What The Port!?
I was practicing with some of my pentesting tools the other day and I was going through my typical port research process.
I have done enough scans now that I have many ports memorized and the typical services associated with these ports. Every once in a while there is an obscure port that shows up and I am not totally sure what goes with it. When these ports appear in a port scan I go to the internet and do some digging.
Now it is not a lot of work to google "what is port 6200?"
However, I think it is useful to do some of this preliminary work in the terminal that focuses my research afterwards.
I put together a useful webscraping python script that automates a website and shows us port number registries and typical associated services. Take a look at the script below!
The above script takes a port number argument and puts that number into a URL string. The script then requests the URL and proceeds with scraping data from a table that is presented on the site.
Sample output. Here we see that the port 445 (according to the site) has not had unauthorized use reported.
Let's look at a port that has Unauthorized Use Reported.
Reference: