Bounce Scan Python Script

I was giving a presentation on Passive Information Gathering this week to the 757 White Hat Hacker meetup group that I organize. I found this website, yougetsignal.com that allows you to scan a limited range of ports on your internet gateway IP address, or specify an IP address and port to scan.

The hacker in me thought about how I could use this to perform passive reconnaissance. I’m always looking for a reason to solve a problem or save some time using Python, and this seemed like a good excuse to brush up on my Python web request skills. Sure, this may not be very useful to some. For me it’s an excuse to learn Python web requests. Feel free to use it and suggest improvements on my github page. Don’t be too harsh, I know there are a lot of things I can improve in this script. This is just something I whipped up quickly before breakfast this morning.

The http request captured by Burp Suite:

youscanrequest

The code:

#!/usr/bin/env python

# Import our libraries
import sys
import requests
from bs4 import BeautifulSoup

# Get the IP address from the command line
ipAddress = sys.argv[1]
# Self-explanatory
url = "http://ports.yougetsignal.com/short-scan.php"
# Our post value
values = {"remoteAddress":ipAddress}
# Do the post
r = requests.post(url, data=values)
# Use BeautifulSoup to parse html
soup = BeautifulSoup(r.content, 'html.parser')
# Strip html out and print text
print(soup.get_text())

The result of scanning 8.8.8.8:

C:\Users\sdcam\Documents>python bounce-scan.py 8.8.8.8
 Port 21 is closed on 8.8.8.8.
 Port 22 is closed on 8.8.8.8.
 Port 23 is closed on 8.8.8.8.
 Port 25 is closed on 8.8.8.8.
 Port 53 is open on 8.8.8.8.
 Port 80 is closed on 8.8.8.8.
 Port 110 is closed on 8.8.8.8.
 Port 115 is closed on 8.8.8.8.
 Port 135 is closed on 8.8.8.8.
 Port 139 is closed on 8.8.8.8.
 Port 143 is closed on 8.8.8.8.
 Port 194 is closed on 8.8.8.8.
 Port 443 is closed on 8.8.8.8.
 Port 445 is closed on 8.8.8.8.
 Port 1433 is closed on 8.8.8.8.
 Port 3306 is closed on 8.8.8.8.
 Port 3389 is closed on 8.8.8.8.
 Port 5632 is closed on 8.8.8.8.
 Port 5900 is closed on 8.8.8.8.
 Port 6112 is closed on 8.8.8.8.
(Visited 436 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *