permitted by law. Written by Jean-loup Gailly. www-data@Moxa:~$ В строке командной спокойно запускается через алиас, а вот скрипт и lynx и другие используют то, что в busybox. В этом и вопрос собственно. Link to comment
oiv_1968 Posted June 17, 2019 Author Share Posted June 17, 2019 Доброго времени суток! Вот кстати(только не знаю надо-ли): sslscan.zip Суда по названию понятно. Но ранее указанные инструменты (curl и т.п.) уже содержат кое-что, а это в дополнение для теста. Запускается в консоли IA240LX/UC7112LX-Plus. Это было надо для настройки устройства, которое пока не настроено. www-data@Moxa:~/ramdisk$ ./sslscan _ ___ ___| |___ ___ __ _ _ __ / __/ __| / __|/ __/ _` | '_ \ \__ \__ \ \__ \ (_| (_| | | | | |___/___/_|___/\___\__,_|_| |_| 1.11.13 OpenSSL 1.0.2r 26 Feb 2019 OpenSSL version does not support SSLv2 SSLv2 ciphers will not be detected Command: ./sslscan [Options] [host:port | host] Options: --targets=<file> A file containing a list of hosts to check. Hosts can be supplied with ports (host:port) --sni-name=<name> Hostname for SNI --ipv4, -4 Only use IPv4 --ipv6, -6 Only use IPv6 --show-certificate Show full certificate information --no-check-certificate Don't warn about weak certificate algorithm or keys --show-client-cas Show trusted CAs for TLS client auth --show-ciphers Show supported client ciphers --show-cipher-ids Show cipher ids --show-times Show handhake times in milliseconds --ssl3 Only check SSLv3 ciphers --tls10 Only check TLSv1.0 ciphers --tls11 Only check TLSv1.1 ciphers --tls12 Only check TLSv1.2 ciphers --tlsall Only check TLS ciphers (all versions) --ocsp Request OCSP response from server --pk=<file> A file containing the private key or a PKCS#12 file containing a private key/certificate pair --pkpass=<password> The password for the private key or PKCS#12 file --certs=<file> A file containing PEM/ASN1 formatted client certificates --no-ciphersuites Do not check for supported ciphersuites --no-fallback Do not check for TLS Fallback SCSV --no-renegotiation Do not check for TLS renegotiation --no-compression Do not check for TLS compression (CRIME) --no-heartbleed Do not check for OpenSSL Heartbleed (CVE-2014-0160) --starttls-ftp STARTTLS setup for FTP --starttls-imap STARTTLS setup for IMAP --starttls-irc STARTTLS setup for IRC --starttls-ldap STARTTLS setup for LDAP --starttls-pop3 STARTTLS setup for POP3 --starttls-smtp STARTTLS setup for SMTP --starttls-mysql STARTTLS setup for MYSQL --starttls-xmpp STARTTLS setup for XMPP --starttls-psql STARTTLS setup for PostgreSQL --xmpp-server Use a server-to-server XMPP handshake --http Test a HTTP connection --rdp Send RDP preamble before starting scan --bugs Enable SSL implementation bug work-arounds --timeout=<sec> Set socket timeout. Default is 3s --sleep=<msec> Pause between connection request. Default is disabled --xml=<file> Output results to an XML file <file> can be -, which means stdout --version Display the program version --verbose Display verbose output --no-cipher-details Disable EC curve names and EDH/RSA key lengths output --no-colour Disable coloured output --help Display the help text you are now reading Example: ./sslscan 127.0.0.1 ./sslscan [::1] Ну и применение - проба www-data@Moxa:~/ramdisk$ ./sslscan 192.168.0.234 Version: 1.11.13 OpenSSL 1.0.2r 26 Feb 2019 OpenSSL version does not support SSLv2 SSLv2 ciphers will not be detected Connected to 192.168.0.234 