Last active
September 28, 2017 18:01
Star
You must be signed in to star a gist
bind_destroyer - Python listening port scanner and destroyer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
# | |
# bind_destroyer - Python listening port scanner and destroyer | |
# | |
# Written by: Brennan Turner (@BLTSEC) | |
# | |
# Usage: python bind_destroyer.py | |
# Usage: python3 bind_destroyer.py | |
# | |
# | |
from subprocess import Popen, PIPE | |
from os import system | |
import argparse | |
import os | |
import signal | |
import socket | |
flag = 1 | |
ports = "" | |
# reads the contents of the port whitelist | |
def read_whitelist(whitelist): | |
with open(whitelist) as f: | |
accetable_ports = f.read().splitlines() | |
return accetable_ports | |
# uses the macOS lsof command to find open listening ports | |
def get_process(i): | |
p1 = Popen(['lsof', '-n', '-i4TCP:{}'.format(i)], stdout=PIPE) | |
p2 = Popen(['grep', 'LISTEN'], stdin=p1.stdout, stdout=PIPE) | |
return (p1,p2) | |
if __name__ == '__main__': | |
parser = argparse.ArgumentParser() | |
parser.add_argument('--whitelist', dest='file', | |
help='Path to the whitelisted ports file') | |
args = parser.parse_args() | |
file = args.file | |
if file: | |
ports = read_whitelist(file) | |
# loops through a range of ports | |
for i in range(10000, 12000): | |
# skip whitelisted ports | |
if str(i) in ports: | |
system('say -v Daniel Skipping white listed port {}'.format(i)) | |
continue | |
# creates a client socket | |
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
result = s.connect_ex(('127.0.0.1', i)) | |
# if the result returns 0 the port is open | |
if result == 0: | |
flag = 0 | |
system('say -v Daniel Port {} is open'.format(i)) | |
# finds the associated pid and terminates the process | |
try: | |
p1, p2 = get_process(i) | |
pid = str(p2.communicate()[0]).split(" ")[2] | |
os.kill(int(pid), signal.SIGTERM) | |
system('say -v Daniel Process {} was terminated'.format(pid)) | |
# disconnecting from the socket may cause the proc to die eg netcat | |
except IndexError: | |
system('say -v Daniel The process died automatically.') | |
# the pid may not be at a different index value, this finds the pid | |
except ValueError: | |
inc = 1 | |
while pid == '': | |
p1, p2 = get_process(i) | |
pid = str(p2.communicate()[0]).split(" ")[2+inc] | |
inc += 1 | |
if pid != '': | |
os.kill(int(pid), signal.SIGTERM) | |
system('say -v Daniel Process {} was terminated'.format(pid)) | |
system('say -v Daniel The scan will now continue.') | |
# closes the socket | |
s.close() | |
if flag == 1: | |
system('say -v Daniel No anomalies were detected.') | |
system('say -v Daniel The port scan has completed.') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment