PENTEST VIA CELLULAR NETWORK (V): NMAP PORT SCANNER WITH SMS MESSAGE
- Layout for this exercise (Smartphone and Raspberry Pi / SIM card / Modem):
- This exercise is based on the four previous exercises:
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-i-global.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-ii.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-iii-sms.html
http://www.whitelist1.com/2018/03/pentest-via-cellular-network-iv-port.html
1 - Writing the Python script
- The Python script used in this exercise uses libraries and scripts from previous exercises:
- Some libraries are imported:
- A function is defined to process the SMS message requests:
- External stored data is invoked:
- The script waits until an SMS message arrives, then processing it, and finally giving back an answer:
2 - Testing the script
- First, from the smartphone an SMS message is launched asking about the port 22 of the localhost:
- Running the Python script at the Raspberry Pi, it detects the request from the smartphone and finally gives back an answer:
- Before launching another test to the host 192.168.1.6, let's perform an Nmap scan in the usual way:
- Now, from the smartphone an SMS message is launched inquiring about the port 135 of the host 192.168.1.6:
- The Raspberry Pi gives an answer back to the smartphone via an SMS message, and the result is equal to the usual Nmap port scanning: port 135 is open.