Testing SSL server 192.168.0.234 on port 443 using SNI name 192.168.0.234 TLS Fallback SCSV: Server supports TLS Fallback SCSV TLS renegotiation: Secure session renegotiation supported TLS Compression: Compression disabled Heartbleed: TLS 1.2 not vulnerable to heartbleed TLS 1.1 not vulnerable to heartbleed TLS 1.0 not vulnerable to heartbleed Supported Server Cipher(s): Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256 Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits Accepted TLSv1.2 256 bits AES256-GCM-SHA384 Accepted TLSv1.2 256 bits AES256-SHA256 Accepted TLSv1.2 256 bits AES256-SHA Accepted TLSv1.2 256 bits CAMELLIA256-SHA Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256 Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256 Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256 Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256 Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits Accepted TLSv1.1 256 bits AES256-SHA Accepted TLSv1.1 256 bits CAMELLIA256-SHA Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256 Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits Accepted TLSv1.1 128 bits AES128-SHA Accepted TLSv1.1 128 bits CAMELLIA128-SHA Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256 SSL Certificate: Signature Algorithm: sha256WithRSAEncryption RSA Key Strength: 2048 Subject: www-data Issuer: www-data Not valid before: Apr 10 06:29:46 2019 GMT Not valid after: Apr 7 06:29:46 2029 GMT www-data@Moxa:~/ramdisk$ Сообщения - отчёты цветные. И много чего всплывает... Link to comment
oiv_1968 Posted September 3, 2019 Author Share Posted September 3, 2019 Утилита tree Для установки распаковать в устройство и запустить setup.sh из под root. У меня /usr/bin на sd карте в эту директорию и скопируется tree теперь как пример: www-data@Moxa:~/ramdisk$ tree /usr/sbin /usr/sbin ├── chroot ├── exportfs ├── rpc.lockd ├── rpc.mountd ├── rpc.nfsd └── rpc.statd 0 directories, 6 files www-data@Moxa:~/ramdisk$ Иногда бывает надо, а теперь и на IA240/UC-7112-Lx-Plus tree.zip Link to comment
oiv_1968 Posted September 12, 2019 Author Share Posted September 12, 2019 Вот: www-data@Moxa:~/ramdisk$ proxychains4 whois rostelecom.ru [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.14 [proxychains] Strict chain ... 192.168.1.131:8080 ... 192.168.1.131:8080 ... whois.tcinet.ru:43 ... OK % By submitting a query to RIPN's Whois Service % you agree to abide by the following terms of use: % http://www.ripn.net/about/servpol.html#3.2 (in Russian) % http://www.ripn.net/about/en/servpol.html#3.2 (in English). domain: ROSTELECOM.RU nserver: ns1.rostelecom.ru. 87.226.162.62 nserver: ns2.rostelecom.ru. 87.226.159.65 nserver: ns.rt-comm.ru. state: REGISTERED, DELEGATED, VERIFIED org: Public Joint Stock Company "Rostelecom" registrar: RU-CENTER-RU admin-contact: https://www.nic.ru/whois created: 2000-03-01T00:42:19Z paid-till: 2020-04-30T21:00:00Z free-date: 2020-06-01 source: TCI Last updated on 2019-09-12T21:51:35Z www-data@Moxa:~/ramdisk$ proxychains4 whois 87.226.162.62 [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.14 [proxychains] Strict chain ... 192.168.1.131:8080 ... 