python---项目5-TCP单线程扫描器与TCP多线程TCP扫描器(公网/局域网IP与域名)、Nmap扫描器(局域网/公网)

最新推荐文章于 2024-08-17 17:14:05 发布
最新推荐文章于 2024-08-17 17:14:05 发布
阅读量1.6k 收藏 1
点赞数
分类专栏: pyhton开发 文章标签: python TCP单线程扫描 TCP多线程扫描 Nmap模块扫描
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xwbk12/article/details/78880174
版权

python—项目5-TCP扫描器与多线程TCP扫描器(公网/内网IP与域名)

一、TCP扫描器单线程

TCP全连接扫描、抓取应用的Banner

1、环境与源码
这里写图片描述

root@kali:~# cd /root/python/anquangongji/
root@kali:~/python/anquangongji# clear
root@kali:~/python/anquangongji# ls
creakzipfile.py    pingip_false.txt  portscanner.py    scanhostsingalport.py  vulnbanners.txt
dictionaryzip.txt  pingip_true.txt   scanftpbanner.py  test.zip

root@kali:~/python/anquangongji# vi portscanner.py 
root@kali:~/python/anquangongji# 
root@kali:~/python/anquangongji# cat portscanner.py 
#!/usr/bin/python
# --*-- coding:utf-8 --*--

import optparse
import socket
from socket import *

def connScan(tgtHost,tgtPort):#在connScan()函数中,socket方法中有两个参数AF_INET和SOCK_STREAM,分别表示使用IPv4地址和TCP流,这两个参数是默认的
    try:
        connSkt = socket(AF_INET,SOCK_STREAM)
        connSkt.connect((tgtHost,tgtPort))
        connSkt.send("ViolentPython\r\n")
        result = connSkt.recv(100)
        print "[+] %d/tcp open"%tgtPort
        print "[+] " + str(result)
        connSkt.close()
    except:
        print "[+] %d/tcp close"%tgtPort

def portScan(tgtHost,tgtPorts):
    try:
        tgtIP = gethostbyname(tgtHost)#从主机名获取IP,若获取不了则解析IP失败程序结束
    except:
        print "[+] Cannot resolve '%s' : Unkown host "%tgtHost
        return

    try:
        tgtName = gethostbyadd(tgtIP)#从IP获取主机名相关信息,若获取成功则输出列表的第一项主机名否则直接输出IP,接着遍历端口调用connScan()函数进行端口扫描
        print "\n[+] Scan Results for: " + tgtName[0]
    except:
        print "\n[+] Scan Results for: " + tgtIP

    setdefaulttimeout(1)

    for tgtPort in tgtPorts:
        print "Scanning port " + tgtPort
        connScan(tgtHost,int(tgtPort))#遍历端口调用connScan()函数进行端口扫描

def main():
    #用法:python portscannerthread.py -H 192.168.40.239 -p 21,22,25,110,80,8080,443,145
    parser = optparse.OptionParser("[*] Usage : ./portscanner.py -H <target host> -p <target port>")
    parser.add_option("-H",dest="tgtHost",type="string",help="specify target host")
    parser.add_option("-p",dest="tgtPort",type="string",help="specify target port[s]")
    (options,args) = parser.parse_args()
    tgtHost = options.tgtHost
    tgtPorts = str(options.tgtPort).split(",")
    if (tgtHost == None) | (tgtPorts[0] == None):
        print parse.usage
        exit(0)
    portScan(tgtHost,tgtPorts)

if __name__ == "__main__":
    main()

root@kali:~/python/anquangongji#

2、脚本的运行情况

这段代码实现了命令行参数输入,需要用户输入主机IP和扫描的端口号,其中多个端口号之间可以用,号分割开;若参数输入不为空时(注意检测端口参数列表不为空即检测至少存在第一个值不为空即可)则调用函数进行端口扫描;在portScan()函数中先尝试调用gethostbyname()来从主机名获取IP,若获取不了则解析IP失败程序结束,若成功则继续尝试调用gethostbyaddr()从IP获取主机名相关信息,若获取成功则输出列表的第一项主机名否则直接输出IP,接着遍历端口调用connScan()函数进行端口扫描;在connScan()函数中,socket方法中有两个参数AF_INET和SOCK_STREAM,分别表示使用IPv4地址和TCP流,这两个参数是默认的,在上一章的代码中没有添加但是默认是这两个参数,其余的代码和之前的差不多了。

注意一个小问题就是,设置命令行参数的时候,是已经默认添加了-h和–help参数来提示参数信息的,如果在host参数使用-h的话就会出现错误,因而要改为用大写的H即书上的“-H”即可。

运行结果:root@kali:~/python/anquangongji# python portscanner.py -H 192.168.40.239 -p 21,22,80,8080,433,145

[+] Scan Results for: 192.168.40.239
Scanning port 21
[+] 21/tcp open
[+] 220 you are welcome!! go to miniftp!!
530 Please login with USER and PASS.

