Description: Check to see if the default Meterpreter port is open using osquery.
SQL:
SELECT * FROM process_open_sockets WHERE remote_port = 4444;Operating Systems: Windows, Linux, Apple, FreeBSD
Reference:
- https://raw.githubusercontent.com/puffyCid/osquery-packs/master/windows/metasploit.conf
- Port 4444 (tcp/udp) :: SpeedGuide