Changes

2,179 bytes added , 22:44, 20 December 2023

no edit summary

Line 1: Line 1: −

==IPv6 Port Scan Automation==

+

==IPscan IPv6 Port Scan Automation==

−

~~Automated~~ IPv6 firewall testing (IPv6 TCP and UDP port scans) using wget and ~~ipscan~~.

+

This section provides an overview of automated IPv6 firewall testing (IPv6 TCP and UDP port scans) using wget and IPscan.

−

~~<analytics uacct="UA-27654202-1" ></analytics>~~

−

~~'''<font color~~=~~"red">Important update : this service has recently transferred to a new high availability server. As a result some old bookmarks may longer work. Please also be aware~~ of ~~changes to the target host specified below.</font>'''~~

+

===Terms of Use===

−

=~~==Terms~~ of ~~Use===~~

+

'''Please ensure that you accept the ''[https://wiki.chappell-family.com/wiki/index.php?title=Timswiki:About terms of use]'' and are authorised to perform IPv6 port scans against the machine that you wish to test ''BEFORE'' attempting any of the steps outlined below. Please also ensure that you are not accessing web pages using an HTTP proxy. If in doubt then a web proxy can be disabled by following the command-line examples shown below.'''

−

'''Please ensure that you accept the ''[http://ipv6.chappell-family.com/html/termsofuse.html terms of use for my IPv6 port scanner]'' and are authorised to perform IPv6 port scans against the machine that you wish to test ''BEFORE'' attempting any of the steps outlined below. Please also ensure that you are not accessing web pages using an HTTP proxy. If in doubt then a web proxy can be disabled by following the command-line examples shown below.'''

+

This website publishes a [[Timswiki:Privacy_policy]]. Continued use of this website implies your consent to the storage of data outlined in the policy.

−

~~This website publishes a [http://ipv6.chappell-family.com/html/privacy_policy.html Privacy Policy.] Continued use of this website implies your consent to the storage of data outlined in the policy.~~

+

----

===Rules for Forming the URL===

Line 19: Line 18:

It is possible to request automatic scans using '''''wget''''' but the URLs must be constructed as shown below. In each case you '''MUST:'''

−

* target my IPv6 host and IPv6 cgi-bin directory (~~ipv6~~.chappell-family.~~com~~/cgi-bin6/)

+

* target the IPscan IPv6 host and IPv6 cgi-bin directory (www66.chappell-family.co.uk/cgi-bin6/)

* use the text-browser compatible cgi target (ipscan-txt.cgi)

* include an includeexisting query term, setting it to either 1 (include default ports [[IPv6_Ports]]) or -1 (exclude default ports)

* include all 4 customport terms (numbered 0 to 3), setting them equal to nothing if they are unused

+

* include the termsaccepted term, setting it to 1 to indicate your acceptance of the terms and conditions

* ensure that there are no spaces in the query string, particularly if using cut'n'paste

* wrap the resulting URL in quotes to ensure that the ampersand characters are not mis-interpreted

Line 43: Line 43:

+digest +https +ipv6 +iri +large-file +nls -ntlm +opie +ssl/gnutls

−

</pre>

+

</pre>

==Example Scans==

Line 53: Line 53: −

'''wget --no-proxy --output-document=ipv6.html <nowiki>"~~http~~://~~ipv6~~.chappell-family.~~com~~/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3="</nowiki>'''

+

'''wget --no-proxy --output-document=ipv6.html <nowiki>"https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1"</nowiki>'''

<pre>

−

--2012-01-28 14:28:03-- ~~http~~://~~ipv6~~.chappell-family.~~com~~/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=

+

--2012-01-28 14:28:03-- https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1

−

Resolving ~~ipv6~~.chappell-family.~~com~~... 2001:470:~~1f08~~:~~185c~~::2

+

Resolving www66.chappell-family.co.uk... 2001:470:971f:99::6

−

Connecting to ~~ipv6~~.chappell-family.~~com~~|2001:470:~~1f08~~:~~185c~~::2|:80... connected.

+

Connecting to www66.chappell-family.co.uk|2001:470:971f:99::6|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 10147 (9.9K) [text/html]

Line 67: Line 67:

2012-01-28 14:28:03 (165 MB/s) - `ipv6.html' saved [10147/10147]

</pre>

−

===Testing the UDP ports and a single TCP port, e.g. 8080===

−

'''wget --no-proxy --output-document=ipv6.html <nowiki>"~~http~~://~~ipv6~~.chappell-family.~~com~~/cgi-bin6/ipscan-txt.cgi?includeexisting=-1&customport0=8080&customport1=&customport2=&customport3="</nowiki>'''

+

'''wget --no-proxy --output-document=ipv6.html <nowiki>"https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=-1&customport0=8080&customport1=&customport2=&customport3=&termsaccepted=1"</nowiki>'''

<pre>

−

--2012-01-28 14:37:21-- ~~http~~://~~ipv6~~.chappell-family.~~com~~/cgi-bin6/ipscan-txt.cgi?includeexisting=-1&customport0=8080&customport1=&customport2=&customport3=

+

--2012-01-28 14:37:21-- https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=-1&customport0=8080&customport1=&customport2=&customport3=&termsaccepted=1

−

Resolving ~~ipv6~~.chappell-family.~~com~~... 2001:470:~~1f08~~:~~185c~~::2

+

Resolving www66.chappell-family.co.uk... 2001:470:971f:99::6

−

Connecting to ~~ipv6~~.chappell-family.~~com~~|2001:470:~~1f08~~:~~185c~~::2|:80... connected.