Scanning port 22
[+] 22/tcp close
Scanning port 80
[+] 80/tcp open
[+] HTTP/1.1 400 Bad Request
Date: Sat, 23 Dec 2017 07:24:27 GMT
Server: Apache/2.4.23 (Win32) OpenSSL
Scanning port 8080
[+] 8080/tcp open
[+] HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
Date: Sat, 23 Dec 2
Scanning port 433
[+] 433/tcp close
Scanning port 145
[+] 145/tcp close
root@kali:~/python/anquangongji#

3、单线程逐个扫描JD商城、163、qq域名的端口开放的情况

root@kali:~/python/anquangongji# python portscanner.py -H www.qq.com -p 137,136,21,22,25,110,80,8080,443,145

[+] Scan Results for: 14.17.42.40
Scanning port 137
[+] 137/tcp close
Scanning port 136
[+] 136/tcp close
Scanning port 21
[+] 21/tcp close
Scanning port 22
[+] 22/tcp close
Scanning port 25
[+] 25/tcp close
Scanning port 110
[+] 110/tcp close
Scanning port 80
[+] 80/tcp open
[+] HTTP/1.1 400 Bad Request
Server: squid/3.5.24
Date: Sat, 23 Dec 2017 08:02:58 GMT
Content-Type: t
Scanning port 8080
[+] 8080/tcp close
Scanning port 443
[+] 443/tcp close
Scanning port 145
[+] 145/tcp close
root@kali:~/python/anquangongji# python portscanner.py -H www.jd.com -p 137,136,21,22,25,110,80,8080,443,145

[+] Scan Results for: 183.56.147.1
Scanning port 137
[+] 137/tcp close
Scanning port 136
[+] 136/tcp close
Scanning port 21
[+] 21/tcp close
Scanning port 22
[+] 22/tcp close
Scanning port 25
[+] 25/tcp close
Scanning port 110
[+] 110/tcp close
Scanning port 80
[+] 80/tcp open
[+] HTTP/1.1 302 Moved Temporarily
Server: JDWS/2.0
Date: Sat, 23 Dec 2017 08:03:14 GMT
Content-Type:
Scanning port 8080
[+] 8080/tcp close
Scanning port 443
[+] 443/tcp open
[+] HTTP/1.1 302 Moved Temporarily
Server: JDWS/2.0
Date: Sat, 23 Dec 2017 08:03:15 GMT
Content-Type:
Scanning port 145
[+] 145/tcp close
root@kali:~/python/anquangongji# python portscanner.py -H www.163.com -p 137,136,21,22,25,110,80,8080,443,145

[+] Scan Results for: 14.18.201.47
Scanning port 137
[+] 137/tcp close
Scanning port 136
[+] 136/tcp close
Scanning port 21
[+] 21/tcp close
Scanning port 22
[+] 22/tcp close
Scanning port 25
[+] 25/tcp close
Scanning port 110
[+] 110/tcp close
Scanning port 80
[+] 80/tcp open
[+] HTTP/1.0 502 Bad Gateway
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<ht
Scanning port 8080
[+] 8080/tcp open
[+] <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd
Scanning port 443
[+] 443/tcp close
Scanning port 145
[+] 145/tcp close
root@kali:~/python/anquangongji#

二、多线程TCP扫描器

1、环境与源码
这里写图片描述

线程扫描
将上一小节单线程端口扫描器的代码修改一下,添加线程实现,同时为了让一个函数获得完整的屏幕控制权,这里使用一个信号量semaphore,它能够阻止其他线程运行而避免出现多线程同时输出造成的乱码和失序等情况。在打印输出前带调用screenLock.acquire()函数执行一个加锁操作,若信号量还没被锁定则线程有权继续运行并输出打印到屏幕上,若信号量被锁定则只能等待直到信号量被释放。

root@kali:~/python/anquangongji# clear
root@kali:~/python/anquangongji# ls
creakzipfile.py    pingip_false.txt  portscanner.py        scanftpbanner.py       test.zip
dictionaryzip.txt  pingip_true.txt   portscannerthread.py  scanhostsingalport.py  vulnbanners.txt
root@kali:~/python/anquangongji# cat portscannerthread.py 
#!/usr/bin/python
# --*-- coding:utf-8 --*--

import optparse
import socket
from socket import *
from threading import *

#定义一个信号量
screenLock = Semaphore(value=1)

def connScan(tgtHost,tgtPort):#在connScan()函数中,socket方法中有两个参数AF_INET和SOCK_STREAM,分别表示使用IPv4地址和TCP流,这两个参数是默认的
    try:
        connSkt = socket(AF_INET,SOCK_STREAM)
        connSkt.connect((tgtHost,tgtPort))
        connSkt.send("ViolentPython\r\n")
        result = connSkt.recv(100)

