showentry: 20150715-freeports.txt


# BEGIN 20150715-freeports.txt
# from: https://pad.meshwith.me/p/freeports

FREE PORTS TESTS

Check which ports, if any, are allowed via restricted connections.

Method:

    Send UDP Packets with a unique string to a remote Server which has no filters (VPS or Server w/ Static IP and no NAT router)

    Listen for the UDP Packets and the unique string on the Server

    Note which ports have packets that made it through. Those are your Free Ports.

Notes:

    It seems many services offer a free sites but want you to pay for all of them.

    In the same way, many services offer a free port but do not seem to advertise it.

    With this testing method you can find out which ports are allowed (they would block them if they didn't want them used, right?)

Requisites:

    ROOT on a device

    IP on a device

    ROOT on a Server

    IP of the Server

    netcat6  - apt-get install netcat6

Replace SERVER_IP with your Server's IP
Use ifconfig eth0 to find it.

Note: It's also a good idea to use an IP that has nothing else bound to it.
# netstat -lnap | grep SERVER_IP
This should show only ntp or such. not a lot of listening ports.

Example:
# netstat -lnap | grep SERVER_IP
udp        0      0 SERVER_IP:123        0.0.0.0:*                           4242/ntpd

Step 1:
Run this command on your Server:
 #  ngrep -qldany -s65535 -Wnone 'TESTSTRINGTHINGIE' udp 2>&1 | tee freeports.log

Step 2:
Run this command on your local client:
#  for T in `seq 1 5`; do for P in `seq 1 65535`;do echo -n .;echo  'TESTSTRINGTHINGIE' | nc6 -u -n -w1 -t1 SERVER_IP $P; sleep .1 ||  break;done;done

Changes:
    echo TESTSTRINGTHINGIE | socat - udp-sendto:SERVER_IP:$P  <- works too.

// udp.js
// sudo `which node` ./udp.js

var HOST = '_ENTER_SERVER_IP_HERE_';

var dgram = require('dgram');
var message = new Buffer('TESTSTRINGTHINGIE');

var runs = [];
var workers = 0;
var stop = function() {
  if (--workers < 1000) {
    var x = runs.pop();
    if (x) { x(); }
  }
};

for (var i = 1; i < 65535; i++) {
  (function() {
    var port = i;
    runs.push(function() {
      workers++;
      try {
        var client = dgram.createSocket('udp4');
        client.send(message, 0, message.length, port, HOST, function(err, bytes) {
          if (err) {
            console.log(err);
          }
          //console.log("sent to port " + port);
          client.close();
          stop();
        });
      } catch (e) {
        console.log("failed port " + port + e.message);
      }
    });
  })();
}

### IGNORE BELOW ###

ToDo / Future Notes / References
SERV:  ngrep -qldany -s65535 -Wnone 'TESTSTRINGTHINGIE' tcp 2>&1 | tee 3g-tcp.log
CLIENT:   for T in `seq 1 5`; do for P in `seq 1 65535`;do echo -n .;echo  'TESTSTRINGTHINGIE' | nc6 -n --idle-timeout=1 --timeout=3 64.15.65.118  $P 2>&1 | grep -v 'unable to connect'; sleep .1 ||  break;done;done

#!/bin/bash

# UDPTEST.sh
# Spew a string to every port on a remote IP to see what gets through
# This runs on the Client end (modem)

REMOTE="127.0.0.1"  #Change This to remote Sniffer
for T in `seq 1 2`
do
  for P in `seq 1 65535`
  do
    echo 'TESTSTRINGTHINGIE' | nc6 -u -n -w1 -t1 $REMOTE $P &>/dev/null & >/dev/null
    #sleep .5
    while :
    do
      if [ $((`ps axw|grep -v grep|grep nc4|wc -l`)) -lt 50 ]
      then
        break
      else
        sleep .5
      fi
    done
  done
done

#EOF#

# UDP Sniffer
# Listen on all ports and IPs for the TESTSTRING sent by the Client
# This runs on the Server end (Something with no filtered ports like a VPS or Hosted Server box)

ngrep -qldany -s65535 -Wnone 'TESTSTRINGTHINGIE' udp 2>&1 | tee -a clearwire.log

Editors:
    ircerr
    miniBill

#EOF#

# EOF 20150715-freeports.txt


20170607-HypeServices.txt
20161102-howdyneigbour.txt
20161031-AutoPeered.txt
20160903-xsuggest.txt
20160903-diffplayback.txt
20160701-HypeGames-Eratta.txt
20160303-viraldecoded.txt
20160208-amusing-usage-cases.txt
20151230-cifs2http.txt
20150903-hypegamesideas.txt
20150715-freeports.txt
20150714-rc.local.txt
20150606-hypevpsen.txt
20150212-hypemole.txt
20150210-HypeVidShare.txt

[ home | source | offenders ]