+

Connecting to www66.chappell-family.co.uk|2001:470:971f:99::6|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 7323 (7.2K) [text/html]

Line 86: Line 85:

2012-01-28 14:37:21 (112 MB/s) - `ipv6.html' saved [7323/7323]

</pre>

−

===Testing the UDP ports, the default TCP ports list and 3 custom TCP ports===

Line 92: Line 90: −

'''wget --no-proxy --output-document=ipv6.html <nowiki>"~~http~~://~~ipv6~~.chappell-family.~~com~~/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=8080&customport1=33452&customport2=65535&customport3="</nowiki>'''

+

'''wget --no-proxy --output-document=ipv6.html <nowiki>"https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=8080&customport1=33452&customport2=65535&customport3=&termsaccepted=1"</nowiki>'''

<pre>

−

--2012-01-28 14:39:53-- ~~http~~://~~ipv6~~.chappell-family.~~com~~/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=8080&customport1=33452&customport2=65535&customport3=

+

--2012-01-28 14:39:53-- https://www66.chappell-family.co.uk/cgi-bin6/ipscan-txt.cgi?includeexisting=1&customport0=8080&customport1=33452&customport2=65535&customport3=&termsaccepted=1

−

Resolving ~~ipv6~~.chappell-family.~~com~~... 2001:470:~~1f08~~:~~185c~~::2

+

Resolving www66.chappell-family.co.uk... 2001:470:971f:99::6

−

Connecting to ~~ipv6~~.chappell-family.~~com~~|2001:470:~~1f08~~:~~185c~~::2|:80... connected.

+

Connecting to www66.chappell-family.co.uk|2001:470:971f:99::6|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 10263 (10K) [text/html]

Line 107: Line 105:

</pre>

+

===Default test using curl===

+

'''$ curl -sS "https://www66.chappell-family.co.uk/cgi-bin6/ipscanfasttxt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1"'''

+

or

+

'''$ curl -sS "https://www66.chappell-family.co.uk/cgi-bin6/ipscanfasttxt.cgi?includeexisting=1&customport0=&customport1=&customport2=&customport3=&termsaccepted=1" |awk -F'[<> ]' 'BEGIN{printf("\nPORT\tSTATE\n")};{for(i=4;i<=NF;i++){if (index($i,"OPEN")>0 && $(i-1)=="=" && $(i-3)=="Port") {printf("%s\t%s\n",$(i-2),$i)}}};' '''

+

<pre>

+

PORT STATE

+

80 OPEN

+

443 OPEN

+

1080 OPEN

+

3128 OPEN

+

</pre>

+

===Testing on Ubiquity ERlite Routers===

+

On the router:

+

'''sudo /usr/bin/curl -G <nowiki>'https://www66.chappell-family.co.uk/cgi-bin6/ipscantxt.cgi'</nowiki> --data-urlencode 'includeexisting=1' --data-urlencode 'customport0=' --data-urlencode 'customport1=' --data-urlencode 'customport2=' --data-urlencode 'customport3=' --data-urlencode 'termsaccepted=1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Connection: keep-alive' 2>&1 >/tmp/ipv6.html'''

+

'''sudo scp /tmp/ipv6.html <user>@<host>:'''

+

'''sudo rm -f /tmp/ipv6.html'''

+

Exchange <user> and <host> for an applicable account and machine name to transfer the results file to.

+

<pre>sudo /usr/bin/curl -G <nowiki>'https://www66.chappell-family.co.uk/cgi-bin6/ipscantxt.cgi'</nowiki> --data-urlencode 'includeexisting=1' --data-urlencode 'customport0=' --data-urlencode 'customport1=' --data-urlencode 'customport2=' --data-urlencode 'customport3=' --data-urlencode 'termsaccepted=1' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Connection: keep-alive' 2>&1 >/tmp/ipv6.html

+

% Total % Received % Xferd Average Speed Time Time Time Current

+

Dload Upload Total Spent Left Speed

+

100 2844 100 2844 0 0 30 0 0:01:34 0:01:33 0:00:01 627

+

</pre>

===HTML Results Scraping===

Line 113: Line 145: −

~~----~~

+

This website publishes a Privacy Policy (link at the bottom of every page). Continued use of this website implies your consent to the use of data outlined in the policy.

−

~~<adsense>1</adsense>~~

Wikiadmin

Bureaucrats, Administrators

579

edits

Changes

ScanAutomation (view source)

Revision as of 22:44, 20 December 2023

Navigation menu

Search