What The Port!?



I was practicing with some of my pentesting tools the other day and I was going through my typical port research process.  

I have done enough scans now that I have many ports memorized and the typical services associated with these ports.  Every once in a while there is an obscure port that shows up and I am not totally sure what goes with it.  When these ports appear in a port scan I go to the internet and do some digging.

Now it is not a lot of work to google "what is port 6200?

However, I think it is useful to do some of this preliminary work in the terminal that focuses my research afterwards.  

I put together a useful webscraping python script that automates a website and shows us port number registries and typical associated services.  Take a look at the script below!




The above script takes a port number argument and puts that number into a URL string.  The script then requests the URL and proceeds with scraping data from a table that is presented on the site.

Use the format below(image) to run the script.



Sample output.  Here we see that the port 445 (according to the site) has not had unauthorized use reported.




Let's look at a port that has Unauthorized Use Reported.



When you are doing an audit or a pen test there is a ton of research, Using scripts like this can optimize your research and get you back to poking holes in the target system!

Hope you enjoyed!


Reference:

[1]https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=6200

Comments

Popular Posts