Whatportis: find the default port number for a specific service

Within the network of infiltration sometimes encounter situations, some port development tries to change the default port. So, on this topic, I am going guide you to find the default port number for a specific service, or what service is normally listening on a given port.

This tool is Whatportis, which comes with a lot more of the default port service database. 

Installation using github:

git clone https://github.com/ncrocfer/whatportis.git

or

pip install whatportis

Usage

This tool allows you to find what port is associated with a service:

$ whatportis redis

+-------+------+----------+---------------------------------------+

| Name  | Port | Protocol | Description                           |

+-------+------+----------+---------------------------------------+

| redis | 6379 |   tcp    | An advanced key-value cache and store |

+-------+------+----------+---------------------------------------+

Or, conversely, what service is associated with a port number:

I have no intention at once within the network penetration, we found that there are a lot of Linux machines, they are open port 6001, so I resorted to Whatportis to see what services it is, the results show:

The original X-related services when landing Manager xserver-allow-tcp = true and xhost + performed, you can open the X Forwarding, 6000 at this time will open up a port, such as Display0 open 6000, In this subsequent accumulation (echo $ DISPLAY). We usually encountered when a default port, what is the most rapid penetration of the idea is it? Following attack flow should be formed in the mind: Analyzing the port development -> initial recognition port -> find the default corresponding service -> Fingerprint further confirmation Services -> find quickly available Exp.

Copyright (c) 2016 Nicolas Crocfer

Source: https://github.com/ncrocfer/