CircleCI Atomic Red Team doc generator
1.6 KiB
1.6 KiB
T1046 - Network Service Scanning
Description from ATT&CK
Adversaries may attempt to get a listing of services running on remote hosts, including those that may be vulnerable to remote software exploitation. Methods to acquire this information include port scans and vulnerability scans using tools that are brought onto a system.Within cloud environments, adversaries may attempt to discover services running on other cloud hosts or cloud services enabled within the environment. Additionally, if the cloud environment is connected to a on-premises environment, adversaries may be able to identify services running on non-cloud systems.
Atomic Tests
Atomic Test #1 - Port Scan
Scan ports to check for listening ports
Supported Platforms: Linux, macOS
Run it with sh!
for port in {1..65535};
do
echo >/dev/tcp/192.168.1.1/$port && echo "port $port is open" || echo "port $port is closed" : ;
done
Atomic Test #2 - Port Scan Nmap
Scan ports to check for listening ports with Nmap.
Supported Platforms: Linux, macOS
Inputs
| Name | Description | Type | Default Value |
|---|---|---|---|
| network_range | Network Range to Scan. | string | 192.168.1.0/24 |
| port | Ports to scan. | string | 80 |
| host | Host to scan. | string | 192.168.1.1 |
Run it with sh!
nmap -sS #{network_range} -p #{port}
telnet #{host} #{port}
nc -nv #{host} #{port}