S1REN
And you thought there was nothing here.
Knock knock.
Who's there?
Nothing on the nmap scan? But you found a cool and strange sequence of numbers?
Lets try Port knocking.
https://en.wikipedia.org/wiki/Port_knocking
In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of pre-specified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s). A variant called single packet authorization (SPA) exists, where only a single "knock" is needed, consisting of an encrypted packet.
https://github.com/pha5matis/Pentesting-Guide/blob/master/port_knocking.md
When you "knock" on a port you are really just sending TCP-packets with SYN-flag to that port. The closed port will then respond with a ACK/RST. This basically means that the host has received the TCP-packet and - it ACKnolwdge it, but responds with a Reset (RST) flag.
RST just means that the port is closed.
+ Nmap & Bash.for x in 4000 5000 6000; do
nmap -Pn --host-timeout 201 --max-retries 0 -p $x $IP;
done
ssh User@$IP -p <port>
+ Netcat.
nc 192.168.1.102 4000
nc 192.168.1.102 5000
nc 192.168.1.102 6000
nc 192.168.1.102 8888
ssh User@$IP -p <port>
Comments are closed.