-
Notifications
You must be signed in to change notification settings - Fork 2
/
portscan.py
120 lines (100 loc) · 2.54 KB
/
portscan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
import getopt
import sys
import random
import uuid
import socket
from socket import *
arg_dict = {}
port_list = []
def getarg(argv):
try:
options,args = getopt.getopt(argv,"hi:p:m:o:l:",["help","ip=","port=","method=","output=","log="])
except getopt.GetoptError:
sys.exit()
for option,value in options:
if option in ("-h","--help"):
print "[*]Usage:python scan.py [-i||--ip] host_addr [-p||--port] host_port [-o||--output] outputpath [-l||--log] logpath"
if option in ("-i","--ip"):
arg_dict["ip"] = format(value)
if option in ("-p","--port"):
arg_dict["port"] = format(value)
if option in ("-m","--method"):
arg_dict["method"] = format(value)
if option in ("-o","--output"):
arg_dict["output"] = format(value)
if option in ("-l","--log"):
arg_dict["log"] = format(value)
print arg_dict
def ackscan(host,port_list):
for port in port_list:
try:
conn = socket(AF_INET,SOCK_STREAM)
conn.connect((host,port))
conn.send("scan\r\n")
response = conn.recv(100)
print '[*]%d/tcp open'% port,str(response)
conn.close()
except:
print '[*]%d/tcp close'% port
def synscan(host,port_list):
for port in port_list:
try:
i = IP()
t = TCP()
pkg = (i/t)
pkg[IP].dst = host
pkg[TCP].dport = port
pkg[TCP].flags = "S"
res = sr1(pkg,timeout = 2)
if res.flags == 0x12:
print '[*]%d/tcp open'% port
else:
print '[*]%d/tcp close'% port
def finscan(host,port_list):
for port in port_list:
try:
i = IP()
t = TCP()
pkg = (i/t)
pkg[IP].dst = host
pkg[TCP].dport = port
pkg[TCP].flags = "F"
res = sr1(pkg,timeout = 2)
if res.flags == 0x14:
print '[*]%d/tcp close'% port
else:
print '[*]%d/tcp open'% port
def nullscan(host,port_list):
for port in port_list:
try:
i = IP()
t = TCP()
pkg = (i/t)
pkg[IP].dst = host
pkg[TCP].dport = port
pkg[TCP].flags = ""
res = sr1(pkg,timeout = 2)
if res.flags == 0x14:
print '[*]%d/tcp close'% port
else:
print '[*]%d/tcp open'% port
if __name__ == '__main__':
getarg(sys.argv[1:])
host = arg_dict["host"]
if "," in arg_dict["port"]:
tmp_list = arg_dict["port"].split(",")
for i in tmp_list:
if "-" in i:
tmp2_list = i.split("-")
for j in tmp2_list:
port_list.append(j)
else:
port_list.append(i)
if "ack||ACK" in arg_dict["method"]:
ackscan(host,port_list)
if "syn||SYN" in arg_dict["method"]:
ackscan(host,port_list)
if "fin||FIN" in arg_dict["method"]:
ackscan(host,port_list)
if "null|NULL" in arg_dict["method"]:
ackscan(host,port_list)