Skip to content

Instantly share code, notes, and snippets.

@BLTSEC BLTSEC/bind_destroyer.py
Last active Sep 28, 2017

Embed
What would you like to do?
bind_destroyer - Python listening port scanner and destroyer
#!/usr/bin/python3
#
# bind_destroyer - Python listening port scanner and destroyer
#
# Written by: Brennan Turner (@BLTSEC)
#
# Usage: python bind_destroyer.py
# Usage: python3 bind_destroyer.py
#
#
from subprocess import Popen, PIPE
from os import system
import argparse
import os
import signal
import socket
flag = 1
ports = ""
# reads the contents of the port whitelist
def read_whitelist(whitelist):
with open(whitelist) as f:
accetable_ports = f.read().splitlines()
return accetable_ports
# uses the macOS lsof command to find open listening ports
def get_process(i):
p1 = Popen(['lsof', '-n', '-i4TCP:{}'.format(i)], stdout=PIPE)
p2 = Popen(['grep', 'LISTEN'], stdin=p1.stdout, stdout=PIPE)
return (p1,p2)
if __name__ == '__main__':
parser = argparse.ArgumentParser()
parser.add_argument('--whitelist', dest='file',
help='Path to the whitelisted ports file')
args = parser.parse_args()
file = args.file
if file:
ports = read_whitelist(file)
# loops through a range of ports
for i in range(10000, 12000):
# skip whitelisted ports
if str(i) in ports:
system('say -v Daniel Skipping white listed port {}'.format(i))
continue
# creates a client socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
result = s.connect_ex(('127.0.0.1', i))
# if the result returns 0 the port is open
if result == 0:
flag = 0
system('say -v Daniel Port {} is open'.format(i))
# finds the associated pid and terminates the process
try:
p1, p2 = get_process(i)
pid = str(p2.communicate()[0]).split(" ")[2]
os.kill(int(pid), signal.SIGTERM)
system('say -v Daniel Process {} was terminated'.format(pid))
# disconnecting from the socket may cause the proc to die eg netcat
except IndexError:
system('say -v Daniel The process died automatically.')
# the pid may not be at a different index value, this finds the pid
except ValueError:
inc = 1
while pid == '':
p1, p2 = get_process(i)
pid = str(p2.communicate()[0]).split(" ")[2+inc]
inc += 1
if pid != '':
os.kill(int(pid), signal.SIGTERM)
system('say -v Daniel Process {} was terminated'.format(pid))
system('say -v Daniel The scan will now continue.')
# closes the socket
s.close()
if flag == 1:
system('say -v Daniel No anomalies were detected.')
system('say -v Daniel The port scan has completed.')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.