Port Scan Local Network

Description

Runs a full TCP connect port scan on all local networks.

Overview

This script performs a full TCP connect scan against oll local area networks using a default set of ports. IP subnets are selected by identifying interfaces on the host that meet the following criteria:

  • Interface is in the up state.
  • There are greater than 2 ARP entries on the interface.
  • Subjet has a CIDR greater than or equal to /23 (512 IP addresses).

The default ports scanned are: 21, 22, 23, 25, 80, 135, 161, 389, 443, 445, and 3389

Arguments

Parameter Type Description
Ports int[] A comma-separated list of ports to scan.
ThreadCount int The number of cuncurrent threads to use for parallel scanning.
Timeout int The TCP timeout value in milliseconds.

Example Text Output

IP            Network        21       22       23       25       80       135      161      389
--            -------        --       --       --       --       --       ---      ---      ---
192.168.1.103 192.168.1.0/24 Filtered Filtered Filtered Filtered Filtered Open     Filtered Filtered
192.168.1.2   192.168.1.0/24 Filtered Filtered Filtered Filtered Filtered Open     Filtered Open
192.168.1.101 192.168.1.0/24 Filtered Filtered Filtered Filtered Filtered Open     Filtered Filtered
192.168.1.1   192.168.1.0/24 Filtered Filtered Filtered Filtered Open     Filtered Filtered Filtered
192.168.1.100 192.168.1.0/24 Filtered Open     Filtered Filtered Filtered Filtered Filtered Filtered
10.0.2.1      10.0.2.0/24    Filtered Filtered Filtered Filtered Open     Filtered Filtered Filtered
10.0.2.6      10.0.2.0/24    Filtered Filtered Filtered Filtered Open     Filtered Filtered Filtered
10.0.2.252    10.0.2.0/24    Filtered Filtered Filtered Filtered Open     Filtered Filtered Filtered
10.0.2.27     10.0.2.0/24    Filtered Filtered Filtered Filtered Open     Filtered Filtered Filtered
10.0.2.254    10.0.2.0/24    Filtered Filtered Filtered Filtered Open     Filtered Filtered Filtered
10.0.2.212    10.0.2.0/24    Filtered Filtered Filtered Filtered Filtered Filtered Filtered Filtered

Example Json Output

[
  {
    "21": "Filtered",
    "22": "Filtered",
    "23": "Filtered",
    "25": "Filtered",
    "80": "Open",
    "135": "Filtered",
    "161": "Filtered",
    "389": "Filtered",
    "443": "Open",
    "445": "Filtered",
    "3389": "Filtered",
    "Network": "192.168.1.0/24",
    "IP": "192.168.1.1",
    "Session": {
      "MachineId": "dfec7175a6a62757d83b93794df767d5acfadb82",
      "SessionId": "9525f2ec5c4a4920b7b8fe3ff56aa51d",
      "FQDN": "DESKTOP-LMCH70V",
      "IP": "::1",
      "OS": "Windows 10.0.19045",
      "Username": "DESKTOP-LMCH70V\\helpdesk",
      "PID": 8672,
      "Path": "C:\\Users\\helpdesk\\Desktop\\Workspace\\repos\\SpecterInsight\\src\\release\\implants\\1fe0b18153764e549b04928e79fc288f\\x64\\WinNativeExe.exe"
    }
  }
]
Scroll to Top