        #执行一个加锁操作
        screenLock.acquire()

        print "[+] %d/tcp open"%tgtPort
        print "[+] " + str(result)
    except:
        #执行一个加锁操作
        screenLock.acquire()
        print "[+] %d/tcp closed"%tgtPort
    finally:
        #执行释放锁的操作,同时将socket的连接在其后关闭
        screenLock.release()
        connSkt.close()

def portScan(tgtHost,tgtPorts):
    try:
        tgtIP = gethostbyname(tgtHost)#从主机名获取IP,若获取不了则解析IP失败程序结束
    except:
        print "[+] Cannot resolve '%s' : Unkown host "%tgtHost
        return

    try:
        tgtName = gethostbyadd(tgtIP)#从IP获取主机名相关信息,若获取成功则输出列表的第一项主机名否则直接输出IP,接着遍历端口调用connScan()函数进行端口扫描
        print "\n[+] Scan Results for: " + tgtName[0]
    except:
        print "\n[+] Scan Results for: " + tgtIP

    setdefaulttimeout(1)

    for tgtPort in tgtPorts:
        t = Thread(target=connScan,args=(tgtHost,int(tgtPort)))
        t.start()

def main():
    #用法:python portscanner.py -H 192.168.40.239 -p 21,22,80,8080,433,145
    parser = optparse.OptionParser("[*] Usage : ./portscanner.py -H <target host> -p <target port>")
    parser.add_option("-H",dest="tgtHost",type="string",help="specify target host")
    parser.add_option("-p",dest="tgtPort",type="string",help="specify target port[s]")
    (options,args) = parser.parse_args()
    tgtHost = options.tgtHost
    tgtPorts = str(options.tgtPort).split(",")
    if (tgtHost == None) | (tgtPorts[0] == None):
        print parse.usage
        exit(0)
    portScan(tgtHost,tgtPorts)

if __name__ == "__main__":
    main()

root@kali:~/python/anquangongji#

2、脚本运行情况

root@kali:~/python/anquangongji# python portscannerthread.py -H 192.168.40.239 -p 21,22,25,110,80,8080,443,145

[+] Scan Results for: 192.168.40.239
[+] 25/tcp closed
[+] 110/tcp closed
[+] 443/tcp closed
[+] 80/tcp open
[+] HTTP/1.1 400 Bad Request
Date: Sat, 23 Dec 2017 07:49:30 GMT
Server: Apache/2.4.23 (Win32) OpenSSL
[+] 8080/tcp open
[+] HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
Date: Sat, 23 Dec 2
[+] 145/tcp closed
[+] 21/tcp open
[+] 220 you are welcome!! go to miniftp!!

[+] 22/tcp open
[+] SSH-2.0-OpenSSH_7.1

root@kali:~/python/anquangongji#

从结果可以看到,使用多线程之后端口的扫描并不是按输入的顺序进行的了,而是同时进行,但是因为有信号量实现加锁等操作所以输出的结果并没有出现乱码等情况。

3、多线程同时扫描JD商城、163、qq域名的端口开放的情况

root@kali:~/python/anquangongji# python portscannerthread.py -H 183.56.147.1 -p 137,136,21,22,25,110,80,8080,443,145

[+] Scan Results for: 183.56.147.1
[+] 80/tcp open
[+] HTTP/1.1 302 Moved Temporarily
Server: JDWS/2.0
Date: Sat, 23 Dec 2017 07:57:46 GMT
Content-Type:
[+] 443/tcp open
[+] HTTP/1.1 302 Moved Temporarily
Server: JDWS/2.0
Date: Sat, 23 Dec 2017 07:57:46 GMT
Content-Type:
[+] 137/tcp closed
[+] 136/tcp closed
[+] 21/tcp closed
[+] 22/tcp closed
[+] 25/tcp closed
[+] 110/tcp closed
[+] 8080/tcp closed
[+] 145/tcp closed
root@kali:~/python/anquangongji# python portscannerthread.py -H www.jd.com -p 137,136,21,22,25,110,80,8080,443,145

[+] Scan Results for: 183.56.147.1
[+] 80/tcp open
[+] HTTP/1.1 302 Moved Temporarily
Server: JDWS/2.0
Date: Sat, 23 Dec 2017 07:58:18 GMT
Content-Type:
[+] 443/tcp open
[+] HTTP/1.1 302 Moved Temporarily
Server: JDWS/2.0
Date: Sat, 23 Dec 2017 07:58:18 GMT
Content-Type:
[+] 136/tcp closed
[+] 22/tcp closed
[+] 110/tcp closed
[+] 137/tcp closed
[+] 21/tcp closed
[+] 25/tcp closed
[+] 8080/tcp closed
[+] 145/tcp closed
root@kali:~/python/anquangongji# 
root@kali:~/python/anquangongji# python portscannerthread.py -H www.163.com -p 137,136,21,22,25,110,80,8080,443,145 

[+] Scan Results for: 14.18.201.47
[+] 8080/tcp open
[+] <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd
[+] 80/tcp open
[+] HTTP/1.0 502 Bad Gateway
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<ht
[+] 443/tcp closed
[+] 21/tcp closed
[+] 25/tcp closed
[+] 110/tcp closed
[+] 136/tcp closed
[+] 22/tcp closed
[+] 137/tcp closed
[+] 145/tcp closed
root@kali:~/python/anquangongji# python portscannerthread.py -H www.qq.com -p 137,136,21,22,25,110,80,8080,443,145

