Home Explore Help
Sign In
Botnet_Research
/
hostage
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4470ff47f8
Branches Tags
hostage
/
assets
/
payload
/
redirect-ports.sh

redirect-ports.sh 1.2 KB
History Raw

123456789101112131415161718192021222324 
  1. #!/bin/bash
    2. 

  2. 

  3. # redirects ports below 1024 to a higher range using iptables, so they can be used without elevated rights
    4. 

  4. # MySQL SIP (3306 and 5060) are left out because they are >= 1024 anyways
    5. 

  5. 

  6. #             ECHO  FTP   HTTP  HTTPS SMB (NETBIOS UDP & TCP) SSH   TELNET
    7. 

  7. protocol=(    "tcp" "tcp" "tcp" "tcp" "udp" "udp" "tcp" "tcp" "tcp" "tcp" )
    8. 

  8. origin=(       7     21    80    443   137   138   137   139   22    23   )
    9. 

  9. destination=( 28144 28169 28217 28580 28274 28275 28274 28276 28159 28160 ) # simply offset by 1024 + 27113
    10. 

  10. length=${#protocol[@]} # count protocol elements
    11. 

  11. 

  12. # for (( i=0; i<$length; i++ ))
    13. 

  13. for i in `seq 0 9` # fix for android's annoyingly limited bash
    14. 

  14. do
    15. 

  15. 	# echo ${protocol[$i]} ${origin[$i]} ${destination[$i]} # debug
    16. 

  16. 

  17. 	# delete previous rules to avoid duplicates
    18. 

  18. 	iptables -t nat -D PREROUTING -p ${protocol[$i]} --dport ${origin[$i]} -j REDIRECT --to-ports ${destination[$i]}
    19. 

  19. 	iptables -t nat -D OUTPUT -p ${protocol[$i]} --dport ${destination[$i]} -j REDIRECT --to-ports ${origin[$i]}
    20. 

  20. 

  21. 	# add new rules
    22. 

  22. 	iptables -t nat -A PREROUTING -p ${protocol[$i]} --dport ${origin[$i]} -j REDIRECT --to-ports ${destination[$i]}
    23. 

  23. 	iptables -t nat -A OUTPUT -p ${protocol[$i]} --dport ${destination[$i]} -j REDIRECT --to-ports ${origin[$i]}
    24. 

  24. done
    25.