TCP&UDP端口扫描器
用Python写的端口扫描器,主要功能为对给定的IP地址进行端口扫描。TCP主要使用socket库,UDP使用nmap库,参考书籍:《python绝技:运用python成为顶尖黑客》
源码:
import optparse;
import nmap
from socket import *;
from threading import *;
screenLock = Semaphore(value=4) #处理多线程问题,使用screenLock.acquire()执行加锁
'''
使用socket进行端口扫描,通过socket(AF_INET,SOCK_STREAM)指定基于IPv4网络,tcp连接,
使用connect去进行连接,成功则为端口开放,失败则为端口关闭。
'''
def tconnScan(tHost,tPort):
try:
connSkt = socket(AF_INET,SOCK_STREAM)
connSkt.connect((tHost,tPort))
screenLock.acquire()
print("[+]%d/tcp open"% tPort)
screenLock.release()
connSkt.close()
except:
screenLock.acquire()
print("[-]%d/tcp closed"% tPort)
screenLock.release()
finally:
exit(0)
def tportScan(tHost,tPorts):
try:
tIP = gethostbyname(tHost)
except:
print("[-] Cannot resolve '%s': Unknown host"% tHost)
return
try:
tName = gethostbyaddr(tIP)
print("\n[+] Scan Result for:" + tName[0])
except:
print("\n[+] Scan Result for:" + tIP)
setdefaulttimeout(1)
for tPort in tPorts:
t = Thread(target=tconnScan,args=(tHost,int(tPort)))
t.start()
'''
调用nmap库做udp扫描
'''
def udpScan(tHost,tPort):
nm = nmap.PortScanner()
data=nm.scan(tHost,tPort,'-sU');
state = data['scan'][tHost]['udp'][int(tPort)]['state']
if(state == "closed"):
print("[-]%s/udp %s"% (tPort,state))
else:
print("[+]%s/udp %s"% (tPort,state))
'''
用optparse模块调用其方法来解析扫描命令,解析扫描的主机名host和扫描端口port
'''
def main() :
parser = optparse.OptionParser('usage %prog -H'+'<target host> -p <target port> -t <target proto>')
parser.add_option('-H',dest='tHost',type='string',help='specify target host')
parser.add_option('-p',dest='tPort',type='string',help='specify target port')
parser.add_option('-t',dest='tProto',type='string',help='specify target tproto')
(options,args) = parser.parse_args()
tHost = options.tHost
if(options.tProto == "t"):
if(options.tPort == "dft"):
tPorts = [80,8080,3128,8081,9080,1080,21,23,443,69,22,25,110,7001,9090,3389,1521,1158,2100,1433]
else:
tPorts = str(options.tPort).split(',')
if (tHost == None) :
print(parser.usage)
exit(0)
tportScan(tHost,tPorts)
elif (options.tProto == "u"):
if(options.tPort == "dft"):
tPorts = ['31','41','69','110','137','138','161','666','999','1027','1042','4000','8099','8255']
else:
tPorts = str(options.tPort).split(',')
if (tHost == None) :
print(parser.usage)
exit(0)
print("\n[+] Scan Result for:" + tHost)
for tPort in tPorts:
udpScan(tHost,tPort)
else:
print("please input -t u(udp) or t(tcp)")
exit(0)
if __name__ == "__main__":
main()
个人编程能力不强。为了完成课设的要求,做成这种半成品。有些地方可以做一些修改,使之更加友好,比如UDP扫描只允许IP地址查询,可以套用TCP扫描的例子做修改,还有UDP扫描未使用多线程,还有很多很多,都可以根据自己使用的实际情况进行修改。