The method of TCP port scanning implemented by ASP

This article describes in detail about ASP implementation TCP port scanning method article topic.

With ASP for a long time, you will feel a very depressing place: ASP does not like other scripting languages to access the socket. So perhaps you have used PHP, Perl and other implementation of port scanners, but have not seen the ASP. Hey, so today the purpose of this article is to use the "curve to save the nation" strategy to achieve the ASP port scanner. Only for enjoy!

The so-called curve, hehe, of course, is the use of other access to the network components, then the ASP what components can access the network?

The first one is easy to think of, yes, is XMLHTTP. This component accesses the network as an HTTP protocol and can be used as a port scan, of course. But there is a difficult problem to solve: If a port is open and is not an HTTP port, then XMLHTTP will be suspended, persistent waiting to return the HTTP data. The scan is not going to go on. Had to rule out this "curve".

The second component is what we want to use, hey, very common Oh, the server has, that is adodb.connection. This component is used for database connections. When the database is MSSQL, the WEB server accesses SQL Server 1433 ports ... Yes, here it is, as long as we change the port number and then we can determine the status of the port based on the error description returned.

The following is an example of a common string of MSSQL strings:

Provider=SQLOLEDB.1;Data source=127.0.0.1; User Id=sa; password=;

By default, the lower port is 1433, and the following is an example of your own definition of a port of 1444:

Provider=SQLOLEDB.1;Data source=127.0.0.1,1444; User Id=sa; password=;

Depending on the state of the port, you will get several results:

Port open and non-SQL Port · [ConnectionOpen (PreLoginHandshake ()).] General network error. Please check your network documentation.

Port open and SQL Port • Do not return error (user name password is correct) or user ' sa ' Login failed (username password incorrect)

Port shutdown · [ConnectionOpen (Connect ()).] SQL Server does not exist or is denied access

Oh, now it's good to do, just to judge the error.description on the finish. In order to improve the speed of scanning, you need to set the ConnectionTimeout property of connection to 1, nonsense, oh, the specific look at the code is.

After testing, the Lake2 version of the ASP port scanner speed is generally equivalent to a single thread of the scanner. But because of its scripting features, Webshell may be more valuable than other types of scanners, ^_^

Click here to download the source file