0 votes
in Hacking by

What is Port knocking? and how to port knock by bash script ?

port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s). A variant called single packet authorization exists, where only a single "knock" is needed, consisting of an encrypted packet.

The primary purpose of port knocking is to prevent an attacker from scanning a system for potentially exploitable services by doing a port scan, because unless the attacker sends the correct knock sequence, the protected ports will appear closed.

Bash Script:


HOST=$1
shift
for (( COUNTER = 0; COUNTER < 2; COUNTER += 1 )); do
  for PORT in "$@"; do
    nmap -Pn --host_timeout 100 --max-retries 0 -p $PORT $HOST
  done
done

Format:

Script_Name.sh <IP> <PORT_1> <PORT_2> <PORT_3> .. <PORT_N>

1 Answer

0 votes
by
#!/usr/bin/env python3

import sys
import argparse
import time
import socket
import select

class Knocker(object):
    def __init__(self, args: list):
        self._parse_args(args)

    def _parse_args(self, args: list):
        description_text = 'Simple port-knocking client written in python3. See more at {}' \
            .format('https://github.com/grongor/knock')
        parser = argparse.ArgumentParser(description=description_text)

        help_text = 'How many milliseconds to wait on hanging connection. Default is 200 ms.'
        parser.add_argument('-t', '--timeout', type=int, default=200, help=help_text)

        help_text = 'How many milliseconds to wait between each knock. Default is 200 ms.'
        parser.add_argument('-d', '--delay', type=int, default=200, help=help_text)

        parser.add_argument('-u', '--udp', help='Use UDP instead of TCP.', action='store_true')
        parser.add_argument('host', help='Hostname or IP address of the host to knock on. Supports IPv6.')
        parser.add_argument('ports', metavar='port', nargs='+', type=int, help='Port(s) to knock on.')

        args = parser.parse_args(args)
        self.timeout = args.timeout / 1000
        self.delay = args.delay / 1000
        self.use_udp = args.udp
        self.ports = args.ports

        self.address_family, self.socket_type, _, _, socket_address = socket.getaddrinfo(
                host=args.host,
                port=None,
                type=socket.SOCK_DGRAM if self.use_udp else socket.SOCK_STREAM,
                flags=socket.AI_ADDRCONFIG
            )[0]

        self.socket_address = list(socket_address)

    def knock(self):
        last_index = len(self.ports) - 1
        for i, port in enumerate(self.ports):
            socket_address = self.socket_address
            socket_address[1] = port
            socket_address = tuple(socket_address)

            s = socket.socket(self.address_family, self.socket_type)
            s.setblocking(False)

            if self.use_udp:
                s.sendto(b'', socket_address)
            else:
                s.connect_ex(socket_address)
                select.select([s], [s], [s], self.timeout)

            s.close()

            if self.delay and i != last_index:
                time.sleep(self.delay)

if __name__ == '__main__':
    Knocker(sys.argv[1:]).knock()
Welcome to My QtoA, where you can ask questions and receive answers from other members of the community.
...