Port Knocking with Knockd and Knock for National Cyber League (NCL)

From Wikipedia “In computer networking, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s).”[1]

Install the Knockd Service and Client

sudo apt-get install knockd

A challenge may include using knock client and the default knockd sequence to open a new port(s). It is recommended that you scan the client namp -sV -p- -T5 [ipaddress]. This will show the current open port(s) and service/version information. Try the knocked default sequence knock -v [ipaddress] 7000 8000 9000.

There will be no immediate indication that a port has opened after knocking, as you will have to re-scan and compare to find the new open port. More than likely there is a time limit on how long the new port will stay open and available for access.

PROTIP: You may have to use “wget” to extract the flag. The command wget --no-check-certficate https://webaddress:port might extract the page hosted on the open port.

KnockdEfault Evaluator v1.1 – knock-knock

The two tools in this package are and The first of these is a scanner to identify default configs and the latter is a utility to interact with identified vulnerable services.[2]

root@kali:~# git clone
root@kali:~# cd knock-knock/
root@kali:~# ./
root@kali:~# ./


Web Citations:

No comments yet.

Leave a Reply