Member-only story
I wanted to implement a simple server that would register source IPs which it was ping from and display it back to me. This way i wouldn’t have to spin up an instance each time I want to test a remote execution vulnerability on a box I’m testing.
Scenario: I’m testing a box with potential remote code execution and I want to quickly confirm it with making that box ping my server. In order to confirm it, I’d need to spin up an AWS instance and monitor pings, and this takes some time to set up. Alternatively I’d need to open a port on my local machine to the internet and I don’t want to do that. So I though to build a little server that would just sit there and conveniently display the pings source IPs back to me.
In order to do this I’d need to run tcpdump with filter for icmptraffic and proper format the output on the fly and then display it on my webpage. Something like this:
tcpdump -nni eth0 icmpwhere -i eth0 is for specifying interface
-nn don’t resolve host or port names
I cannot just simply run readline() to capture output of tcpdump because it requires for the process to end before it reads it and I’m running it continuously.
So I need to spawn a new process, connect to its input/output pipes, and capture its return…
