OFFPORT_KILLER : Tool Aims At Automating The Identification Of Potential Service Running

OFFPORT_KILLER tool aims at automating the identification of potential service running behind ports identified manually or on services running locally only.

The tool is useful:

  • When nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports and
  • also if you have been able to identify services running locally via (netstat, running processes SNMP or else).

Several databases are used such as the one from NMAP, IANA and linux machines.

The tool can be used by pentesters, system admins, CTF players, students, System Auditors and trolls :).

Usage

  • Example

./OFFPORT_KILLER.sh -i inputfile.txt -r report.txt -e /tmp/

Arguments

  • -i : input file (format IP:PORT)
  • -r : report name (save the output)
  • -h : help

Steps

  • Step 1: Peform a manual port scanning (using nc, tcpdump or whatever) or identify services running locally
  • Step 2: Create a file with format IP:PORT (where IP is the target IP address and PORT is a port identified).
  • Step 3: Run the tool with the file created using the argument -i

Note: Create an entry for each port, several IP can be input in the file.

inputfile.txt

192.168.1.12:1830
192.168.1.12:7738
192.168.1.14:22
192.168.1.14:7738
192.168.1.15:3465

Read Output

To read output while keeping the aspect (color), especially when cat is not adequate and the output is too long.

  • less -R report.txt

Disclaimer

This script is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that me (TH3xACE) is not liable for any damages caused by direct or indirect use of the information or functionality provided by these programs. The author or any Internet provider bears NO responsibility for content or misuse of these programs or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss, system crash, system compromise, etc.) caused by the use of the script is not my responsibility.

R K

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

2 days ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

2 days ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

4 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

5 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

3 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

4 weeks ago