Listing active ports without netstat (BASH)
There are sometimes occassions where you may want to list all active ports without relying on inbuilt tools (for example because you suspect netstat and lsof have been tampered with). This snippet will generate output detailing the local IP and ports being used - note that it will also include client ports, so will include any connections your system is making upstream
Similar To
- netstat
Details
- Language: BASH
- License: BSD-3-Clause
Snippet
# Get all open ports in hex format
declare -a open_ports=($(cat /proc/net/tcp /proc/net/raw /proc/net/udp | grep -v "local_address" | awk '{ print $2 }'))
# Define function for converting
dec2ip () {
ip=$1
s=""
for i in {1..4}; do
s='.'$((ip%256))$s && ((ip>>=8));
done;
echo ${s:1} | sed 's/\./\n/g' | tac | sed ':a; $!{N;ba};s/\n/./g'
}
# Show all open ports and decode hex to dec
for tuple in ${open_ports[*]}; do
port=${tuple#*:}
ip=${tuple%:*}
echo $(dec2ip $((0x${ip}))):$((0x${port}));
done | sort | uniq -c