Comments on: JavaScript Port Scanner http://www.gnucitizen.org/blog/javascript-port-scanner/ Information Security Think Tank Thu, 11 Mar 2010 22:49:16 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: JavaScript Authorization Forcer | GNUCITIZEN http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-124976 JavaScript Authorization Forcer | GNUCITIZEN Thu, 01 Jan 2009 18:23:09 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-124976 [...] on your IP, a class C range is enumerated using the Port Scanning or Visited Link Scanning [...] [...] on your IP, a class C range is enumerated using the Port Scanning or Visited Link Scanning [...]

]]> By: XSSing the Lan | GNUCITIZEN http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-124497 XSSing the Lan | GNUCITIZEN Fri, 28 Nov 2008 15:44:58 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-124497 [...] LAN and where the border router is located. This is usually achieved in a way similar to how the JavaScript port scanner [...] [...] LAN and where the border router is located. This is usually achieved in a way similar to how the JavaScript port scanner [...]

]]> By: Jason Miller http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-124344 Jason Miller Sat, 15 Nov 2008 01:27:39 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-124344 Perhaps try using a script, link or style tag to test - I don't think there are as many port restrictions for the HTTP Request methods used in those implementations. Perhaps try using a script, link or style tag to test – I don’t think there are as many port restrictions for the HTTP Request methods used in those implementations.

]]> By: Jason Miller http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-124343 Jason Miller Sat, 15 Nov 2008 01:25:56 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-124343 The port scanner cannot detect ports that are blocked by your browser. The only way you could scan ports like 25 and 443 would be to use a server-side proxy. The port scanner cannot detect ports that are blocked by your browser. The only way you could scan ports like 25 and 443 would be to use a server-side proxy.

]]> By: yvrelna http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-123953 yvrelna Tue, 07 Oct 2008 19:06:09 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-123953 Worse, I scanned port <code>jfivsdcd</code> and it's open... I wonder whether there is an alphabet port Worse, I scanned port jfivsdcd and it’s open… I wonder whether there is an alphabet port

]]> By: Laboratorios DragonJAR » Laboratorios: Hacking - Técnicas y contramedidas - Scanning IV http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-121736 Laboratorios DragonJAR » Laboratorios: Hacking - Técnicas y contramedidas - Scanning IV Tue, 13 May 2008 15:24:58 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-121736 [...] 39 - Escaneo de puertos abiertos Herramienta: JavaScript Port Scanner Prerequisitos:Ninguno Contramedidas: Firewalls Descripción: El recurso JavaScript Port [...] [...] 39 – Escaneo de puertos abiertos Herramienta: JavaScript Port Scanner Prerequisitos:Ninguno Contramedidas: Firewalls Descripción: El recurso JavaScript Port [...]

]]> By: willem http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-119067 willem Sat, 19 Apr 2008 17:12:01 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-119067 I've tested Firefox in safemode, but same result. Thanks anyway for your response :) I’ve tested Firefox in safemode, but same result. Thanks anyway for your response :)

]]> By: pdp http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-119052 pdp Sat, 19 Apr 2008 15:19:49 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-119052 hmm, not sure. It could be because of NoScript or any other plugin that you may have installed. However, I've already suggested that browser port-scanning is not extremely accurate. hmm, not sure. It could be because of NoScript or any other plugin that you may have installed. However, I’ve already suggested that browser port-scanning is not extremely accurate.

]]> By: willem http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-119050 willem Sat, 19 Apr 2008 15:07:43 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-119050 Hi Is it possible that some kind of protection is built in into Firefox to prevent JS portscanning? Whatever port I scan, I always get the answer open. Even with completly different hosts and timeout values. TIA Willem. Hi

Is it possible that some kind of protection is built in into Firefox to prevent JS portscanning? Whatever port I scan, I always get the answer open. Even with completly different hosts and timeout values.

TIA

Willem.

]]> By: pdp http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-117382 pdp Tue, 25 Mar 2008 12:10:15 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-117382 JavaScript port scanning is not very accurate as you can see :) but it does work in most of the cases. though, I haven't updated this code for a long time. also, adjust the timeout value as this is crucial in order to perform more accurate scans. moreover, <code>333333333333333333333333333</code> is kind of a big number. :) JavaScript port scanning is not very accurate as you can see :) but it does work in most of the cases. though, I haven’t updated this code for a long time. also, adjust the timeout value as this is crucial in order to perform more accurate scans. moreover, 333333333333333333333333333 is kind of a big number. :)

]]> By: thisiswrong http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-117377 thisiswrong Tue, 25 Mar 2008 10:44:40 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-117377 this is all wrong ........ i get <pre><code>www.gnucitizen.org:333333333333333333333333333 open</code></pre> how could this be possible..... this is all wrong …….. i get

http://www.gnucitizen.org:3333.....3333333333 open

how could this be possible…..

