Port 2.1 scanner,

Source: Internet
Author: User

Port 2.1 scanner,

Content: port scanner-script call parameters, multi-thread scanning, and Nmap port scanning code

Environment: python + kali, target: win2003
Written in five steps
############## 1. script call Parameters

import optparseparser = optparse.OptionParser('usage %prog -H <target host> -p <target port>')parser.add_option('-H', dest='tgtHost', type='string', help='specify target host')parser.add_option('-p', dest='tgtPort', type='int', help='specify target port')(options, args) = parser.parse_args()tgtHost = options.tgtHosttgtPort = options.tgtPortif tgtHost == None | tgtPort == None:    print(parser.usage)    exit(0)
View Code

############### 2. Generate connScan and portScan Functions

from socket import *def connScan(tgtHost, tgtPort):    try:        connSkt = socket(AF_INET, SOCK_STREAM)        connSkt.connect((tgtHost, tgtPort))        print('[+] %d/tcp open' % tgtPort)        connSkt.close()    except:        print('[-] %d/tcp close' % tgtPort)def portScan(tgtHost, tgtPorts):    try:        tgtIP = gethostbyname(tgtHost)    except:        print('[-] Cannot resolve %s:Unknown host' % tgtHost)        return    try:        tgtName = gethostbyaddr(tgtIP)        print('[+] Scan Results for: ' + tgtName)    except:        print('[+] Scan Results for: ' + tgtIP)    setdefaulttimeout(1)    for tgtPort in tgtPorts:        print('Scanning port:' + tgtPort)        connScan(tgtHost, int(tgtPort))
View Code

################ 3. Capture the Banner of an application
Add new code in the connScan function. Find the open port and send a string to wait for response.

 1 import optparse 2 from socket import * 3  4 def connScan(tgtHost, tgtPort): 5     try: 6         connSkt = socket(AF_INET, SOCK_STREAM) 7         connSkt.connect((tgtHost, tgtPort)) 8         connSkt.send('ViolentPython\r\n') 9         results = connSkt.recv(100)10         print('[+] %d/tcp open' % tgtPort)11         #print('[+] retult' , str(results))12         connSkt.close()13     except:14         print('[-] %d/tcp close' % tgtPort)15 16 def portScan(tgtHost, tgtPorts):17     try:18         tgtIP = gethostbyname(tgtHost)19     except:20         print('[-] Cannot resolve %s:Unknown host' % tgtHost)21         return22     try:23         tgtName = gethostbyaddr(tgtIP)24         print('[+] Scan Results for: ' + tgtName)25     except:26         print('[+] Scan Results for: ' + tgtIP)27     setdefaulttimeout(1)28     for tgtPort in tgtPorts:29         print('Scanning port:' + tgtPort)30         connScan(tgtHost, int(tgtPort))31         32 def main():33     parser = optparse.OptionParser('usage %prog -H <target host> -p <target port>')34     parser.add_option('-H', dest='tgtHost', type='string', help='specify target host')35     parser.add_option('-p', dest='tgtPort', type='string', help='specify target port')36     (options, args) = parser.parse_args()37     tgtHost = options.tgtHost38     tgtPort = options.tgtPort39     tgtPorts = str(tgtPort).split(',')40     if tgtHost == None or tgtPort== None:41         print(parser.usage)42         print('[-] you must specify a target host and port[s]')43         exit(0)44     portScan(tgtHost,tgtPorts)    45 46 if __name__ == '__main__':47     main()
View Code

It can be executed by calling a script.
Command executed on the terminal: root @ HuaHong :~ /Python_hacker/chap2/port scanner # python port_scanner.py-H 192.168.10.142-p 80, 21

Note that the comma is not Chinese. Many people will pay attention to it. Of course, some people do not pay attention to it.
Or the python code should be consistent with the code here. I think it is enough to use a comma.

