思路:
(1)使用for循环构建c段扫描,使用list构建端口信息
(2)通过socket获取banner信息
(3)通过对比banner信息来判断是否存在漏洞
代码:
#encoding:utf-8
'''
这个脚本主要功能是探测在一个网段内的端口开发情况
'''
import socket
def retbanner(ip,port):
try:
socket.setdefaulttimeout(2)
s=socket.socket()
s.connect((ip,port))
banner=s.recv(1024)
return banner
except Exception,e:
print e.message
return
def checkvalue(banner):
if "FreeFloat Ftp Server (Version 1.00)" in banner:
print "FreeFloat Ftp Server is vulnerable"
elif "3Com 3CDaem FTP Server Version 2.0" in banner:
print "3Com 3CDaem FTP Server is vulnerable"
elif "Ability Server 2.34 " in banner:
print "Ability Server is vulenerable"
else:
print "FTP is not vulenerable"
def main():
portlist=[21,23,25,53,80,110,443,3306]
for x in range(137,139):
ip="192.168.11."+str(x)
for port in portlist:
banner=retbanner(ip,port)
if banner:
print ip+":"+str(port)
checkvalue(banner)
if __name__ == '__main__':
main()