Port Knocking with Scapy Example

#!/usr/bin/python

"""
Port Knocking with scapy example.

Knock on port 42304
Knock on port 53768
Knock on port 3297
HTTP request to port 19760
Now, to get the flag, we just need to write a small scrip to implement all this logic. We will use the scapy python library to perform the port knocking and curl for the HTTP request part:
"""

from scapy.all import *
import random
import requests

conf.verb=0

base_URL = "http://87.107.123.4:"

def knock(ports):
    print "[*] Knocking on ports"+str(ports)
    for dport in range(0, len(ports)):
        ip = IP(dst = "87.107.123.4")
        SYN = ip/TCP(dport=ports[dport], flags="S", window=14600, options=[('MSS',1460)])
        send(SYN)

def get_flag_part(port,part):
    command = ["curl", "-s" ,base_URL+str(port)+"/"+part+"_part_of_flag"]
    p = subprocess.Popen(command, stdout=subprocess.PIPE)
    result = p.communicate()[0]
    return result.strip()

flag=''

ports = [9264,11780,2059,8334]
port = 24931
knock(ports)
flag_part = get_flag_part(port,"first")
flag = ''.join([flag,flag_part])
print flag_part

ports = [42304,53768,3297]
port = 19760
knock(ports)
flag_part = get_flag_part(port,"second")
flag = ''.join([flag,flag_part])
print flag_part

ports= [23106,4250,62532,11655,33844]
port=3695
knock(ports)
flag_part = get_flag_part(port,"third")
flag = ''.join([flag,flag_part])
print flag_part

ports= [49377,48116,54900,8149]
port=31054
knock(ports)
flag_part = get_flag_part(port,"fourth")
flag = ''.join([flag,flag_part])
print flag_part

ports= [16340,59991,37429,60012,15397,21864,12923]
port=8799
knock(ports)
flag_part = get_flag_part(port,"last")
flag = ''.join([flag,flag_part])
print flag_part
print "Flag: %s" % flag