[+] Scan Results for: 14.17.42.40
[+] 80/tcp open
[+] HTTP/1.1 400 Bad Request
Server: squid/3.5.24
Date: Sat, 23 Dec 2017 08:00:28 GMT
Content-Type: t
[+] 137/tcp closed
[+] 21/tcp closed
[+] 22/tcp closed
[+] 25/tcp closed
[+] 136/tcp closed
[+] 8080/tcp closed
[+] 110/tcp closed
[+] 443/tcp closed
[+] 145/tcp closed
root@kali:~/python/anquangongji#

三、Nmap扫描
如果在前面没有下载该模块,则需要先到http://xael.org/pages/python-nmap-en.html中下载Python-Nmap

1、安装nmap模块

root@kali:~/python/anquangongji# cd /usr/share/
root@kali:/usr/share# rz#从windows系统内导入文件
rz waiting to receive.
root@kali:/usr/share# tar zxvf python-nmap-0.6.1.tar.gz  
python-nmap-0.6.1/
python-nmap-0.6.1/nmap/
python-nmap-0.6.1/nmap/test_nmap.py
python-nmap-0.6.1/nmap/nmap.py
python-nmap-0.6.1/nmap/test.py
python-nmap-0.6.1/nmap/__init__.py
python-nmap-0.6.1/example.py
python-nmap-0.6.1/MANIFEST.in
python-nmap-0.6.1/gpl-3.0.txt
python-nmap-0.6.1/PKG-INFO
python-nmap-0.6.1/nmap.html
python-nmap-0.6.1/README.txt
python-nmap-0.6.1/requirements.txt
python-nmap-0.6.1/Makefile
python-nmap-0.6.1/CHANGELOG
python-nmap-0.6.1/setup.py
root@kali:/usr/share# cd python-nmap-0.6.1/
root@kali:/usr/share/python-nmap-0.6.1# ls
CHANGELOG   gpl-3.0.txt  MANIFEST.in  nmap.html  README.txt        setup.py
example.py  Makefile     nmap         PKG-INFO   requirements.txt
root@kali:/usr/share/python-nmap-0.6.1# python setup.py install
/usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'bugtrack_url'
  warnings.warn(msg)
running install
running build
running build_py
creating build
creating build/lib.linux-i686-2.7
creating build/lib.linux-i686-2.7/nmap
copying nmap/nmap.py -> build/lib.linux-i686-2.7/nmap
copying nmap/test_nmap.py -> build/lib.linux-i686-2.7/nmap
copying nmap/__init__.py -> build/lib.linux-i686-2.7/nmap
copying nmap/test.py -> build/lib.linux-i686-2.7/nmap
running install_lib
creating /usr/local/lib/python2.7/dist-packages/nmap
copying build/lib.linux-i686-2.7/nmap/nmap.py -> /usr/local/lib/python2.7/dist-packages/nmap
copying build/lib.linux-i686-2.7/nmap/test_nmap.py -> /usr/local/lib/python2.7/dist-packages/nmap
copying build/lib.linux-i686-2.7/nmap/__init__.py -> /usr/local/lib/python2.7/dist-packages/nmap
copying build/lib.linux-i686-2.7/nmap/test.py -> /usr/local/lib/python2.7/dist-packages/nmap
byte-compiling /usr/local/lib/python2.7/dist-packages/nmap/nmap.py to nmap.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/nmap/test_nmap.py to test_nmap.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/nmap/__init__.py to __init__.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/nmap/test.py to test.pyc
running install_egg_info
Writing /usr/local/lib/python2.7/dist-packages/python_nmap-0.6.1.egg-info

#查看nmap模块是否安装成功
root@kali:/usr/share/python-nmap-0.6.1# python 
Python 2.7.3 (default, Mar 14 2014, 11:57:14) 
[GCC 4.7.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import nmap
>>>

2、环境与源码

root@kali:~/python/anquangongji# ls
creakzipfile.py    pingip_true.txt     portscannerthread.py   test.zip
dictionaryzip.txt  portscannernmap.py  scanftpbanner.py       vulnbanners.txt
pingip_false.txt   portscanner.py      scanhostsingalport.py
root@kali:~/python/anquangongji# 
root@kali:~/python/anquangongji# cat portscannernmap.py 
#!/usr/bin/python
#--*-- coding:utf-8 --*--

import nmap
import optparse

def nmapScan(tgtHost,tgtPort):
    #创建一个PortScanner()类对象
    nmScan = nmap.PortScanner()

    #调用PortScanner类的scan()函数,将目标和端口作为参数输入并进行nmap扫描
    nmScan.scan(tgtHost,tgtPort)