192.168.1.131:8080 ... whois.ripe.net:43 ... OK % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '87.226.159.0 - 87.226.162.255' % Abuse contact for '87.226.159.0 - 87.226.162.255' is 'abuse@rt.ru' inetnum: 87.226.159.0 - 87.226.162.255 netname: ROSTELECOMNET descr: PJSC Rostelecom country: RU org: ORG-JR8-RIPE admin-c: RTNC-RIPE tech-c: RTNC-RIPE status: ASSIGNED PA mnt-by: ROSTELECOM-MNT created: 2007-09-14T13:34:29Z last-modified: 2016-08-08T08:42:03Z source: RIPE # Filtered organisation: ORG-JR8-RIPE org-name: PJSC Rostelecom org-type: LIR address: 25-2, Dubovaya Roscha street address: 127427 address: MOSCOW address: RUSSIAN FEDERATION phone: +7 495 339 11 22 fax-no: +74999953619 admin-c: RTNC-RIPE admin-c: DS4715-RIPE admin-c: EP6706-RIPE admin-c: OO1522-RIPE admin-c: NM7547-RIPE admin-c: AA728-RIPE admin-c: SVS153-RIPE admin-c: ASV77-RIPE admin-c: RVP-RIPE admin-c: VEV57-RIPE admin-c: TR4627-RIPE admin-c: TL4565-RIPE admin-c: AVB77-RIPE admin-c: DN216-RIPE admin-c: DA2353-RIPE admin-c: ANK2555-RIPE admin-c: IS111-RIPE admin-c: VE128-RIPE admin-c: SS216-RIPE abuse-c: RTNC-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: ROSTELECOM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: ROSTELECOM-MNT created: 2005-03-22T11:11:20Z last-modified: 2018-10-03T10:00:29Z source: RIPE # Filtered role: PJSC Rostelecom Technical Team address: PJSC Rostelecom address: Russian Federation abuse-mailbox: abuse@rt.ru admin-c: DS4715-RIPE admin-c: EEA-RIPE admin-c: AV3066-RIPE tech-c: DS4715-RIPE tech-c: EEA-RIPE tech-c: AV3066-RIPE remarks: trouble: --------------------------------------------------------------- remarks: trouble: Rostelecom NOC is available 24 x 7 remarks: trouble: e-mail noc-ip@rt.ru remarks: trouble: --------------------------------------------------------------- remarks: ------------------------------------------------------------------------ remarks: peering requests: peering@rt.ru remarks: ------------------------------------------------------------------------ remarks: http://www.rostelecom.ru/, looking-glass http://lg.ip.rt.ru/ remarks: ------------------------------------------------------------------------ nic-hdl: RTNC-RIPE mnt-by: ROSTELECOM-MNT created: 2007-11-27T13:28:11Z last-modified: 2019-01-22T09:16:29Z source: RIPE # Filtered % Information related to '87.226.128.0/17AS12389' route: 87.226.128.0/17 origin: AS12389 descr: Rostelecom networks mnt-by: ROSTELECOM-MNT created: 2005-12-26T09:03:39Z last-modified: 2017-07-04T07:28:04Z source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.94.1 (HEREFORD) www-data@Moxa:~/ramdisk$ proxychains4 whois ru [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.14 [proxychains] Strict chain ... 192.168.1.131:8080 ... 192.168.1.131:8080 ... whois.iana.org:43 ... OK % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object domain: RU organisation: Coordination Center for TLD RU address: 8 Marta street 1, bld 12 address: Moscow 127083 address: Russian Federation contact: administrative name: .RU domain Administrative group organisation: Coordination Center for TLD RU address: 8 Marta street 1, bld 12 address: Moscow 127083 address: Russian Federation phone: +7 495 730 29 71 fax-no: +7 495 730 29 68 e-mail: ru-adm@cctld.ru contact: technical name: Technical Center of Internet organisation: Technical Center of Internet address: 8 Marta street 1, bld 12 address: Moscow 127083 address: Russian Federation phone: +7 495 730 29 69 fax-no: +7 495 730 29 68 e-mail: ru-tech@tcinet.ru nserver: A.DNS.RIPN.NET 193.232.128.6 2001:678:17:0:193:232:128:6 nserver: B.DNS.RIPN.NET 194.85.252.62 2001:678:16:0:194:85:252:62 