nerdexam
GIAC

GCIH · Question #756

What would the following netcat command be used for? nc -V -W2 -z -p 53 192.168.193.33 21-112

The correct answer is E. Scan ports 21-112 on host 192.168.193.33 using source port of 53. This netcat command performs a port scan of ports 21-112 on a target host using port 53 as the source port.

Reconnaissance, Scanning, and Enumeration

Question

What would the following netcat command be used for? nc -V -W2 -z -p 53 192.168.193.33 21-112

Options

  • AConfigure host 192.168.193.33 to be a relay between two other systems
  • BSet up a backdoor on host 192.168.193.33 that listens on port 53
  • CScan port 53 on 192.168.193.33 using a source port range of 21-112
  • DSend packets with a DNS payload ranging in size from 21-112 bytes to host 192.168.193.33
  • EScan ports 21-112 on host 192.168.193.33 using source port of 53

How the community answered

(36 responses)
  • A
    6% (2)
  • C
    11% (4)
  • D
    3% (1)
  • E
    81% (29)

Why each option

This netcat command performs a port scan of ports 21-112 on a target host using port 53 as the source port.

AConfigure host 192.168.193.33 to be a relay between two other systems

Relay functionality requires piping two netcat instances together; none of these flags configure a relay or proxy behavior.

BSet up a backdoor on host 192.168.193.33 that listens on port 53

Creating a listener or backdoor requires the -l flag, which is not present in this command.

CScan port 53 on 192.168.193.33 using a source port range of 21-112

The -p flag defines the source port (53), not a port being scanned; the scanned destination range is 21-112.

DSend packets with a DNS payload ranging in size from 21-112 bytes to host 192.168.193.33

Netcat does not construct DNS payloads by default, and 21-112 denotes port numbers, not byte sizes.

EScan ports 21-112 on host 192.168.193.33 using source port of 53Correct

The -z flag puts netcat in zero-I/O scan mode, and the range 21-112 specifies the destination ports to probe on 192.168.193.33. The -p 53 flag sets the source port to 53, a common technique to bypass firewall rules that permit inbound DNS traffic on that port.

Concept tested: Netcat port scanning with spoofed source port

Source: https://nmap.org/ncat/guide/ncat-usage.html

Topics

#netcat#port scanning#source port spoofing#network reconnaissance

Community Discussion

No community discussion yet for this question.

Full GCIH Practice