initial concept of the script
This commit is contained in:
@@ -0,0 +1,87 @@
|
|||||||
|
"""
|
||||||
|
Random port generator that skips common / less‑secure ports.
|
||||||
|
"""
|
||||||
|
|
||||||
|
import random
|
||||||
|
import socket
|
||||||
|
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
# 1. Build a set of excluded ports
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
|
||||||
|
EXCLUDED_PORTS = {
|
||||||
|
# 0–1023 (well‑known)
|
||||||
|
*range(0, 1024),
|
||||||
|
|
||||||
|
# Common web / admin
|
||||||
|
80, 443, 8080, 8000, 5000, 5001,
|
||||||
|
|
||||||
|
# Common database / cache
|
||||||
|
3306, 5432, 6379, 27017, 11211, 11212,
|
||||||
|
|
||||||
|
# Common mail / DNS / SNMP
|
||||||
|
25, 110, 143, 53, 162, 389, 636, 995, 993,
|
||||||
|
|
||||||
|
# Remote‑shell & file transfer
|
||||||
|
22, 23, 21, 3389, 5900, 5901, 5902,
|
||||||
|
|
||||||
|
# SMB / NetBIOS
|
||||||
|
139, 445,
|
||||||
|
|
||||||
|
# Dynamic “ephemeral” ports that are often abused
|
||||||
|
*range(49152, 49163), # 49152‑49162
|
||||||
|
5000, 5001, 5002, 5003, 5004, 5005,
|
||||||
|
6000, 6001, 6002, 6003,
|
||||||
|
}
|
||||||
|
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
# 2. Helper to check whether a port is free on the local machine
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
def is_port_in_use(port: int, host: str = "0.0.0.0") -> bool:
|
||||||
|
"""Return True if any socket is listening on `port`."""
|
||||||
|
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
|
||||||
|
s.settimeout(0.1)
|
||||||
|
try:
|
||||||
|
s.bind((host, port))
|
||||||
|
return False
|
||||||
|
except (OSError, socket.error):
|
||||||
|
return True
|
||||||
|
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
# 3. Random‑port generator
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
def random_secure_port(
|
||||||
|
*,
|
||||||
|
min_port: int = 1024,
|
||||||
|
max_port: int = 65535,
|
||||||
|
max_tries: int = 1000,
|
||||||
|
check_in_use: bool = True,
|
||||||
|
) -> int:
|
||||||
|
"""
|
||||||
|
Return a random port number that is:
|
||||||
|
* >= min_port and <= max_port
|
||||||
|
* not in EXCLUDED_PORTS
|
||||||
|
* optionally not currently in use (if check_in_use=True)
|
||||||
|
|
||||||
|
Raises RuntimeError if it cannot find a suitable port after `max_tries`.
|
||||||
|
"""
|
||||||
|
rng = random.SystemRandom() # cryptographically stronger RNG
|
||||||
|
|
||||||
|
for _ in range(max_tries):
|
||||||
|
candidate = rng.randint(min_port, max_port)
|
||||||
|
if candidate in EXCLUDED_PORTS:
|
||||||
|
continue
|
||||||
|
if check_in_use and is_port_in_use(candidate):
|
||||||
|
continue
|
||||||
|
return candidate
|
||||||
|
|
||||||
|
raise RuntimeError(
|
||||||
|
f"Could not find an unused port after {max_tries} attempts."
|
||||||
|
)
|
||||||
|
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
# 4. Example usage
|
||||||
|
# ------------------------------------------------------------
|
||||||
|
if __name__ == "__main__":
|
||||||
|
port = random_secure_port()
|
||||||
|
print(f"Generated secure random port: {port}")
|
||||||
Reference in New Issue
Block a user