Skip to content

Instantly share code, notes, and snippets.

@KyxRecon

KyxRecon/Knockportv1.sh

Created March 11, 2017 21:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save KyxRecon/0d38860c9d3fa7d32500c0d2a67aad95 to your computer and use it in GitHub Desktop.
Save KyxRecon/0d38860c9d3fa7d32500c0d2a67aad95 to your computer and use it in GitHub Desktop.
Download ZIP
Knockport A tool created for knocking ports For linux
Raw
Knockportv1.sh
#!/bin/bash
# knockport.sh v0.1
# This small tool created for knock suquance ports , this # properly Work on all Linux machines
# Creat0r : Kyxrec0n
# Tools required : netdiscover - netcat
#
VERS=$(sed -n 2p $0 | awk '{print $3}' | sed 's/v//')
TMPFILE=/root/ports_knocker.tmp
rm -rf $TMPFILE
PERMUTE=0
COUNT=1
RETRY=0
SLEEP=1
VAR=0
#
#colors ?
STD=$(echo -e "\e[0;0;0m") #Revert fonts to standard colour/format
RED=$(echo -e "\e[1;31m") #Alter fonts to red bold
REDN=$(echo -e "\e[0;31m") #Alter fonts to red normal
GRN=$(echo -e "\e[1;32m") #Alter fonts to green bold
GRNN=$(echo -e "\e[0;32m") #Alter fonts to green normal
ORN=$(echo -e "\e[1;33m") #Alter fonts to orange bold
ORNN=$(echo -e "\e[0;33m") #Alter fonts to orange bold
BLU=$(echo -e "\e[1;36m") #Alter fonts to blue bold
BLUN=$(echo -e "\e[0;36m") #Alter fonts to blue normal
#
#Banner?
f_header() {
echo $BLUN" _ _ _
| | | | | |
| | ___ __ ___ ___| | ___ __ ___ _ __| |_
| |/ / '_ \ / _ \ / __| |/ / '_ \ / _ \| '__| __|
| <| | | | (_) | (__| <| |_) | (_) | | | |_
|_|\_\_| |_|\___/ \___|_|\_\ .__/ \___/|_| \__|
| |
|_| "
}
f_help() {
f_header
echo $BLU"*$ORN Creat0r : Kyxrec0n$STD"
echo $BLU"*$ORN Cod3d in : Bash $STD"
echo $BLU"*$ORN Name tool : knockport$STD"
echo $BLU"*$ORN Version 0.1 $STD"
echo $GRN">$BLUN Help $STD"
echo "
Available options;
./knockportv1.sh -i <IP> -p <PORT,PORT,PORT>
Req Input
-i -- IP ADDRESS
-p -- Ports (comma seperated for multiple ports)
Options
-c -- Number of times each knock to be done (default=1)
-n -- NetCat connect to port and read returned port values
(this option then uses returned ports to knock and ignores -p)
-P -- Permute all possible knocking sequences (for upto max 5 ports)
-r -- Number of times to repeat the command (default=0)
-s -- Sleep inbetween knocks in seconds (default=1)
-x -- Show examples
-k -- disable-knock Don't require authentication (no X-knock header)
"
exit
}
#Ex
f_examples() {
f_header
echo -e $BLU">$BLUN Advanced Usage$STD\n
$GRNN ./knockport_v0-1.sh -i 192.168.1.101 -p 1243,65111,1337 $STD
will knock on each of the given ports 1 time
$GRNN ./knockport_v0-1.sh -i 192.168.1.101 -n 1337 -r 5 $STD
will attempt connection with netcat on port 1337 and knock on the returned values
this command will be repeated 5 times
$GRNN ./knockport_v0-1.sh -i 192.168.1.101 -p 123,456.789 -c 2 -s 2 -r 3 $STD
knock on each given port 2x, sleep 2 seconds between knock, repeat this command 3x
$GRNN ./knockport_v0-1.sh -i 192.168.1.101 -n 1337 -P $STD
will attempt connection with netcat on port 1337 and knock on all possible sequences
$GRNN ./knockport_v0-1.sh -i 192.168.1.101 -p 123,456,789 -P $STD
will knock on each of the given ports in all possible sequences"
exit
}
#Vers
f_version() {
f_header
echo $BLU">$GRNN Version $VERS By Kyxrec0n$STD"
echo -e $RED"\nKnock Knock.. Who's there?$STD\n"
echo -e "Knock Knock wake Up Neo the matrix has you ..."