#################### 4. Thread Scanning

 1 import optparse 2  3 from socket import * 4 from threading import Thread,Semaphore 5  6 screenLock = Semaphore(1) 7 def connScan(tgtHost, tgtPort): 8     try: 9         connSkt = socket(AF_INET, SOCK_STREAM)10         connSkt.connect((tgtHost, tgtPort))11         connSkt.send('ViolentPython\r\n')12         results = connSkt.recv(100)13         screenLock.acquire()14         print('[+] %d/tcp open' % tgtPort)15         print('[+] retult' , str(results))16         connSkt.close()17     except:18         screenLock.acquire()19         print('[-] %d/tcp close' % tgtPort)20     finally:21         screenLock.release()22         connSkt.close()23 24 def portScan(tgtHost, tgtPorts):25     try:26         tgtIP = gethostbyname(tgtHost)27     except:28         print('[-] Cannot resolve %s:Unknown host' % tgtHost)29         return30     try:31         tgtName = gethostbyaddr(tgtIP)32         print('[+] Scan Results for: ' + tgtName)33     except:34         print('[+] Scan Results for: ' + tgtIP)35     setdefaulttimeout(1)36     for tgtPort in tgtPorts:37         # print('Scanning port:' + tgtPort)38         # connScan(tgtHost, int(tgtPort))39         t = Thread(target=connScan, args=(tgtHost,int(tgtPort)))40         t.start()41         42 def main():43     parser = optparse.OptionParser('usage %prog -H <target host> -p <target port>')44     parser.add_option('-H', dest='tgtHost', type='string', help='specify target host')45     parser.add_option('-p', dest='tgtPort', type='string', help='specify target port')46     (options, args) = parser.parse_args()47     tgtHost = options.tgtHost48     tgtPort = options.tgtPort49     tgtPorts = str(tgtPort).split(',')50     if tgtHost == None or tgtPorts[0] == None:51         print(parser.usage)52         print('[-] you must specify a target host and port[s]')53         exit(0)54     portScan(tgtHost,tgtPorts)    55 56 if __name__ == '__main__':57     main()
View Code

Multi-threaded scanning increases the speed and semaphores are added.
Import before using semaphores
Test Results

 

######################## 5. Use the Nmap port to scan the code
Install python-Nmap before using nmap

My computer kali has it by default.

 1 # __author: _nbloser 2 # date: 18-3-16 3  4 import nmap 5 import optparse 6  7  8 def nmapScan(tgtHost, tgtPort): 9     nmScan = nmap.PortScanner()10     nmScan.scan(tgtHost, tgtPort)11     state = nmScan[tgtHost]['tcp'][int(tgtPort)]['state']12     print("[*]" + tgtHost + " tcp/" + tgtPort + ' ' + state)13 14 def main():15     parser = optparse.OptionParser('usage %prog -H <target host> -p <target port>')16     parser.add_option('-H', dest='tgtHost', type='string', help='specify target host')17     parser.add_option('-p', dest='tgtPort', type='string', help='specify target port')18     (options, args) = parser.parse_args()19     tgtHost = options.tgtHost20     tgtPort = options.tgtPort21     tgtPorts = str(tgtPort).split(',')22     if tgtHost == None or tgtPorts[0] == None:23         print(parser.usage)24         print('[-] you must specify a target host and port[s]')25         exit(0)26     for tgtPort in tgtPorts:27         nmapScan(tgtHost, tgtPort)28 29 30 if __name__ == '__main__':31     main()
View Code

The execution result is slow.

Nmap core code:

def nmapScan(tgtHost, tgtPort):    nmScan = nmap.PortScanner()    nmScan.scan(tgtHost, tgtPort)    state = nmScan[tgtHost]['tcp'][int(tgtPort)]['state']    print("[*]" + tgtHost + " tcp/" + tgtPort + ' ' + state)

Step: 1) obtain the corresponding scan object
2) scan
3) get results

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.