Black Hat Bash - Bash Scripting for Hackers and Pentesters (Early Access) (Dolev Farhi, Nick Aleks)

fi

done

Listing 4-13

A watchdog script for newly open ports

At 2 we start an infinite while loop. The loop runs the RustScan

binary (which is assigned to the variable RUST_SCAN_BIN),

passing it the -a (address) argument containing an IP address we

receive on the command line 3. We also pass RustScan the -g

(greppable) option to produce a format that is grep friendly, and the

port option (-p) to scan a particular port, which we also receive on

the command line.

We check the result of the scan 4. If the result is not empty, we

pass the IP address and port to the service_discovery function

5, which does an Nmap service-version discovery scan (-sV) and

writes the result to the log file watchdog.log 1. If the port scan fails,

which means the port is closed, we sleep for five seconds 6. As a

result, the process will repeat every five seconds until the port is

found open.

You can download this script at https://github.com/dolevf/Black-

Hat-Bash/blob/master/ch04/port_watchdog.sh. Save and run it using

the following arguments:

$ ./port_watchdog.sh 127.0.0.1 3337

Since nothing should be running on this port of your localhost,

the script should run forever. We can simulate a port-opening event

by using Python’s built-in http.server module, which starts a simple

HTTP server:

$ python3 -m http.server 3337

Now the port_watchdog.sh script should show the following:

Port is not yet open, sleeping for 5 seconds...

127.0.0.1 has started responding on port 3337!

Performing a service discovery...

Wrote port scan data to watchdog.log

You can view the results of the scan by opening the

watchdog.log file:

$ cat watchdog.log

Starting Nmap ( https://nmap.org )

Nmap scan report for 172.16.10.10

Host is up (0.000099s latency).

PORT STATE SERVICE VERSION