You're viewing a comment by Simon Stroh and its responses.

Simon Stroh Permalink
August 28, 2012, 22:38

Here's a pure bash version I came up with a while ago, abusing the timeout in read to wait less than a second while still only using bash builtins :)

function portscan() {
  for p in {0..65535};do((bash -c "(>/dev/tcp/$1/$p)" 2> /dev/null && echo open: $p)&read -t0.1;kill $! 2>/dev/null)2>/dev/null;done;
}

Comment Responses

August 30, 2012, 17:59

Good job!

I'll reformat this for better viewing:

function portscan() {
  for p in {0..65535}; do
    (
      (
         bash -c "(>/dev/tcp/$1/$p)" 2> /dev/null && echo open: $p
      ) &
      read -t0.1
      kill $! 2>/dev/null
    ) 2>/dev/null
  done
}
Keith Brown Permalink
August 30, 2012, 23:20

Please explain the use of the '&' outside of the subshell '( )' as opposed to within the subshell in the context of being within a script:

(
bash -c "(>/dev/tcp/$1/$p)" 2> /dev/null && echo open: $p
) &

instead of

(
bash -c "(>/dev/tcp/$1/$p)" 2> /dev/null && echo open: $p
& )

I have seen both on the web but never have seen an explanation of the difference.

Thanks

Reply To This Comment

(why do I need your e-mail?)

(Your twitter name, if you have one. (I'm @pkrumins, btw.))

Type the first letter of your name: (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.