Bounce Scan Python Script

I was giving a presentation on Passive Information Gathering this week to the 757 White Hat Hacker meetup group that I organize. I found this website, that allows you to scan a limited range of ports on your internet gateway IP address, or specify an IP address and port to scan.

The hacker in me thought about how I could use this to perform passive reconnaissance. I’m always looking for a reason to solve a problem or save some time using Python, and this seemed like a good excuse to brush up on my Python web request skills. Sure, this may not be very useful to some. For me it’s an excuse to learn Python web requests. Feel free to use it and suggest improvements on my github page. Don’t be too harsh, I know there are a lot of things I can improve in this script. This is just something I whipped up quickly before breakfast this morning.

The http request captured by Burp Suite:


The code:

#!/usr/bin/env python

# Import our libraries
import sys
import requests
from bs4 import BeautifulSoup

# Get the IP address from the command line
ipAddress = sys.argv[1]
# Self-explanatory
url = ""
# Our post value
values = {"remoteAddress":ipAddress}
# Do the post
r =, data=values)
# Use BeautifulSoup to parse html
soup = BeautifulSoup(r.content, 'html.parser')
# Strip html out and print text

The result of scanning

 Port 21 is closed on
 Port 22 is closed on
 Port 23 is closed on
 Port 25 is closed on
 Port 53 is open on
 Port 80 is closed on
 Port 110 is closed on
 Port 115 is closed on
 Port 135 is closed on
 Port 139 is closed on
 Port 143 is closed on
 Port 194 is closed on
 Port 443 is closed on
 Port 445 is closed on
 Port 1433 is closed on
 Port 3306 is closed on
 Port 3389 is closed on
 Port 5632 is closed on
 Port 5900 is closed on
 Port 6112 is closed on
(Visited 558 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.