    #输出扫描结果中的状态信息
    state = nmScan[tgtHost]["tcp"][int(tgtPort)]["state"]
    print " [+**+] " + tgtHost + "tcp/" + tgtPort + "  " + state

def main():
    #用法:python portscannernmap.py -H 192.168.40.239 -p 21,22,25,110,135,136,137,80,8080,445,443
    parser=optparse.OptionParser("[+**+] Usage : /protscannernmap.py -H <target host> -p <target port[s]>")
    parser.add_option("-H",dest="tgtHost",type="string",help="specify target host")
    parser.add_option("-p",dest="tgtPorts",type="string",help="specify target port[s]")
    (options,args) = parser.parse_args()
    tgtHost = options.tgtHost
    tgtPorts = str(options.tgtPorts).split(",")
    if (tgtHost == None) | (tgtPorts[0] == None):
        print parser.usage
        exit(0)
    for tgtPort in tgtPorts:
        nmapScan(tgtHost,tgtPort)

if __name__ == "__main__":
    main()

root@kali:~/python/anquangongji#

3、运行情况

root@kali:~/python/anquangongji# vi portscannernmap.py
root@kali:~/python/anquangongji# python portscannernmap.py -H 192.168.40.239 -p 21,22,25,110,135,136,137,80,8080,445,443
 [+**+] 192.168.40.239tcp/21  open
 [+**+] 192.168.40.239tcp/22  open
 [+**+] 192.168.40.239tcp/25  closed
 [+**+] 192.168.40.239tcp/110  closed
 [+**+] 192.168.40.239tcp/135  open
 [+**+] 192.168.40.239tcp/136  closed
 [+**+] 192.168.40.239tcp/137  closed
 [+**+] 192.168.40.239tcp/80  open
 [+**+] 192.168.40.239tcp/8080  open
 [+**+] 192.168.40.239tcp/445  open
 [+**+] 192.168.40.239tcp/443  closed
root@kali:~/python/anquangongji#

四、nmap扫描局域网
转载:http://blog.csdn.net/adidala/article/details/42869879

1、环境配置(libnmap模块安装)

root@kali:/usr/share# date
20171223日 星期六 17:12:54 CST
root@kali:/usr/share# git clone https://github.com/savon-noir/python-libnmap.git
正克隆到 'python-libnmap'...
error: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none while accessing https://github.com/savon-noir/python-libnmap.git/info/refs
fatal: HTTP request failed
root@kali:/usr/share# export GIT_SSL_NO_VERIFY=1
root@kali:/usr/share# git clone https://github.com/savon-noir/python-libnmap.git
正克隆到 'python-libnmap'...
remote: Counting objects: 2001, done.
remote: Total 2001 (delta 0), reused 0 (delta 0), pack-reused 2001
Receiving objects: 100% (2001/2001), 1.27 MiB | 232 KiB/s, done.
Resolving deltas: 100% (1241/1241), done.
root@kali:/usr/share# cd python-libnmap/
root@kali:/usr/share/python-libnmap# ls
CHANGES.txt  docs      libnmap      MANIFEST     README.rst  TODO
config       examples  LICENSE.txt  MANIFEST.in  setup.py    tox.ini
root@kali:/usr/share/python-libnmap# python setup.py install
running install
running build
running build_py
creating build
creating build/lib.linux-i686-2.7
creating build/lib.linux-i686-2.7/libnmap
copying libnmap/process.py -> build/lib.linux-i686-2.7/libnmap
copying libnmap/reportjson.py -> build/lib.linux-i686-2.7/libnmap
copying libnmap/parser.py -> build/lib.linux-i686-2.7/libnmap
copying libnmap/__init__.py -> build/lib.linux-i686-2.7/libnmap
copying libnmap/diff.py -> build/lib.linux-i686-2.7/libnmap
creating build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/sql.py -> build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/s3.py -> build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/backendpluginFactory.py -> build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/backendplugin.py -> build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/es.py -> build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/__init__.py -> build/lib.linux-i686-2.7/libnmap/plugins
copying libnmap/plugins/mongodb.py -> build/lib.linux-i686-2.7/libnmap/plugins
creating build/lib.linux-i686-2.7/libnmap/objects
copying libnmap/objects/host.py -> build/lib.linux-i686-2.7/libnmap/objects
copying libnmap/objects/report.py -> build/lib.linux-i686-2.7/libnmap/objects
copying libnmap/objects/cpe.py -> build/lib.linux-i686-2.7/libnmap/objects
copying libnmap/objects/os.py -> build/lib.linux-i686-2.7/libnmap/objects
copying libnmap/objects/__init__.py -> build/lib.linux-i686-2.7/libnmap/objects
copying libnmap/objects/service.py -> build/lib.linux-i686-2.7/libnmap/objects
running install_lib
creating /usr/local/lib/python2.7/dist-packages/libnmap
copying build/lib.linux-i686-2.7/libnmap/process.py -> /usr/local/lib/python2.7/dist-packages/libnmap
copying build/lib.linux-i686-2.7/libnmap/reportjson.py -> /usr/local/lib/python2.7/dist-packages/libnmap
creating /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/objects/host.py -> /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/objects/report.py -> /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/objects/cpe.py -> /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/objects/os.py -> /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/objects/__init__.py -> /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/objects/service.py -> /usr/local/lib/python2.7/dist-packages/libnmap/objects
copying build/lib.linux-i686-2.7/libnmap/parser.py -> /usr/local/lib/python2.7/dist-packages/libnmap
copying build/lib.linux-i686-2.7/libnmap/__init__.py -> /usr/local/lib/python2.7/dist-packages/libnmap
copying build/lib.linux-i686-2.7/libnmap/diff.py -> /usr/local/lib/python2.7/dist-packages/libnmap
creating /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/sql.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/s3.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/backendpluginFactory.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/backendplugin.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/es.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/__init__.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
copying build/lib.linux-i686-2.7/libnmap/plugins/mongodb.py -> /usr/local/lib/python2.7/dist-packages/libnmap/plugins
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/process.py to process.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/reportjson.py to reportjson.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/objects/host.py to host.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/objects/report.py to report.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/objects/cpe.py to cpe.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/objects/os.py to os.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/objects/__init__.py to __init__.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/objects/service.py to service.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/parser.py to parser.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/__init__.py to __init__.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/diff.py to diff.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/sql.py to sql.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/s3.py to s3.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/backendpluginFactory.py to backendpluginFactory.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/backendplugin.py to backendplugin.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/es.py to es.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/__init__.py to __init__.pyc
byte-compiling /usr/local/lib/python2.7/dist-packages/libnmap/plugins/mongodb.py to mongodb.pyc
running install_egg_info
Writing /usr/local/lib/python2.7/dist-packages/python_libnmap-0.7.0.egg-info
root@kali:/usr/share/python-libnmap# ls
build        config  examples  LICENSE.txt  MANIFEST.in  setup.py  tox.ini
CHANGES.txt  docs    libnmap   MANIFEST     README.rst   TODO
root@kali:/usr/share/python-libnmap# cd /root/python/anquangongji/
root@kali:~/python/anquangongji#

