65 lines
2.8 KiB
Markdown
65 lines
2.8 KiB
Markdown
# Invoke-PortKnock
|
|
|
|
PowerShell script that knocks on a given sets of ports. It can optionally take an execute parameter to run a secondary script after the knocking is complete.
|
|
|
|
It should be noted that using port knocking is not a security measure alone, it is generally used to minimize detections from random bots on the internet. It is easy to figure out a port knocking sequence so make sure that your systems are using security best practices.
|
|
|
|
## Requirements
|
|
|
|
## Variables
|
|
|
|
| Variable | Required | Default | Choices | Description |
|
|
| ----------- | -------- | ------- | ------- | ---------------------------------------------------------------------------------------------------------------------------------- |
|
|
| Knock_Ports | Yes | | | Object Array for of the sequence of ports that should be knocked - The array must follow the following pattern |
|
|
| Delay | No | 200 | | The time to pause between knocks in milliseconds |
|
|
| Execute | No | | | Optional command that will be run after the knocking sequence is complete. This is passed directly to a Invoke-Expression command |
|
|
|
|
### Knock_Ports Object
|
|
|
|
| Variable | Required | Default | Choices | Description |
|
|
| ----------- | -------- | ------- | ------- | -------------------------------------- |
|
|
| Destination | Yes | | | Destination for port knock |
|
|
| Port | Yes | | | Port to be used for port knock |
|
|
| Protocol | Yes | | TCP,UDP | Protocol to be used for the port knock |
|
|
|
|
## Example
|
|
|
|
Simple port knock with a delay of 500ms to avoid issues on a high latency connection
|
|
|
|
```powershell
|
|
$Knock_Ports = @(
|
|
("10.1.1.1", 36041, "TCP"),
|
|
("10.1.1.1", 38097, "UDP"),
|
|
("10.1.1.1", 27079, "TCP")
|
|
)
|
|
|
|
.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Delay 500
|
|
```
|
|
|
|
Port knock that initiates a RDP connection to a device after the knocking sequence is complete.
|
|
|
|
```powershell
|
|
$Knock_Ports = @(
|
|
("10.1.1.1", 36041, "TCP"),
|
|
("10.1.1.1", 38097, "UDP"),
|
|
("10.1.1.1", 27079, "TCP")
|
|
)
|
|
|
|
.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "mstsc.exe /v:10.1.1.1:3389 /public"
|
|
```
|
|
|
|
Port knock that initiates a SSH connection to a device after the knocking sequence is complete.
|
|
|
|
```powershell
|
|
$Knock_Ports = @(
|
|
("10.1.1.1", 36041, "TCP"),
|
|
("10.1.1.1", 38097, "UDP"),
|
|
("10.1.1.1", 27079, "TCP")
|
|
)
|
|
|
|
.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "ssh example@10.1.1.1"
|
|
```
|
|
|
|
## License
|
|
|
|
See LICENSE file for full license information.
|