I got bored so i created this novel tcp connect scanner in bash.
#!/usr/bin/env bash
host='127.0.0.1';
main() {
## Scan the range 0-1024 looking for open ports on the specified host.
## Try to ident the service running on each port using /etc/services file.
scan_tcp "${host}"
}
scan_tcp() {
hst=$1;
echo -e "PORT\tSERVICE\tSTATE\n";
for port in `seq 1 1024`
do
(echo 3<>/dev/tcp/${hst}/${port}) &>/dev/null
if [ $? == 0 ]
then
service=$( grep -E "${port}\/tcp" /etc/services | awk '{print $1}' | head -n 1 );
echo -e "${port}\t${service}\tOPEN"
fi
done
}
main;
Here is the result of the scan:
sam@asus:~/pentest_notes% ./tcp_connect_scanner.sh PORT SERVICE STATE 21 ftp OPEN 22 ssh OPEN 25 smtp OPEN 53 domain OPEN 80 http OPEN 110 pop3 OPEN 111 sunrpc OPEN 139 netbios-ssn OPEN 143 imap2 OPEN 389 ldap OPEN 445 microsoft-ds OPEN 631 ipp OPEN 953 OPEN sam@asus:~/pentest_notes%
No comments:
Post a Comment