2、源码

#!/usr/bin/python  
# -*- coding: utf-8 -*-  
from libnmap.process import NmapProcess  
from libnmap.parser import NmapParser  
import requests  
x=90  

while x < 255:  
    print "\033[1;31mstart 118.192.%s.0/24\033[0m" %(str(x))  
    #调用nmap扫描段内开放80端口的IP  
    mission = NmapProcess("118.192.%s.0/24" % (str(x)),options = "-p 80")  
    mission.run()  
    hosts_hash = {}  
    #处理nmap输出结果  
    report = NmapParser.parse(mission.stdout)  
    #得到每一个开放80端口的IP,结果存放到hash中  
    for _host in report.hosts:  
        if _host.is_up() and _host.services[0].state =='open':  
            hosts_hash[_host.address] = str(_host.services[0].port)+"/"+_host.services[0].state  
    print hosts_hash.keys()  
    #对每一个IP反向域名解析  
    for ips in hosts_hash.keys():  
        print "\033[1;32m[+]"+ips+"\033[0m"  
        target_page = 1  
        count = 1  
        #循环遍历每一页  
        while 1:  
            try:  
                r = requests.get("http://dns.aizhan.com/index.php?r=index/domains&ip=%s&page=%s" % (ips,str(target_page)))  
                #对每一个域名验证连接  
                for domain in  r.json()[u'domains']:  
                    try:  
                        test_domain = requests.get("http://" + domain)  
                        print count,":",domain,"\t:",test_domain.status_code  
                    except:  
                        print count,":",domain,"\t:","error"  
                    count += 1  
                #若不是最后一页,就继续,否则就退出循环  
                if int(r.json()[u'maxpage'])>target_page:  
                    target_page += 1  
                else:  
                    break  
            except:  
                #没有域名解析到此IP  
                print "NONE"  
                break  
    x += 1

