Friday, October 4, 2019

NPING port scanner

Here is a way to scan for ports using the nping program. It simply sends a syn ping to the host on the specified port and looks for a 'SA' syn/ack response. If a syn/ack repsonse is received the port is considered open.

#!/usr/bin/env bash

## host to scan
host="127.0.0.1"

## tcp ports to scan (port1,port2,port3)
port="80,110,139,143"

## syn,ack,urg,fin,rst
flag="syn" 

IFS=','

for p in ${port}
do
    result=$( nping -c 1 --tcp --flags ${flag} -p ${p} ${host} | awk '/RCVD/ {print $7}' )
    
    if [[ $result == "SA" ]]
    then
        echo "Port ${p} open..."
    fi

done

When we run the script we get the following results.

root@asus:~/pentest_notes/SCANNING% ./nping-port-scanner.sh 
Port 80 open...
Port 110 open...
Port 139 open...
Port 143 open...
root@asus:~/pentest_notes/SCANNING% 

No comments:

Post a Comment

Exploiting Weak WEBDAV Configurations

The server we are going to audit has the following fingerprint. 80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2) Next we need t...