nserver: D.DNS.RIPN.NET 194.190.124.17 2001:678:18:0:194:190:124:17 nserver: E.DNS.RIPN.NET 193.232.142.17 2001:678:15:0:193:232:142:17 nserver: F.DNS.RIPN.NET 193.232.156.17 2001:678:14:0:193:232:156:17 ds-rdata: 55747 8 2 77806C45DCA415FBD8FDEEA0A436EE68FE6AA5B3C23B4D89E03BBEF334FA0CB6 whois: whois.tcinet.ru status: ACTIVE remarks: Registration information: http://www.cctld.ru/en created: 1994-04-07 changed: 2019-09-11 source: IANA www-data@Moxa:~/ramdisk$ proxychains4 whois com [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.14 [proxychains] Strict chain ... 192.168.1.131:8080 ... 192.168.1.131:8080 ... whois.iana.org:43 ... OK % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object domain: COM organisation: VeriSign Global Registry Services address: 12061 Bluemont Way address: Reston Virginia 20190 address: United States contact: administrative name: Registry Customer Service organisation: VeriSign Global Registry Services address: 12061 Bluemont Way address: Reston Virginia 20190 address: United States phone: +1 703 925-6999 fax-no: +1 703 948 3978 e-mail: info@verisign-grs.com contact: technical name: Registry Customer Service organisation: VeriSign Global Registry Services address: 12061 Bluemont Way address: Reston Virginia 20190 address: United States phone: +1 703 925-6999 fax-no: +1 703 948 3978 e-mail: info@verisign-grs.com nserver: A.GTLD-SERVERS.NET 192.5.6.30 2001:503:a83e:0:0:0:2:30 nserver: B.GTLD-SERVERS.NET 192.33.14.30 2001:503:231d:0:0:0:2:30 nserver: C.GTLD-SERVERS.NET 192.26.92.30 2001:503:83eb:0:0:0:0:30 nserver: D.GTLD-SERVERS.NET 192.31.80.30 2001:500:856e:0:0:0:0:30 nserver: E.GTLD-SERVERS.NET 192.12.94.30 2001:502:1ca1:0:0:0:0:30 nserver: F.GTLD-SERVERS.NET 192.35.51.30 2001:503:d414:0:0:0:0:30 nserver: G.GTLD-SERVERS.NET 192.42.93.30 2001:503:eea3:0:0:0:0:30 nserver: H.GTLD-SERVERS.NET 192.54.112.30 2001:502:8cc:0:0:0:0:30 nserver: I.GTLD-SERVERS.NET 192.43.172.30 2001:503:39c1:0:0:0:0:30 nserver: J.GTLD-SERVERS.NET 192.48.79.30 2001:502:7094:0:0:0:0:30 nserver: K.GTLD-SERVERS.NET 192.52.178.30 2001:503:d2d:0:0:0:0:30 nserver: L.GTLD-SERVERS.NET 192.41.162.30 2001:500:d937:0:0:0:0:30 nserver: M.GTLD-SERVERS.NET 192.55.83.30 2001:501:b1f9:0:0:0:0:30 ds-rdata: 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CFC41A5766 whois: whois.verisign-grs.com status: ACTIVE remarks: Registration information: http://www.verisigninc.com created: 1985-01-01 changed: 2017-10-05 source: IANA www-data@Moxa:~/ramdisk$ proxychains4 whois 192.5.6.30 [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.14 [proxychains] Strict chain ... 192.168.1.131:8080 ... 192.168.1.131:8080 ... whois.arin.net:43 ... OK # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2019, American Registry for Internet Numbers, Ltd. # NetRange: 192.5.6.0 - 192.5.6.255 CIDR: 192.5.6.0/24 NetName: VGRSGTLD-1 NetHandle: NET-192-5-6-0-1 Parent: NET192 (NET-192-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: VeriSign Global Registry Services (VGRS) RegDate: 2000-11-30 Updated: 2017-04-14 Ref: https://rdap.arin.net/registry/ip/192.5.6.0 OrgName: VeriSign Global Registry Services OrgId: VGRS Address: 12061 Bluemont Way City: Reston StateProv: VA PostalCode: 20190 Country: US RegDate: 2000-11-30 Updated: 2019-02-01 Ref: https://rdap.arin.net/registry/entity/VGRS OrgTechHandle: SIDDI59-ARIN OrgTechName: siddique, hasan OrgTechPhone: +1-703-948-4337 