Whether you’re white hat, black hat, or some shade in-between, navigating through a network is usually a core part of hacking. To do in which, we need to be able to explore a network to discover the addresses of gateways, interfaces, in addition to also various other attached devices. When ifconfig just isn’t enough, you can steer your way around a network having a convenient tool called Ship, the script for everything IP.
What is usually Ship?
Created by Sotirios Roussis, Ship is usually a portmanteau of “shell” in addition to also “IP” in addition to also This particular’s literally a shell script in which displays network addresses. However, in which description doesn’t genuinely give This particular justice. Ship is usually a very handy tool. I like to think of This particular as a one-stop-shop for basic network reconnaissance in addition to also addressing.
Ship can display everything through the gateway IP address to the IP in addition to also MAC addresses of all the active devices on a network. This particular can do simple things like ping in addition to also traceroute, as well as more sophisticated things like listening in on ports in addition to also calculating binary in addition to also hex information about an IP. The command syntax in Ship is usually simple in addition to also straightforward, in addition to also I recommend This particular to everyone who finds themselves poking around Wi-Fi networks via terminal on a regular basis.
Previously: Using Start-Up Scripts in Linux
Step 1: Downloading & Installing Ship
In This particular tutorial, I’m using Black Arch Linux, so the commands may be slightly different if you’re using Kali or another Linux distribution.
Depending on what repositories your package manager checks, you might be able to install Ship directly having a simple apt-get or equivalent command. On my system, This particular wasn’t the case, so I’m going to detail how to install Ship manually.
Don’t Miss: Basic IP Adressing (Networking Foundations)
First, we need to install the appropriate dependencies. To do This particular, use the following command in Black Arch.
pacman -S gawk grep iproute2 mtr iputils sed traceroute wget
If you’re using a Debian-based system like Kali, This particular command should work the same if you replace pacman -S with apt-get install in addition to also iputils with iputils-ping.
In my case, all of these packages were already installed, although This particular doesn’t hurt to check. If you already have them installed like I did, the command will update them instead, which is usually always a Great thing.
After we install the dependencies, we need to clone the GitHub repository. I chose to do This particular within the root directory of my Linux system, so This particular will be downloaded into /root/ship. Use the following command in a terminal window to download Ship directly through GitHub.
git clone –branch=master https://github.com/xtonousou/ship.git
This particular will download the ship.sh shell file into /root/ship. As is usually, we won’t be able to call Ship simply by typing ship into the terminal. To do This particular, navigate to Ship’s directory with cd /root/ship in addition to also then copy ship.sh in addition to also rename This particular to ship by typing cp ship.sh ship into a terminal window.
This particular lets us type ship instead of having to type ship.sh. Then, to add This particular to the PATH variable everytime the terminal runs, by typing:
echo ‘export PATH=/root/ship:$PATH’>>~/.bashrc
Step 2: Using Ship for Quick Addressing
right now in which we’ve installed Ship, let’s browse some of its features. One of Ship’s most handy uses is usually in which This particular can quickly serve up the exact information about the network we need without displaying superfluous information. For instance, if all we want is usually to find just the name of the active network interface connected to our device, type ship -i.
You can see within the picture below in which my laptop’s internal wireless adapter is usually called wlo1. If we also want in which interface’s IP address, type ship -4 or ship -6 for IPv4 or IPv6 addresses, respectively. We can also find the internal (private) IP address of the network gateway by typing ship -g.
So far, This particular is usually all stuff we can easily access already with ifconfig or ip a, although for convenience, Ship will display This particular information more concisely. although let’s move on to some cooler stuff Ship can do, like quickly displaying all the devices on the current subnet. Type ship -H or ship -HM (to also display a device’s corresponding MAC address) in addition to also you’ll see a table of all active network hosts, like within the picture below.
In addition, you can quickly see what your external IP address is usually by typing ship -e. You can also use This particular same command having a URL to find the IP address associated with website by typing ship -e url, with “url” replaced by the site you want the IP address of.
Ship can also show real-time information on all the external IP addresses you are connecting to on a specific port. By typing ship -p portNumber, Ship will display a table of counts in addition to also IP addresses in which updates every few seconds. within the screenshot below, I tested This particular on port 80, displaying all active port connections.
All the IP addresses to the right are outgoing connections through port 80. We can see a connection to Google if we look up the last IP address (22.214.171.124) in a browser, as This particular redirects to Google.com.
If you need to convert an IP address into binary or hexadecimal, you can type the ship -c address command. This particular will also display a plethora of various other information for you, including the subnet mask, the class of network associated with the address, in addition to also the maximum amount of hosts in which network can support.
I tried using This particular command with multiple different IP addresses of various classes. Ship labels whether the IP address belongs to a private network in addition to also whether This particular belongs to class A, B, C, D, or E.
One thing to note is usually in which you can use This particular command with CIDR notation. For instance, when I type 10.1.1.1/16, This particular correctly calculates the network mask to be 255.255.0.0 in addition to also the max number of hosts to be 65,534, as opposed to the standard 255 in a normal class C 198.192.x.x/24 type network. This particular can tell us a lot about the purpose of the network we’re examining.
If you’re fresh to networking or need to navigate through an uncharted network, Ship is usually like a compass to show you what’s out there in addition to also how to get where you want to go. having a few simple commands, even a beginner can discover connected devices in addition to also quietly gather information about a network in addition to also the way This particular is usually administered. Ship makes This particular easy to find the network information you need for various other commands, down to the driver being used by each network interface.
Keep in mind, Ship organizes various other tools in which do the behind the scenes work. Some of these tools can leave logs within the router, firewall, or intrusion-detection system. While scanning generally isn’t illegal, This particular’s often seen as a preparation for an attack in addition to also can get you blocked through a well-defended network.
If you have any questions, you can comment below or ask me on Twitter @blackslash6.