Use C to write hack! -- Simple Scanner Implementation

 

It is a very basic application of WinSock. For the simple implementation of port scanners, I will make a summary based on the instructions in the book and my own understanding.
After finishing the detailed comments, share the comments with students who like the hack technology.
Environment: Windows XP
Tool: vc6.0

First, create a Win32-based console program. (I use top-down parsing code)

# Include <stdio. h> // no explanation ...... # Include <winsock2.h> // header file of the Winsock function # include <time. h> // the header file about the time function # pragma comment (Lib, "ws2_32.lib") // tell the compiler to connect to the clock_t start and end library file; // clock_t is just a long alias and defines two storage time start and end variables float costtime; // The time used to scan the port int main (INT argc, char * argv []) // main function with parameters. argc is the number of passed strings. * argv [] points to the string pointer Array {char host [20]; // store the destination host's IP address long startport and endport; // The port number starting and ending during storage scanning. The maximum port number is 65535, so long gets (host) is used ); // enter the target ID in dotted decimal format, because I did it at will and did not check for too rigorous scanf ("% lD, % lD", & startport, & endport ); // enter the start scan and end scan port number. // start to load a socket library. We recommend that you copy the following code without hitting it every time. It is actually quite fixed, I load the 1.1 version of word wversionrequested; wsadata; int err; wversionrequested = makeword (); err = wsastartup (wversionrequested, & wsadata); If (Err! = 0) return 0; If (lobyte (wsadata. wversion )! = 1 | hibyte (wsadata. wversion )! = 1) {wsacleanup (); Return 0;} // after loading, struct sockaddr_in ADDR; // a struct variable about the sock address int result; // identifier long lresult; ADDR. sin_family = af_inet; // address protocol family, which is generally set to af_inet ADDR. sin_addr.s_addr = inet_addr (host); // the IP address of the socket host, start = clock (); // start timing for (INT I = startport; I <endport; I ++) {S = socket (af_inet, sock_stream, 0); // create a socket and specify it as a TCP connection ADDR. sin_port = htons (I); // set the connection port number from the specified range. Result = connect (S, (struct sockaddr *) & ADDR, sizeof (ADDR )); // try to connect to the specified port number and retain the returned value if (result = 0) // determine whether the port can be connected to {printf ("% S % d \ n ", host, I); // print the enabled port to closesocket (s) on the screen; // close the socket} End = clock (); // costtime = (float) (end-Start)/clocks_per_sec; // convert the time format printf ("cost time: % F second", costtime ); // print the time consumed wsacleanup (); // exit cleaning}

 
This scanner is full, mainly because only one main thread is scanning. This provides an idea to determine whether the other port is enabled by constantly changing the port to establish a connection.

Wait for me to study and improve !!!!