Post Exploitation: Basics of Networking

Course:  Joe Perry on "Post Exploitation Hacking" at Cybrary
​
I. Ethernet Header:
•Src: Vmware_22:dd:ce (00:0c:29:22:dd:ce), Dst: Vmware_ff:1f:72 (00:50:56:ff:1f:72)
•Destination: Vmware_ff:1f:72 (00:50:56:ff:1f:72)
•Address: Vmware_ff:1f:72 (00:50:56:ff:1f:72)
•        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
•        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)

II. IP Header
•Internet Protocol Version 4, Src: 192.168.129.128 (192.168.129.128), Dst: 31.13.71.128 (31.13.71.128)
•    Version: 4    Header length: 20 bytes   
•Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
•        0000 00.. = Differentiated Services Codepoint: Default (0x00)
•        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
•    Total Length: 40    Identification: 0x0364 (868)
•    Flags: 0x02 (Don't Fragment)
•        0... .... = Reserved bit: Not set
•        .1.. .... = Don't fragment: Set
•        ..0. .... = More fragments: Not set
•    Fragment offset: 0    Time to live: 64    Protocol: TCP (6)
•    Header checksum: 0x8eb6 [validation disabled]
•        [Good: False]
•        [Bad: False]
•    Source: 192.168.129.128 (192.168.129.128)    Destination: 31.13.71.128 (31.13.71.128)
•    [Source GeoIP: Unknown]    [Destination GeoIP: Unknown]

III. TCP header
•Transmission Control Protocol, Src Port: 44277 (44277), Dst Port: https (443), Seq: 2537, Ack: 19459, Len: 0
•Source port: 44277 (44277)    Destination port: https (443)
•Sequence number: 2537    (relative sequence number)    Acknowledgment number: 19459    (relative ack number)
•    Header length: 20 bytes
•    Flags: 0x010 (ACK)
•        000. .... .... = Reserved: Not set
•        ...0 .... .... = Nonce: Not set
•        .... 0... .... = Congestion Window Reduced (CWR): Not set
•        .... .0.. .... = ECN-Echo: Not set
•        .... ..0. .... = Urgent: Not set
•        .... ...1 .... = Acknowledgment: Set
•        .... .... 0... = Push: Not set
•        .... .... .0.. = Reset: Not set
•        .... .... ..0. = Syn: Not set
•        .... .... ...0 = Fin: Not set
•    Window size value: 65160
•Checksum: 0xa8d0 [validation disabled]

​IV. UDP Header
•User Datagram Protocol, Src Port: db-lsp-disc (17500), Dst Port: db-lsp-disc (17500)
•    Source port: db-lsp-disc (17500)
•    Destination port: db-lsp-disc (17500)
•    Length: 122
•    Checksum: 0x5b02 [validation disabled]
•        [Good Checksum: False]
•        [Bad Checksum: False]