Linux
单个端口
timeout 1 bash -c "echo >/dev/tcp/baidu.com/888" && echo open || echo closed
image.png
端口范围
for i in {80..100}; do timeout 1 bash -c "echo >/dev/tcp/baidu.com/$i" && echo "$i open" || echo "$i closed"; done
image.png
端口列表
for i in {80,3389}; do timeout 1 bash -c "echo >/dev/tcp/baidu.com/$i" && echo "$i open" || echo "$i closed"; done
image.png
Windows
单个端口
powershell.exe -c "%{tnc -InformationLevel Quiet baidu.com -port 80}"
image.png
powershell.exe -c "%{if(tnc -InformationLevel Quiet baidu.com -port 80){echo $_'----open'}else{echo $_'----close'}}"
端口范围
powershell.exe -c "80..90 | %{if(tnc -InformationLevel Quiet baidu.com -port $_){echo $_'----open';}else{echo $_'----close';}}"
image.png
端口列表
powershell.exe -c "80,3389 | %{if(tnc -InformationLevel Quiet baidu.com -port $_){echo $_'----open';}else{echo $_'----close';}}"
image.png
参考:《照弹不误:出站端口受限环境下反弹Shell的思考》
网友评论