Who Let The Dogs Out 🐾

Knockles - eBPF Port Knocking Tool 🚪🐝
#network
Knockles 🦔, is a port knocking tool based on eBPF 🐝. It allows you to remotely open a TCP connection while being completely invisible to port scanners.

A single SYN request is sent on an opened || closed port 📨 📫
It carries an OTP for authentication so you can be the only one to open a port 🔐
Once authentified, a random (HMAC based) port is opened for a TCP connection 🎲
Then, the port is closed as soon as a connection has been established 🚪

Server configuration

Modify the following macros/variables

./knockles/src/knockles.bpf.c

l.6:PORT: Port monitored for knocks [default: 80]

./knockles/src/knockles.c

l.16:HMAC_DURATION: Time between two different OTP (in seconds) [default: 30]
l.17:LISTENING_DURATION: Timeout of the opened port if no connection occurs (in seconds) [default: 30]
l.18:SECRET: HMAC secret key ⚠️ Don't forget to modify this variable ⚠️ [default: MY_SECRET_KEY]

https://github.com/eeriedusk/knockles

Like 6 Sep 2022 at 4:15 | Open on mastodon.ml