..
网络资产搜集篇-Port.md
hello world
理论上每个 IPv4 或者 IPv6 地址最多可以使用 65536 个端口
$ sudo tcpdump -i any -n -v -X port 8000
tcpdump: data link type PKTAP
tcpdump: listening on any, link-type PKTAP (Apple DLT_PKTAP), snapshot length 524288 bytes
13:27:05.933304 IP (tos 0x0, ttl 64, id 31479, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.88.51906 > 192.168.1.2.8000: Flags [S], cksum 0xe086 (correct), seq 1825011391, win 64240, options [mss 1460,sackOK,TS val 4282063896 ecr 0,nop,wscale 7], length 0
0x0000: 4500 003c 7af7 4000 4006 3c1a c0a8 0158 E..<z.@.@.<....X
0x0010: c0a8 0102 cac2 1f40 6cc7 76bf 0000 0000 .......@l.v.....
0x0020: a002 faf0 e086 0000 0204 05b4 0402 080a ................
0x0030: ff3b 1c18 0000 0000 0103 0307 .;..........
13:27:05.933341 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
192.168.1.2.8000 > 192.168.1.88.51906: Flags [R.], cksum 0x83c5 (incorrect -> 0x5e9b), seq 0, ack 1825011392, win 0, length 0
0x0000: 4500 0028 0000 4000 4006 b725 c0a8 0102 E..(..@.@..%....
0x0010: c0a8 0158 1f40 cac2 0000 0000 6cc7 76c0 ...X.@......l.v.
0x0020: 5014 0000 83c5 0000 P.......
13:34:01.298406 IP (tos 0x0, ttl 64, id 29353, offset 0, flags [DF], proto TCP (6), length 60)
192.168.1.88.51922 > 192.168.1.2.8000: Flags [S], cksum 0x41b9 (correct), seq 2597949658, win 64240, options [mss 1460,sackOK,TS val 4282479266 ecr 0,nop,wscale 7], length 0
0x0000: 4500 003c 72a9 4000 4006 4468 c0a8 0158 E..<r.@.@.Dh...X
0x0010: c0a8 0102 cad2 1f40 9ad9 90da 0000 0000 .......@........
0x0020: a002 faf0 41b9 0000 0204 05b4 0402 080a ....A...........
0x0030: ff41 72a2 0000 0000 0103 0307 .Ar.........
13:34:01.298802 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.2.8000 > 192.168.1.88.51922: Flags [S.], cksum 0xf524 (correct), seq 3050156147, ack 2597949659, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 464761979 ecr 4282479266,sackOK,eol], length 0
0x0000: 4500 0040 0000 4000 4006 b70d c0a8 0102 E..@..@.@.......
0x0010: c0a8 0158 1f40 cad2 b5cd b073 9ad9 90db ...X.@.....s....
0x0020: b012 ffff f524 0000 0204 05b4 0103 0306 .....$..........
0x0030: 0101 080a 1bb3 b47b ff41 72a2 0402 0000 .......{.Ar.....
13:34:01.302530 IP (tos 0x0, ttl 64, id 29354, offset 0, flags [DF], proto TCP (6), length 52)
192.168.1.88.51922 > 192.168.1.2.8000: Flags [.], cksum 0x32fb (correct), ack 1, win 502, options [nop,nop,TS val 4282479270 ecr 464761979], length 0
0x0000: 4500 0034 72aa 4000 4006 446f c0a8 0158 E..4r.@.@.Do...X
0x0010: c0a8 0102 cad2 1f40 9ad9 90db b5cd b074 .......@.......t
0x0020: 8010 01f6 32fb 0000 0101 080a ff41 72a6 ....2........Ar.
0x0030: 1bb3 b47b ...{
13:34:01.302530 IP (tos 0x0, ttl 64, id 29355, offset 0, flags [DF], proto TCP (6), length 52)
192.168.1.88.51922 > 192.168.1.2.8000: Flags [F.], cksum 0x32fa (correct), seq 1, ack 1, win 502, options [nop,nop,TS val 4282479270 ecr 464761979], length 0
0x0000: 4500 0034 72ab 4000 4006 446e c0a8 0158 E..4r.@.@.Dn...X
0x0010: c0a8 0102 cad2 1f40 9ad9 90db b5cd b074 .......@.......t
0x0020: 8011 01f6 32fa 0000 0101 080a ff41 72a6 ....2........Ar.
0x0030: 1bb3 b47b ...{
13:34:01.302612 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.1.2.8000 > 192.168.1.88.51922: Flags [.], cksum 0x2ce2 (correct), ack 1, win 2059, options [nop,nop,TS val 464761983 ecr 4282479270], length 0
0x0000: 4500 0034 0000 4000 4006 b719 c0a8 0102 E..4..@.@.......
0x0010: c0a8 0158 1f40 cad2 b5cd b074 9ad9 90db ...X.@.....t....
0x0020: 8010 080b 2ce2 0000 0101 080a 1bb3 b47f ....,...........
0x0030: ff41 72a6 .Ar.
13:34:01.302647 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.1.2.8000 > 192.168.1.88.51922: Flags [.], cksum 0x2ce1 (correct), ack 2, win 2059, options [nop,nop,TS val 464761983 ecr 4282479270], length 0
0x0000: 4500 0034 0000 4000 4006 b719 c0a8 0102 E..4..@.@.......
0x0010: c0a8 0158 1f40 cad2 b5cd b074 9ad9 90dc ...X.@.....t....
0x0020: 8010 080b 2ce1 0000 0101 080a 1bb3 b47f ....,...........
0x0030: ff41 72a6 .Ar.
13:34:01.303694 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.1.2.8000 > 192.168.1.88.51922: Flags [F.], cksum 0x2cdf (correct), seq 1, ack 2, win 2059, options [nop,nop,TS val 464761984 ecr 4282479270], length 0
0x0000: 4500 0034 0000 4000 4006 b719 c0a8 0102 E..4..@.@.......
0x0010: c0a8 0158 1f40 cad2 b5cd b074 9ad9 90dc ...X.@.....t....
0x0020: 8011 080b 2cdf 0000 0101 080a 1bb3 b480 ....,...........
0x0030: ff41 72a6 .Ar.
13:34:01.307597 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
192.168.1.88.51922 > 192.168.1.2.8000: Flags [.], cksum 0x32f0 (correct), ack 2, win 502, options [nop,nop,TS val 4282479274 ecr 464761984], length 0
0x0000: 4500 0034 0000 4000 4006 b719 c0a8 0158 E..4..@.@......X
0x0010: c0a8 0102 cad2 1f40 9ad9 90dc b5cd b075 .......@.......u
0x0020: 8010 01f6 32f0 0000 0101 080a ff41 72aa ....2........Ar.
0x0030: 1bb3 b480 ....