Outbound Port Scanner

13 May 2019

I was on an engagement today where all of my meterpreter payloads were being blocked - regardless if the payload was cretaed from setoolkit, DKMC, or msfvenom. This organization is very security-mature so it should have been no surpise.

So I took a step back and asked myself, “What ports are open?” Here’s a little powershell script to identify the open ports on the firewall:

#Select port range
$portrange = 20..1000
#Open connection for each port from the range
Foreach ($p in $portrange)
$Socket = New-Object Net.Sockets.TcpClient      
$ErrorActionPreference = 'SilentlyContinue'
#Connect on the given port
$Socket.Connect("", $p)
#Determine if the connection is established
if ($Socket.Connected) {
Write-Host "Outbound port $p is open." -ForegroundColor Green
else {
Write-Host "Outbound port $p is closed or filtered."}
} #end foreach


I suppose I could have just ran a meterpreter shell over https, but now I know for sure!

Tags: security

Published on 13 May 2019 Find me on LinkedIn!