Last active
October 8, 2015 16:46
-
-
Save spangey/6ecf1358b0cc837209a5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Note: It's also a good idea to use an IP that has nothing else bound to it. | |
# netstat -lnap | grep SERVER_IP | |
This should show only ntp or such. not a lot of listening ports. | |
Example: | |
# netstat -lnap | grep SERVER_IP | |
udp 0 0 SERVER_IP:123 0.0.0.0:* 4242/ntpd | |
Step 1: | |
Run this command on your Server: | |
# ngrep -qldany -s65535 -Wnone 'TESTSTRINGTHINGIE' udp 2>&1 | tee freeports.log | |
Step 2: | |
Run this command on your local client: | |
# for T in `seq 1 5`; do for P in `seq 1 65535`;do echo -n .;echo 'TESTSTRINGTHINGIE' | nc6 -u -n -w1 -t1 SERVER_IP $P; sleep .1 || break;done;done | |
Changes: | |
echo TESTSTRINGTHINGIE | socat - udp-sendto:SERVER_IP:$P <- works too. | |
// udp.js | |
// sudo `which node` ./udp.js | |
var HOST = '_ENTER_SERVER_IP_HERE_'; | |
var dgram = require('dgram'); | |
var message = new Buffer('TESTSTRINGTHINGIE'); | |
var runs = []; | |
var workers = 0; | |
var stop = function() { | |
if (--workers < 1000) { | |
var x = runs.pop(); | |
if (x) { x(); } | |
} | |
}; | |
for (var i = 1; i < 65535; i++) { | |
(function() { | |
var port = i; | |
runs.push(function() { | |
workers++; | |
try { | |
var client = dgram.createSocket('udp4'); | |
client.send(message, 0, message.length, port, HOST, function(err, bytes) { | |
if (err) { | |
console.log(err); | |
} | |
//console.log("sent to port " + port); | |
client.close(); | |
stop(); | |
}); | |
} catch (e) { | |
console.log("failed port " + port + e.message); | |
} | |
}); | |
})(); | |
} | |
### IGNORE BELOW ### | |
ToDo / Future Notes / References | |
SERV: ngrep -qldany -s65535 -Wnone 'TESTSTRINGTHINGIE' tcp 2>&1 | tee 3g-tcp.log | |
CLIENT: for T in `seq 1 5`; do for P in `seq 1 65535`;do echo -n .;echo 'TESTSTRINGTHINGIE' | nc6 -n --idle-timeout=1 --timeout=3 64.15.65.118 $P 2>&1 | grep -v 'unable to connect'; sleep .1 || break;done;done | |
#!/bin/bash | |
# UDPTEST.sh | |
# Spew a string to every port on a remote IP to see what gets through | |
# This runs on the Client end (modem) | |
REMOTE="127.0.0.1" #Change This to remote Sniffer | |
for T in `seq 1 2` | |
do | |
for P in `seq 1 65535` | |
do | |
echo 'TESTSTRINGTHINGIE' | nc6 -u -n -w1 -t1 $REMOTE $P &>/dev/null & >/dev/null | |
#sleep .5 | |
while : | |
do | |
if [ $((`ps axw|grep -v grep|grep nc4|wc -l`)) -lt 50 ] | |
then | |
break | |
else | |
sleep .5 | |
fi | |
done | |
done | |
done | |
# UDP Sniffer | |
# Listen on all ports and IPs for the TESTSTRING sent by the Client | |
# This runs on the Server end | |
# (Something with no filtered ports like a VPS or Hosted Server box) | |
ngrep -ql -dany -s65535 -Wnone 'TESTSTRINGTHINGIE' udp 2>&1 | tee -a clearwire.log | |
#EOF# |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment