2025-07-21: We have updated our Privacy Policy. Thanks to Vietnamese blackhat SEO wannabe DDoS:ing forums with Russian malware developed by Aleksandr Ryanchenko (Александр Рябченко) aka Alexandru Robu for automatic registrations and spam posts, this forum is now manually moderated to ban clueless script kiddies.

Holland America WiFi: Open TCP Ports in Cruise Ships (HAL)

Various posts that do not fit in any other category
s
Posts: 382
Joined: 2017-7-5 09:58

Post by s » 2025-12-9 08:03

I had no WiFi package and was using the the free WiFi connection to find out which TCP ports are accessible on Holland American (HAL) cruise ship Zaandam on October 2025. Free WiFi allows connections to some trash medias, travel related websites and Google. You can trick Poople AI to fetch and show you most of the blocked content to circumvent the paywall.
Holland America WiFi: Open TCP Ports in Cruise Ships (HAL) The following TCP ports were open:

Code: Select all

80,443,5000,5222,5223,5224,5228,5229,8080,12121
However, accessing an open port is not enough. There is a Deep Packet Inspection (DPI) in place which cuts the connection immediately when it detects for example VPN or SSH headers. I tried only those two. The same system is used for filtering web traffic. There seems to be some kind of whitelist of allowed words in host names in http headers that decide whether to cut the connection immediately or let it continue. Domain names with words like "travel" and "hotel" are more likely to get through the free WiFi. For example this website was accessible https://www.windhoekhostel.com/ while this was not https://www.555scooters.com/ .

I wrote the following shell script to check the open TCP ports while you are on a cruise:

Code: Select all

#!/bin/bash

# 0 check TCP, 1 check UDP
NOUDP=0
# first port to check, min 1
START="480"
# last port to check, max 65535
END="65535"
# server used for checking open ports
TARGET="portquiz.net"
# TARGET="35.180.139.74"
#internal
FIRSTFOUND=0
FOUNDPORTS="Open ports:"
SPINNER=("|" "/" "-" "\\")

echo "Warning: the total runtime for a full port scan is 18 hours, 12 minutes, and 14 seconds."
echo "Checking ports $START-$END for accessibility using $TARGET:"

printresults() {
    echo "Checked ports: $START-$PORT"
    if [ "$FIRSTFOUND" -eq 0 ]; then
       echo "$FOUNDPORTS none"
    else
       echo "$FOUNDPORTS"
    fi
}

interrupt() {
    echo ""
    echo "Scan interrupted."
    printresults
    kill "$CHILD_PID" >/dev/null 2>&1
    exit 1
}

# Ctrl+C
trap 'interrupt' SIGINT SIGTERM SIGHUP

PORT=$START
while [ "$PORT" -le "$END" ]; do
# for PORT in $(eval echo "{$START..$END}"); do
    echo -n -e "${SPINNER[$i]} $PORT\r"
    i=$(( (i+1) % ${#SPINNER[@]} ))

    if [ "$NOUDP" -eq 0 ]; then
        PARAMS="-z -G 1"
    else
        PARAMS="-u -z"
    fi

    nc=$(nc $PARAMS "$TARGET" "$PORT" 2>&1)

    # test if host name can be resolved first as nc requires that
    HOSTERRORMESSAGE=$(host -W 1 "$TARGET" 2>&1)
    if [ $? -ne 0 ]; then
        echo "ERROR: $TARGET $HOSTERRORMESSAGE."
    	printresults
    	echo "Scan interrupted. Check your internet connection and try again."
        exit 1
    fi

    if [[ -n "$nc" ]]; then
        if [ "$FIRSTFOUND" -eq 0 ]; then
            FOUNDPORTS="$FOUNDPORTS $PORT"
    	    FIRSTFOUND=1
        else
            FOUNDPORTS="$FOUNDPORTS, $PORT"
        fi
        echo "✅ $nc"
    fi
    PORT=$((PORT + 1))
done

echo "Done. $FOUNDPORTS"
It is hereby released in the Public Domain.

Another possibility is using the ships TV network. There is an RJ45-cable in each cabin going to the TV which you can attach to your laptop. However, there is no direct internet connection and access would require cracking or stealing passwords.

TVs are locked to fetch all data from ships network. Even the HDMI port is disabled, but you could probably get that opened by bringing your own LG remote controller as they may have implemented the lock by modifying remote controllers.

Happy hacking,

Santeri


Top

Return to “Miscellaneous”