Port knocking / Remote Control without actual network interaction

Get help with using AutoHotkey and its commands and hotkeys
ahkfan
Posts: 16
Joined: 14 Feb 2018, 20:01

Port knocking / Remote Control without actual network interaction

14 Feb 2018, 20:39

Hello and sorry for my English.

Could you please help me with finding a way to execute some hardcoded command on remote computer (running a compiled AHK script), without making it to actually open a port to listen for incoming trigger. As I see on my firewall monitor (I use Outpost) windows clearly spots all incoming connections on closed ports, so there must be a way for AHK to catch it internally without actual interaction with network. For instance, I would like AHK to run a certain (preset) program when there was an attempt to connect to 10 different ports in some particular order within one second.

The reason for that approach is that I don't think it's a good idea for a home computer to make potentially vulnerable app (such as AHK or any other) to be constantly exposed to the wilderness of the internet.

On Linux there are a lot of nice Port knocking servers which do things that I described, but on windows there are only few fishy apps from sourceforge, that I would like to avoid.

I tried to find the existing AHK solution within the community but I believe that at the moment there is nothing that fits my request. Thank you.
User avatar
noname
Posts: 509
Joined: 19 Nov 2013, 09:15

Re: Port knocking / Remote Control without actual network interaction

15 Feb 2018, 08:38

By coincidence evilC just mentioned a way to have a trigger on a lan PC by using a shared folder.If you have file/printer sharing enabled it seems a nice way to do it!

https://autohotkey.com/boards/viewtopic.php?f=5&t=44257
soundcloud.com/user-32706894
ahkfan
Posts: 16
Joined: 14 Feb 2018, 20:01

Re: Port knocking / Remote Control without actual network interaction

15 Feb 2018, 12:08

Thank you for the answer. I'll try to make it work for my case and share a code here if I get positive result (I'm not a programmer though) .

However, there was huge Windows SMB (file/printer sharing) vulnerability revealed recently (aka WannaCry), and some researches say that Microsoft didn't actually closed it for good, due to their will to keep compatibility with older systems. Also, in my case computers are not in the same lan, so knocking should be done via regular internet.

And just a thought - may be there is some kind of interaction with some closed ports on windows that causes error log recording, which should be easily accessible for AHK. Any ideas on that?

Return to “Ask For Help”

Who is online

Users browsing this forum: Babazule, Bing [Bot], boiler, HarryClash, JackMa, prakashG and 123 guests