exit
}
#Netcat
f_nc() {
f_header
echo $BLU">$BLUN Using data from nc connection attempt$STD"
if [ "$RETRY" == "0" ] ; then
VAR=$(($VAR+1))
echo -e "\nKnock #$VAR.."
for i in $(nc $IP $NCPORT | sed -e 's/\[//' -e 's/,//g' -e 's/\]//' -e 's/ /\n/g') ; do
echo "+$STD Knocking on port $i"
# hping3 -S $IP -p $i -c $COUNT &> /dev/null
nping --tcp -p $i --ttl 2 $IP -c $COUNT &> /dev/null
sleep $SLEEP
done
echo ""
elif [ $RETRY -gt 0 ] ; then
while (( $VAR<$RETRY )) ; do
VAR=$(($VAR+1))
echo -e "\nKnock #$VAR.."
for i in $(nc $IP $NCPORT | sed -e 's/\[//' -e 's/,//g' -e 's/\]//' -e 's/ /\n/g') ; do
echo "+ Knocking on port $i"
# hping3 -S $IP -p $i -c $COUNT &> /dev/null
nping --tcp -p $i --ttl 2 $IP -c $COUNT &> /dev/null
sleep $SLEEP
done
done
echo ""
fi
exit
}
#Returned scan from netcat ?
f_ncpermute() {
f_header
echo $BLU">$BLUN Using data from nc connection attempt$STD"
echo -e $BLU">$BLUN Knocking all sequence permutations$STD\n"
PORTS=$(nc $IP $NCPORT | sed -e 's/\[//' -e 's/,//g' -e 's/\]//' -e 's/ /\n/g')
PORTCOUNT=$(echo $PORTS | wc -w)
if [ $PORTCOUNT -gt 5 ] ; then
echo $RED">$STD Input error, script can handle maximum of 5 ports to permute"
echo $RED">$STD Number of ports: $PORTCOUNT"
exit
else
PORTLIST=$(echo $PORTS | sed 's/\n/ /g')
echo "$PORTCOUNT ports found: $PORTLIST"
fi
#Location TMP file
LIST=$(echo $PORTS)
if [ "$PORTCOUNT" == "1" ] ; then
for c1 in $LIST ; do
echo $c1 >> $TMPFILE
done
elif [ "$PORTCOUNT" == "2" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
echo $c1 $c2 >> $TMPFILE
fi
done
done
elif [ "$PORTCOUNT" == "3" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
for c3 in $LIST ; do
if (( c3 != c2 && c3 != c1)) ; then
echo $c1 $c2 $c3 >> $TMPFILE
fi
done
fi
done
done
elif [ "$PORTCOUNT" == "4" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
for c3 in $LIST ; do
if (( c3 != c2 && c3 != c1)) ; then
for c4 in $LIST ; do
if (( c4 != c3 && c4 != c2 && c4 != c1 )) ; then
echo $c1 $c2 $c3 $c4 >> $TMPFILE
fi
done
fi
done
fi
done
done
elif [ "$PORTCOUNT" == "5" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
for c3 in $LIST ; do
if (( c3 != c2 && c3 != c1)) ; then
for c4 in $LIST ; do
if (( c4 != c3 && c4 != c2 && c4 != c1 )) ; then
for c5 in $LIST ; do
if (( c5 != c4 && c5 != c3 && c5 != c2 && c5 != c1 )) ; then
echo $c1 $c2 $c3 $c4 $c5 >> $TMPFILE
fi
done
fi
done
fi
done
fi
done
done
fi
#Knock ports
sleep 0.5
while read line ; do
VAR=$(($VAR+1))
echo -e "\nKnocking sequence #$VAR"
PLIST=$(echo $line)
for i in $PLIST ; do
echo "+ Knocking port $i"
# hping3 -S $IP -p $i -c $COUNT &> /dev/null
nping --tcp -p $i --ttl 2 $IP -c $COUNT &> /dev/null
sleep $SLEEP
done
done < $TMPFILE
rm -rf $TMPFILE
echo ""
exit
}
#Bk
f_basic() {
f_header
echo $BLU">$BLUN Knocking given port(s)$STD"
PORTS=$(echo $PORTS | sed 's/,/ /g')
if [ "$RETRY" == "0" ] ; then
VAR=$(($VAR+1))
echo -e "\nKnock #$VAR.."
