Wireshark rules | tcp.port == 110 or tcp.port == 995 |
TcpDump | tcpdump -A -i eth0 port 110 or port 995 |
Hypertext Transfer Protocol
Describe what happens if you enter 'www.google.com' into the browser (DNS, TCP, HTTP).
telnet <host> <port> telnet www.google.com 80
Pozn.: Napriklad stranku google.com
ziskame cca po dvou redirectech:
$ telnet www.google.com 80 GET / ✔ HTTP/1.0 302 Found Location: http://www.google.cz/?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw ==================================================================== $ telnet www.google.cz 80 GET /?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw ✔ HTTP/1.0 302 Found Location: http://www.google.cz/?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw&gws_rd=cr Set-Cookie: NID=91=DJn6ORMbM...EjgF91g4f; expires=Thu, 01-Jun-2017 14:23:15 GMT; path=/; domain=.google.com; HttpOnly ==================================================================== $ telnet www.google.cz 80 GET /?gfe_rd=cr&ei=nuA-WITHNPPf8gfQqYqIBw&gws_rd=cr ✔ HTTP/1.0 200 OK https://www.google.com/support/accounts/answer/151657?hl=en for more info." Set-Cookie: NID=91=prZTYHBooV5O...tKu_yHeJy; expires=Thu, 01-Jun-2017 14:26:02 GMT; path=/; domain=.google.com; HttpOnly <!doctype html ...
GET / HTTP/1.0 Host: www.asistech.cz <EOL>
openssl s_client -connect www.google.com:443
Simple Mail Transfer Protocol
$ telnet smtp.example.com 25 HELO cvut.cz EHLO cvut.cz #variant ---------- HELP MAIL FROM: RCPT TO: DATA Subject: .... ... ... . HELP ---------------- QUIT
Post Office Protocol, v. 3
Wireshark: tcp.port==110 and tcp.port==995
$telnet pop3.seznam.cz 110 USER ... PASS ... NOOP STAT LIST RETR 1 TOP 1 5 #5 lines from the 1st msg QUIT
$ openssl s_client -connect pop3.seznam.cz:995
Internet Message Access Protocol
$ telnet imap.seznam.cz 143
//remember session indicator CAPABILITY LOGIN <user> <pass> EXAMINE INBOX LIST "" INBOX SEELCT INBOX SEARCH unseen FETCH "1:*" FLAGS FETCH 1 Body[TEXT] FETCH 1 UID FETCH 1 FULL UID SEARCH ALL UID FETCH <UID> body.peek[header] UID SEARCH UNSEEN LOGOUT
also: uid_copy, uid_store, expunge
$ openssl s_client -connect imap.seznam.cz:995
File Transfer Protocol
(Client must have a public IP Address)
$ telnet ftp.cvut.cz 21 HELP 530 Please login with USER and PASS. USER anonymous PASS none@example.com 230 Login successful. LIST 425 Use PORT or PASV first. PORT 147,32,84,225,4,0 > (in other terminal) > (PORT = 4*256+0 = 1024) > $ netcat -l -p 1024 LIST
... (dtto) PASV 227 Entering Passive Mode (147,32,160,17,193,213) > # PORT = 193*256 + 213 = 49408 + 213 = 49621 > $ telnet 147.32.160.17 49621 LIST 150 Here comes the directory listing. 226 Directory send OK. > lrwxrwxrwx 1 0 0 18 May 27 2008 debian -> mirrors/debian.org > lwrxrwxrwx ...