I needed to check a list of jumphosts and see if they were linux or windows. I didn’t want to log in to each one manually and wanted the results of something like nmap saved into a CSV file. I could of grepped through nmap output, but it wouldn’t of formatted the way I wanted. Instead I wrote a small perl script to check for open ports on a list of domains or IPv4 addresses. Here is the perl script to check for open ports:
#!/usr/bin/perl -w
# porttester will check a list of hosts to see if specific ports are open
# like nmap, but allows you to print out what you want, in the way you want
# (like a CSV - as nmap is kinda noisy and doesn't dump well to spreadsheets)
# based off code snippets from perlmonks.org
# instructions for use:
# specify the ports you want to look for in %port_hash. tcp/udp must be specified too
# to run it, type: perl porttester.pl > outpout.csv
# prints:
# a.com,22
# b.com
# c.com,3389,22
# d.com,3389
# 10.1.1.1,22
use strict;
use IO::Socket::PortState qw(check_ports);
# this is the icmp timeout
my $timeout = 1;
# use the format as per below to add new ports
# perl is not going to be as fast a nmap, this is
# a specialized tool to check for RDP and SSH
# and print it out to a spreadsheet, use nmap!
my $proto = 'tcp';
my %port_hash = (
$proto => {
22 => {},
3389 => {},
}
);
# loop over __DATA__ and process line by line
while (<DATA>){
my $host = $_;
# strip off the new line character
chomp($host);
# get a hash ref (I think that's the data structure returned)
my $host_hr = check_ports($host,$timeout,\%port_hash);
# print whatever host this
print "$host";
# loop over each key in the hash that matches $proto (tcp), so 22 and 3389
for my $port (keys %{$host_hr->{$proto}}) {
# if it's open, say "yes", else say "no"
my $yesno = $host_hr->{$proto}{$port}{open} ? "yes" : "no";
# if it's "yes", then print it out
if ($yesno eq 'yes') {
print ",$port";
}
}
# add a new line for formatting
print "\n";
}
# don't include spaces or extra lines below the __DATA__ mark
__DATA__
a.com
b.com
c.com
d.com
10.1.1.1
I know that nmap is a more robust solution – and this will set off alarms on almost any IDS – but here is a perl script for checking open ports, regardless!