Post Image


And you thought there was nothing here.

Knock knock.
Who's there?

Nothing on the nmap scan? But you found a cool and strange sequence of numbers?
Lets try Port knocking.
In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of pre-specified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s). A variant called single packet authorization (SPA) exists, where only a single "knock" is needed, consisting of an encrypted packet.
When you "knock" on a port you are really just sending TCP-packets with SYN-flag to that port. The closed port will then respond with a ACK/RST. This basically means that the host has received the TCP-packet and - it ACKnolwdge it, but responds with a Reset (RST) flag.

RST just means that the port is closed.

+ Nmap & Bash.
for x in 4000 5000 6000; do
nmap -Pn --host-timeout 201 --max-retries 0 -p $x $IP;
ssh [email protected]$IP -p <port>

+ Netcat.
nc 4000
nc 5000
nc 6000
nc 8888
ssh [email protected]$IP -p <port>

Comments are closed.