3、运行情况

root@kali:~/python/anquangongji# ls
creakzipfile.py    pingip_true.txt             portscanner.py        scanhostsingalport.py
dictionaryzip.txt  portscannernmapinternet.py  portscannerthread.py  test.zip
pingip_false.txt   portscannernmap.py          scanftpbanner.py      vulnbanners.txt
root@kali:~/python/anquangongji# python portscannernmapinternet.py 
start 118.192.90.0/24
[]
start 118.192.91.0/24
[]
start 118.192.92.0/24
[]
start 118.192.93.0/24
[]
start 118.192.94.0/24
['118.192.94.43', '118.192.94.44']
[+]118.192.94.43
NONE
[+]118.192.94.44
NONE
start 118.192.95.0/24
['118.192.95.67', '118.192.95.66', '118.192.95.68', '118.192.95.74']
[+]118.192.95.67
NONE
[+]118.192.95.66
NONE
[+]118.192.95.68
NONE
[+]118.192.95.74
NONE
start 118.192.96.0/24
['118.192.96.9', '118.192.96.8', '118.192.96.7', '118.192.96.6', '118.192.96.1', '118.192.96.100', '118.192.96.101', '118.192.96.254', '118.192.96.33', '118.192.96.30']
[+]118.192.96.9
NONE
[+]118.192.96.8
NONE
[+]118.192.96.7
NONE
[+]118.192.96.6
NONE
[+]118.192.96.1
NONE
[+]118.192.96.100
NONE
[+]118.192.96.101
NONE
[+]118.192.96.254
NONE
[+]118.192.96.33
NONE
[+]118.192.96.30
NONE
start 118.192.97.0/24
[]
start 118.192.98.0/24
[]
start 118.192.99.0/24
[]
start 118.192.100.0/24
[]
start 118.192.101.0/24
['118.192.101.230', '118.192.101.231', '118.192.101.232', '118.192.101.233', '118.192.101.93', '118.192.101.193', '118.192.101.194', '118.192.101.147']
[+]118.192.101.230
NONE
[+]118.192.101.231
NONE
[+]118.192.101.232
NONE
[+]118.192.101.233
NONE
[+]118.192.101.93
NONE
[+]118.192.101.193
NONE
[+]118.192.101.194
NONE
[+]118.192.101.147
NONE
start 118.192.102.0/24
[]
start 118.192.103.0/24
[]
start 118.192.104.0/24
['118.192.104.85', '118.192.104.35', '118.192.104.36']
[+]118.192.104.85
NONE
[+]118.192.104.35
NONE
[+]118.192.104.36
NONE
start 118.192.105.0/24
^Z
[3]+  已停止               python portscannernmapinternet.py
root@kali:~/python/anquangongji# vi portscannernmapinternet.py
徐为波
关注
专栏目录
PythonNMAP详解
dinglingti9469的博客
07-19 636
一、NMAP简介 NMap,也就是Network Mapper,最早是Linux下的网络扫描和嗅探工具包。 nmap是一个网络连接端扫描软件,用来扫描网上电脑开放的网络连接端。确定哪些服务运行在哪些连接端,并且推断计算机运行哪个操作系统(这是亦称 fingerprinting)。它是网络管理员必用的软件之一,以及用以评估网络系统安全。 正如大多数被用于网络安全的工具,nmap 也是不少黑...
嗅探工具 --- wireshark、tcpdump、dsniff、ettercap、bettercap、netsniff-ng
墨鱼菜鸡
07-11 4972
最好的 MitM 中间人攻击开源框架清单:https://github.com/Chan9390/Awesome-MitM 哔哩哔哩:https://search.bilibili.com/all?keyword=wireshark 1、WireShark WireShark 是一个开源免费的高性能网络协议分析软件,它的前身就是非常著名的网络分析软...
python编写nmap扫描工具--多线程
专注测试领域知识分享和技能提升
07-21 2377
前置条件:用Python代码编写一个简单的nmap扫描工具Python多线程的基本操作前面学过了python多线程的使用,也学了通过socket模块,去扫描服务器某个端口是否有开放。服...
如何使用 NMAP 命令进行网络扫描
最新发布
dzqxwzoe的博客
08-17 939
第一种是报网络安全专业,现在叫网络空间安全专业,主要专业课程:程序设计、计算机组成原理原理、数据结构、操作系统原理、数据库系统、 计算机网络、人工智能、自然语言处理、社会计算、网络安全法律法规、网络安全、内容安全、数字取证、机器学习,多媒体技术,信息检索、舆情分析等。以上语法用于扫描目标网络的所有端口,执行上述格式时请耐心等待,因为枚举打开的端口需要一些时间,或者您也可以执行下面给出的命令,该命令使用参数“–open”执行相同的任务,以便省时间。如果您注意到下图,那么您会发现它获得的结果是多次扫描的组合。
Pythonnmap库的使用
cpongo55
01-02 1602
Nmap是一款网络扫描和主机检测的非常有用的工具。Nmap是不局限于仅仅收集信息和枚举,同时可以用来作为一个漏洞探测器或安全扫描器。它可以适用于winodws,linux,mac等操作系统。python-nmap是一个帮助使用nmap端口扫描器python库。它允许轻松操纵nmap扫描结果,并且将是一个完美的选择,为需要自动完成扫描任务的系统管理员提供的...
Python小练习-实现简单端口扫描~
Recar的博客
