Pentest Tools

Published on March 2nd, 2016 📆 | 7863 Views ⚑

0

Whatportis – A Command To Search Port Names And numbers


iSpeech.org
It often happens that we need to find the default port number for a specific service, or what service is normally listening on a given port.

[adsense size='1']
Usage
This tool allows you to find what port is associated with a service:

$ whatportis redis
+-------+------+----------+---------------------------------------+
| Name  | Port | Protocol | Description                           |
+-------+------+----------+---------------------------------------+
| redis | 6379 |   tcp    | An advanced key-value cache and store |
+-------+------+----------+---------------------------------------+

Or, conversely, what service is associated with a port number:

$ whatportis 5432
+------------+------+----------+---------------------+
| Name       | Port | Protocol | Description         |
+------------+------+----------+---------------------+
| postgresql | 5432 |   tcp    | PostgreSQL Database |
| postgresql | 5432 |   udp    | PostgreSQL Database |
+------------+------+----------+---------------------+

You can also search a pattern without knowing the exact name by adding the --like option:

$ whatportis mysql --like
+----------------+-------+----------+-----------------------------------+
| Name           |  Port | Protocol | Description                       |
+----------------+-------+----------+-----------------------------------+
| mysql-cluster  |  1186 |   tcp    | MySQL Cluster Manager             |
| mysql-cluster  |  1186 |   udp    | MySQL Cluster Manager             |
| mysql-cm-agent |  1862 |   tcp    | MySQL Cluster Manager Agent       |
| mysql-cm-agent |  1862 |   udp    | MySQL Cluster Manager Agent       |
| mysql-im       |  2273 |   tcp    | MySQL Instance Manager            |
| mysql-im       |  2273 |   udp    | MySQL Instance Manager            |
| mysql          |  3306 |   tcp    | MySQL                             |
| mysql          |  3306 |   udp    | MySQL                             |
| mysql-proxy    |  6446 |   tcp    | MySQL Proxy                       |
| mysql-proxy    |  6446 |   udp    | MySQL Proxy                       |
| mysqlx         | 33060 |   tcp    | MySQL Database Extended Interface |
+----------------+-------+----------+-----------------------------------+



Installation

$ pip install whatportis


[adsense size='2']

JSON output
You can display the results as JSON, using the --json option :

$ whatportis 5432 --json
[
    {
        "description": "PostgreSQL Database",
        "protocol": "tcp",
        "name": "postgresql",
        "port": "5432"
    },
    {
        "description": "PostgreSQL Database",
        "protocol": "udp",
        "name": "postgresql",
        "port": "5432"
    }
]



REST API
Whatportis can also be started as a RESTful API server:

$ whatportis --server localhost 8080
 * Running on https://localhost:8080/ (Press CTRL+C to quit)

$ curl https://localhost:8080/ports
"ports": [
  {
    "description": "Description",
    "name": "Service Name",
    "port": "Port Number",
    "protocol": "Transport Protocol"
  },
  ...
]


$ curl https://localhost:8080/ports/3306
{
  "ports": [
    [
      "mysql",
      "3306",
      "tcp",
      "MySQL"
    ],
    [
      "mysql",
      "3306",
      "udp",
      "MySQL"
    ]
  ]
}

$ curl https://localhost:8080/ports/mysql?like
{
  "ports": [
    [
      "mysql-cluster",
      "1186",
      "tcp",
      "MySQL Cluster Manager"
    ],
    [
      "mysql-cluster",
      "1186",
      "udp",
      "MySQL Cluster Manager"
    ],
    ...
}



Notes

  • "Why not use grep <port> /etc/services " ? Simply because I want a portable command that display the output in a nice format (a pretty table).
  • The tool uses the Iana.org website to get the official list of ports. A private script has been created to fetch regularly the website and update the ports.json file. For this reason, an update command will be created in a future version.

[adsense size='4']

Download Whatportis



Leave a Reply

Your email address will not be published.