]]> By: Laboratorio: Hacking - Técnicas y contramedidas - Scanning IV | La Comunidad DragonJAR http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-89880 Laboratorio: Hacking - Técnicas y contramedidas - Scanning IV | La Comunidad DragonJAR Fri, 21 Dec 2007 20:35:26 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-89880 [...] 39 - Escaneo de puertos abiertos Herramienta: JavaScript Port Scanner Prerequisitos:Ninguno Contramedidas: Firewalls Descripción: El recurso JavaScript Port [...] [...] 39 – Escaneo de puertos abiertos Herramienta: JavaScript Port Scanner Prerequisitos:Ninguno Contramedidas: Firewalls Descripción: El recurso JavaScript Port [...]

]]> By: La Organización DragonJAR | Laboratorio: Hacking - Técnicas y contramedidas - Scanning IV http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-87986 La Organización DragonJAR | Laboratorio: Hacking - Técnicas y contramedidas - Scanning IV Mon, 17 Dec 2007 18:44:57 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-87986 [...] 39 - Escaneo de puertos abiertos Herramienta: JavaScript Port Scanner Prerequisitos:Ninguno Contramedidas: Firewalls Descripción: El recurso JavaScript Port [...] [...] 39 – Escaneo de puertos abiertos Herramienta: JavaScript Port Scanner Prerequisitos:Ninguno Contramedidas: Firewalls Descripción: El recurso JavaScript Port [...]

]]> By: pdp http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-44677 pdp Fri, 31 Aug 2007 09:31:01 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-44677 kwela, yes port scanning techniques with JavaScript are not as accurate as the traditional ones. However, by tunning the script a bit you may get more accurate results. Keep in mind that this is still a very experimental field. kwela, yes port scanning techniques with JavaScript are not as accurate as the traditional ones. However, by tunning the script a bit you may get more accurate results. Keep in mind that this is still a very experimental field.

]]> By: kwela http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-44394 kwela Thu, 30 Aug 2007 09:20:59 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-44394 it seems that port 25 is always open? it seems that port 25 is always open?

]]> By: pdp http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-31612 pdp Mon, 25 Jun 2007 15:00:02 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-31612 as I said above, you may need to tweak the timeout value. but yes, the portscanner is not very stable and I don't think that it will reach the desired level of stability as I am using the DOM to detect open ports. however, it works most of the time. :) as I said above, you may need to tweak the timeout value. but yes, the portscanner is not very stable and I don’t think that it will reach the desired level of stability as I am using the DOM to detect open ports. however, it works most of the time. :)

]]> By: lol http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-31588 lol Mon, 25 Jun 2007 12:41:50 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-31588 In IE6 that is. In IE6 that is.

]]> By: lol http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-31587 lol Mon, 25 Jun 2007 12:41:19 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-31587 It doesn't work properly, says everything is open....... It doesn’t work properly, says everything is open…….

]]> By: McGrew Security http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-6070 McGrew Security Mon, 05 Mar 2007 18:01:32 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-6070 [...] For the “old” technique, I used the code available from gnucitizen. This is, of course, limited, as Firefox won’t allow the HTTP connection to a low port, like 22. Here is a packet capture of how it looked when it hit the netcat listener: [...] [...] For the “old” technique, I used the code available from gnucitizen. This is, of course, limited, as Firefox won’t allow the HTTP connection to a low port, like 22. Here is a packet capture of how it looked when it hit the netcat listener: [...]

]]> By: Hired Hacker » Blog Archive » The web is broken. http://www.gnucitizen.org/blog/javascript-port-scanner/comment-page-1/#comment-5283 Hired Hacker » Blog Archive » The web is broken. Sun, 25 Feb 2007 05:31:27 +0000 http://www.gnucitizen.org/PHP-INF/wordpress/?p=20#comment-5283 [...] Scan and fingerprint your internal network.(1, 2) [...] [...] Scan and fingerprint your internal network.(1, 2) [...]

]]>