11-25 3335
我就看了几天的python。这个作为练习,若有错误,望指出。就是基于socket,每个端口去连一下能返回信息就是开启的。一想这么的没必要。 可以去连接,异常出错就是没有开启。 s=socket.socket() s.connect((ip,port))但是有的连接要很长时间,那么设置时间: s.settimeout(0.1)只是
Python-nmap
Cwiky_1993的博客
05-16 719
安装 1 pip安装 2 手动安装 3 验证是否安装成功 python-nmap的使用代码块 1 安装1.1 pip安装(pip安装使用详解) 1.2 手动安装 下载python-nmap-0.6.1 解压(Linux解压 tar xvzf python-nmap-0.6.1.tar.gz) cd到python-nmap目录安装 1.3 验证是否安装成功打开python IDLE,输入import
渗透测试 ( 3 ) --- Metasploit Framework ( MSF )
墨鱼菜鸡
07-11 4492
白嫖 Metasploit Pro 2022:https://zhuanlan.zhihu.com/p/449836479 白嫖 Metasploit Pro 2022:http://t.zoukankan.com/hxlinux-p-15787814.html 好东西之 metasploit pro:https://www.52pojie.cn/thr...
项目实习(五)网络渗透实验
eck_777的博客
09-26 7116
这是大学期间进行的生产实习内容,主要是进行一次简单的网络渗透测试。 实习的目的及任务 实习的目的 生产实习是实现理论知识和实践相结合的重要环节。通过实习,学生将对于课堂学习的基础和专业理论知识有更深入的掌握。特别是对信息安全技术与工程的最新发展和应用有较深入的了解。同时通过生产实习,进一步锻炼学生理论与实践相结合的能力,提高学习的主动性,为毕业后的社会工作打下良好的基础。 实习任务要求 (1)严...
乱的笔记
weixin_34357962的博客
03-22 1万+
链接:https://pan.baidu.com/s/1jBlX2OoWALMaLuMkx21H7w 提取码:mzl4 复制这段内容后打开百度网盘手机App,操作更方便哦如果看的不舒服可以上百度网盘下载完整的 第二本书 一、Linux基本命令1.基础命令 vi /etc/sysconfig/network-scripts/ifcfg-ens32DNBBOT=NO改成DNBBOT=YES//...
笔记,后期整理
weixin_30278237的博客
08-06 8274
VM 虚拟各种系统的工具 安装目录 不要放在C盘 需要下载的镜像Windows NT win7 xp server08R2 server12类Nnix centos 6/7/8 ubuntu 14/16/18 kali安装 win7 1g=1024M1M=1024KB1KB=1024bit1bit 是一个字节 一个字节就是8位由0或者1组成(二进制) 10 进制0-9组成的数字...
PortScanner:快速 TCP 端口扫描器
05-31
端口扫描器 ____ _ ____ | _ \ ___ _ __ | | _ / ___ | ___ __ _ _ __ _ __ ___ _ __ | | _) / _ \| ' __| __| \___ \ / __/ _` | ' _ \| ' _ \ / _ \ ' __ | | __/ (_) | | | | _ ___) | (_ | (_ | | | | | | | | __/ | | _ | \_ __/ | _ | \_ _ | | ____/ \_ __ \_ _,_ | _ | | _ | _ | | _ | \_ __ | _ |
TCP端口扫描工具
11-20
pythonTCP端口扫描,还给了大家一点福利哈哈哈
python-nmap
奇葩
04-07 332
import nmap import socket#这个是网络基本协议的模块 if __name__=='__main__': nm = nmap.PortScanner() addr=socket.gethostbyname(input('网站名:')) print(addr) ports=nm.scan(addr,'1-65535')# print(po...
TCP端口扫描器
小哥(xpc)
11-02 596
Go写一个简单的TCP扫描器
TCP扫描器的简单实现
系统运维
08-03 178
//TcpPortScanner.cc #include &lt;iostream&gt; #include &lt;strings.h&gt; #include &lt;stdlib.h&gt; #include &lt;sys/socket.h&gt; #include &lt;netinet/in.h&gt; #include &lt;arpa/inet.h&gt; using...
python中的nmap模块(编写扫描器
1匹黑马
01-26 3964
文章目录模块功能安装Nmap及其模块基本用法编写一个端口扫描器编写一个主机存活扫描器 模块功能 目前Nmap模块已具备如下各种功能。 主机发现功能。向目标计算机发送信息,然后根据目标的反应来确定它是否处于开机并联网的状态。 端口扫描 。向目标计算机的指定端口发送信息,然后根据目标端口的反应来判断它是否开放。 服务及版本检测。向目标计算机的指定端口发送特制的信息,然后根据目标的反应来检测它运行服务...
Python基础之Python-nmap模块
热门推荐
03-30 1万+
Python-nmap模块一:nmap二:基本扫描策略2.1 无任何附加参数2.2 冗余2.3 指定端口号2.4 操作系统侦测2.5 只进行主机发现2.6 跳过主机发现2.7 扫描和版本号侦测2.8 UDP 扫描三:绕过防火墙3.1 利用掩体3.2 禁用 ping3.3 IP地址伪装3.4 空闲扫描3.5 指定网卡进行扫描3.6 限制扫描时间3.7 指定源 IP 地址3.8 指定源主机端口3.9 ...
python-nmap模块
weixin_44537595的博客
04-02 356
首先看一下PortScanner类,这个类中包含如下几个函数。 scan()函数: 这个函数的完整形式为 scan(self, hosts=‘127.0.0.1’, ports=None, arguments=’-sV’,sudo=False), 用来对指定目标进行扫描,其中需要设置的三个参数包括hosts、ports和arguments scan(self, hosts=‘127.0.0.1’,...
Python NMap端口扫描实战与详解
本文主要介绍了如何使用PythonNMap库实现端口扫描器NMap是一个强大的网络扫描工具,最初是为Linux环境设计的,它能够探测网络中的主机是否在线,扫描主机端口以发现提供的服务,同时还能进行操作系统指纹识别。...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

徐为波

看着给就好了,学习写作有点累!

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值