OrgTechEmail: hsiddique@verisign.com OrgTechRef: https://rdap.arin.net/registry/entity/SIDDI59-ARIN OrgTechHandle: QUESA29-ARIN OrgTechName: Quesada, Christopher OrgTechPhone: +1-571-455-9378 OrgTechEmail: cquesada@verisiign.com OrgTechRef: https://rdap.arin.net/registry/entity/QUESA29-ARIN OrgAbuseHandle: NETWO480-ARIN OrgAbuseName: Network Admin OrgAbusePhone: +1-703-948-4300 OrgAbuseEmail: netadmin@verisign.com OrgAbuseRef: https://rdap.arin.net/registry/entity/NETWO480-ARIN OrgTechHandle: NETWO480-ARIN OrgTechName: Network Admin OrgTechPhone: +1-703-948-4300 OrgTechEmail: netadmin@verisign.com OrgTechRef: https://rdap.arin.net/registry/entity/NETWO480-ARIN OrgTechHandle: GORMA115-ARIN OrgTechName: Gorman, Brad OrgTechPhone: +1-703-948-4484 OrgTechEmail: bgorman@verisign.com OrgTechRef: https://rdap.arin.net/registry/entity/GORMA115-ARIN RTechHandle: ZV22-ARIN RTechName: VeriSign Global Registry Services RTechPhone: +1-703-948-1212 RTechEmail: netadmin@verisign.com RTechRef: https://rdap.arin.net/registry/entity/ZV22-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2019, American Registry for Internet Numbers, Ltd. # Тут whois через прокси, используя proxychains4(рассмотрено ранее в теме). Про назначение посмотрите в поисковике. Распаковать содержимое в /bin (я разместил в /sbin). У меня эти директории на SD карте. whois.zip Link to comment
oiv_1968 Posted February 27, 2020 Author Share Posted February 27, 2020 В 25.11.2017 в 13:04, oiv_1968 сказал: Доброго времени суток Люди Добрые! Собственно возник вопрос: Как получать результат в bash-скрипт из NetCat. Тестировал вот это на Debian (это заготовка): #!/bin/bash # _p1=$1 _p2=$2 _p3=$3 _nc="" _url="" _port="" #определение принадлежности к MOXA _un=$(uname -a | awk '{print($2)}') case $_un in Moxa) _nc="/mnt/sd/nc/nc" ;; *) _nc="nc" ;; esac function _help() { echo "help" } function _spp() { str=$(echo -e $_port | sed "s/-/ /g") _startport=$(echo "$str" | awk '{print($1)}') _stopport=$(echo "$str" | awk '{print($2)}') while ( ((_startport <= _stopport)) ) do str="" str=$($_nc -vnz -4 $_url $_startport 2>&1) res=$(echo "$str" | grep "succeeded!") if [ "$res" != "" ] then echo "$_url $_startport" fi ((_startport += 1)) done } case $1 in "help") _help ;; "-ip") _url=$2 case $3 in "-p") _port=$4 if [ "$_port" == "" ] then echo "-p parametr ?" else _spp fi ;; *) echo "parametr ???" ;; esac ;; *) echo "use \"help\"" ;; esac понятно... в локальной сети: igor@debian-i:~/coding/bash/nsite2$ ./spp.sh -ip 192.168.0.1 -p 21-80 192.168.0.1 23 192.168.0.1 53 192.168.0.1 80 igor@debian-i:~/coding/bash/nsite2$ И все бы не плохо но результат определял по слову в выводе В Debian на ПК: igor@debian-i:~/coding/bash/nsite2$ nc -vnz 192.168.0.1 80 Connection to 192.168.0.1 80 port [tcp/*] succeeded! igor@debian-i:~/coding/bash/nsite2$ А вот тоже самое на UC-7112-Lx-plus: www-data@Moxa:~$ nc -vnz 192.168.0.1 80 192.168.0.1:80 (Dlink-Router.Dlink) open www-data@Moxa:~$ Так по какому принципу (правилу) определять, что порт открыт. Мучение испытывал мой старенький роутер (DIR-620) от ПК и MOXA. Хочется что бы скрипт работал корректно и там и там Заранее благодарен за ответ! Спасибо! Долго ли, коротко ли... но вот: nc -vvz $_url $_port 2>/dev/null res=$? if [ "$res" = "1" ]; then echo "На $_url не найден порт $_port" exit 1 fi найдено решение. Работает! Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now