In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific ports. A variant called single packet authorization (SPA) exists, where only a single "knock" is needed, consisting of an encrypted packet.
The primary purpose of port knocking is to prevent an attacker from scanning a system for potentially exploitable services by doing a port scan, because unless the attacker sends the correct knock sequence, the protected ports will appear closed. Many CTFs port knocking used as network challenges. Below you can find the script to automate this proccess. If you find open port with "waste" services, you can try below script.
from socket import *
from itertools import permutations
ip="192.168.0.107" # Machine ip
Port=1337 # Machine port
print("# received ports: ", port_list)
for port in permutations(port_list, 3):
print("-> Port: ", port)
os.system("nmap -F "+ip)
print("$ Done !!!")
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command-line switches, such as -s, -d or -c to be passed to the php-cgi binary, which can be exploited to disclose source code and obtain arbitrary code execution. For more read here. Usage: python file.py 192.168.0.100 80