for i in $(echo $PORTS) ; do
echo "+ Knocking on port $i"
# hping3 -S $IP -p $i -c $COUNT &> /dev/null
nping --tcp -p $i --ttl 2 $IP -c $COUNT &> /dev/null
sleep $SLEEP
done
elif [ $RETRY -gt 0 ] ; then
while (( $VAR<$RETRY )) ; do
VAR=$(($VAR+1))
echo -e "\nKnock #$VAR.."
for i in $(echo $PORTS) ; do
echo "+ Knocking on port $i"
# hping3 -S $IP -p $i -c $COUNT &> /dev/null
nping --tcp -p $i --ttl 2 $IP -c $COUNT &> /dev/null
sleep $SLEEP
done
done
fi
echo $STD""
exit
}
f_basicpermute() {
f_header
echo $BLU">$BLUN Knocking all sequence permutations$STD"
PORTS=$(echo $PORTS | sed 's/,/ /g')
PORTCOUNT=$(echo $PORTS | wc -w)
if [ "$PORTCOUNT" == "1" ] ; then
echo $RED">$STD Input error; only 1 port, no need to invoke permute function"
sleep 1
echo $GRN">$STD Going to basic function.."
sleep 1
f_basic
elif [ $PORTCOUNT -gt 5 ] ; then
echo $RED">$STD Input error, script can handle maximum of 5 ports to permute"
echo $RED">$STD Number of ports: $PORTCOUNT"
exit
else
PORTLIST=$(echo $PORTS | sed 's/\n/ /g')
fi
LIST=$(echo $PORTS)
if [ "$PORTCOUNT" == "2" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
echo $c1 $c2 >> $TMPFILE
fi
done
done
elif [ "$PORTCOUNT" == "3" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
for c3 in $LIST ; do
if (( c3 != c2 && c3 != c1)) ; then
echo $c1 $c2 $c3 >> $TMPFILE
fi
done
fi
done
done
elif [ "$PORTCOUNT" == "4" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
for c3 in $LIST ; do
if (( c3 != c2 && c3 != c1)) ; then
for c4 in $LIST ; do
if (( c4 != c3 && c4 != c2 && c4 != c1 )) ; then
echo $c1 $c2 $c3 $c4 >> $TMPFILE
fi
done
fi
done
fi
done
done
elif [ "$PORTCOUNT" == "5" ] ; then
for c1 in $LIST ; do
for c2 in $LIST ; do
if (( c2 != c1 )) ; then
for c3 in $LIST ; do
if (( c3 != c2 && c3 != c1)) ; then
for c4 in $LIST ; do
if (( c4 != c3 && c4 != c2 && c4 != c1 )) ; then
for c5 in $LIST ; do
if (( c5 != c4 && c5 != c3 && c5 != c2 && c5 != c1 )) ; then
echo $c1 $c2 $c3 $c4 $c5 >> $TMPFILE
fi
done
fi
done
fi
done
fi
done
done
fi
while read line ; do
VAR=$(($VAR+1))
echo -e "\nKnocking sequence #$VAR"
PLIST=$(echo $line)
for i in $PLIST ; do
echo "+ Knocking port $i"
# hping3 -S $IP -p $i -c $COUNT &> /dev/null
nping --tcp -p $i --ttl 2 $IP -c $COUNT &> /dev/null
sleep $SLEEP
done
done < $TMPFILE
#
rm -rf $TMPFILE
exit
}
#
while getopts ":c:hi:n:p:Pr:s:vx" opt; do
case $opt in
c)
COUNT=$OPTARG ;;
h)
f_help ;;
i)
IP=$OPTARG ;;
n)
NCPORT=$OPTARG ;;
p)
PORTS=$OPTARG ;;
P)
PERMUTE=1 ;;
r)
RETRY=$OPTARG ;;
s)
SLEEP=$OPTARG ;;
v)
f_version ;;
x)
f_examples ;;
esac
done
#
if [ $# -eq 0 ]; then clear ; f_help
elif [[ -z $IP ]] ; then
echo $RED">$STD Missing input; IP address must be entered with -i switch"
exit
elif [[ ! -n $PORTS && ! -n $NCPORT ]] ; then
echo $RED">$STD Missing input; no ports defined to knock"
exit
fi
#
#
if [[ -n $IP && -n $PORTS ]] ; then
if [ "$PERMUTE" == "1" ] ; then f_basicpermute
else f_basic
fi
elif [[ -n $IP && -n $NCPORT ]] ; then
if [ "$PERMUTE" == "1" ] ; then f_ncpermute
else f_nc
fi
fi
#
#
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment