linux多线程扫描器
刺猬@http://blog.csdn.net/littlehedgehog
那个深入浅出驱动程序系列文章后面作者似乎有些心不在焉,文章草草了事,还是自己来看看相关的书吧。
再来说说这个scanner,速度还是过得去的,在我测试的环境中,跟nmap速度不相上下,不过郁闷的是扫描主机比较慢。说来其实没多大实用价值,仅供学习参观之用。代码就在下面,有兴趣自己可以改改用。
- #include <stdio.h>
- #include <fcntl.h>
- #include <unistd.h>
- #include <string.h>
- #include <regex.h>
- #include <pthread.h>
- #include <sys/types.h>
- #include <sys/time.h>
- #include <sys/socket.h>
- #include <netinet/in.h>
- #define DEBUG
- #ifdef DEBUG
- #define Debug printf
- #else
- #define Debug //
- #endif
- #define PORT_LIMIT 32
- #define IP_LIMIT 32
- #define VERSION 0.1
- #define swap(a,b,type) do{type temp=a;a=b;b=temp;}while(0)
- #define oops(msg,x) do{perror(msg);exit(x);}while(0)
- struct scan_range
- {
- u_long s_ip;
- u_long e_ip;
- u_short s_port;
- u_short e_port;
- };
- ///
- void usage(char *);
- int scan_port_range(u_long,u_short,u_short);
- int scan_ip_range(u_long,u_long,u_short);
- int scan_thread(struct scan_range *s_range);
- int scan_port_array(u_long ip,const u_short *port);
- int scan_ip_array(const u_long *ip_array,u_short port);
- int read_port(char *filename);
- int read_ip(char *filename);
- int do_connect(u_long,u_short);
- /
- extern char *optarg;
- pthread_t thread;
- u_short port_array[PORT_LIMIT]; //为ip、port文件定义的数组
- u_long ip_array[IP_LIMIT];
- static char err=1,errlen=1;
- struct scan_range s_range;
- ///
- int main(int argc,char *argv[])
- {
- char ch;
- char *port_file=NULL;
- char *ip_file=NULL;
- char *delimiter=NULL;
- u_long s_ip=0,e_ip=0;
- u_short s_port=0,e_port=0;
- memset(port_array,0,sizeof(port_array));
- memset(ip_array,0,sizeof(ip_array));
- while ((ch=getopt(argc,argv,"i:p:h"))!=-1)
- {
- switch (ch)
- {
- case 'i':
- case 'I':
- if ((delimiter=strchr(optarg,'-'))!=NULL) //ip范围
- {
- *delimiter++=0;
- s_ip=ntohl(inet_addr(optarg));
- e_ip=ntohl(inet_addr(delimiter));
- *(--delimiter)='-';
- if(s_ip>e_ip)
- swap(s_ip,e_ip,u_long);
- }
- else
- {
- if (!~inet_addr(optarg)) //说明是ip文件
- {
- ip_file=optarg;
- }
- else //单个ip
- s_ip=ntohl(inet_addr(optarg)),e_ip=s_ip;
- }
- break;
- case 'p':
- case 'P':
- if ((delimiter=strchr(optarg,'-'))!=NULL) //port范围
- {
- s_port=atoi(optarg);
- e_port=atoi(++delimiter);
- if(s_port>e_port)
- swap(s_port,e_port,u_short);
- s_port=s_port<1?1:s_port;
- e_port=e_port>34464?34464:e_port;
- }
- else
- {
- if (strstr(optarg,".txt")!=NULL) //port文件
- {
- port_file=optarg;
- }
- else //单个port
- {
- s_port=atoi(optarg);
- e_port=s_port;
- }
- }
- break;
- case 'h':
- case 'H':
- usage(argv[0]);
- return 0;
- default:
- printf("[+]What do you want? -h for help/n");
- return 0;
- }
- }
- if (s_ip&&e_ip)
- {
- if (s_ip==e_ip) //单个ip扫描
- {
- if (port_file)
- {
- read_port(port_file);
- printf("[+]Now scan the target according to the port file %s/n",port_file);
- scan_port_array(s_ip,port_array);
- }
- else
- {
- printf("[+]Now scan the taget %s from port %d to %d/n",argv[2],s_port,e_port);
- scan_port_range(s_ip,s_port,e_port);
- }
- }
- else //多个ip扫描
- {
- if (s_port==e_port)
- {
- printf("[+]Note! this function may take more time BE PATIENT! /nNow scan the targets %s /n",argv[2]);
- scan_ip_range(s_ip,e_ip,s_port);
- }
- else if (s_port!=e_port)
- {
- printf("[+]Sorry,this function hasn't been implemented/n");
- }
- }
- }
- else if (ip_file)
- {
- read_ip(ip_file);
- if (s_port==e_port)
- {
- printf("[+]Now scan these targets in %s /n",ip_file);
- scan_ip_array(ip_array,s_port);
- }
- else
- printf("[+]Sorry,this function hasn't been implemented/n");
- }
- else
- {
- printf("[+]What do you want?/t-h for help?/n");
- return -1;
- }
- printf("[+] Mission completed!/n");
- return 0;
- }
- void usage(char *scanner)
- {
- printf("/n/t/t/t For you WLL/n");
- printf("/n/n[+] linux multi-thread scanner 0.1 (c) 刺猬 /n/n");
- printf("usage : %s -i <ip|ip range|ipfile> -p <port|port range|port file>/n/n",scanner);
- printf("NOTE: the file MUST be extended .txt/n/n");
- printf("example:/n");
- printf("%s -i 192.168.0.1 -p 1-10000/n",scanner);
- printf("%s -i 192.168.0.1-192.168.0.254 -p 80/n",scanner);
- printf("%s -i ip.txt -p 3389/n",scanner);
- printf("/nHave fun! by the way some function hasn't been implemented... /n/n/n");
- exit(0);
- }
- /*
- * 扫描port范围 从start_port 到 end_port
- */
- int scan_port_range(u_long ip,u_short start_port,u_short end_port)
- {
- int sum=end_port-start_port;
- int granularity=sum>>4;
- int i=start_port;
- if (!granularity)
- granularity=sum;
- s_range.s_ip=ip;
- s_range.e_ip=ip;
- do
- {
- s_range.s_port=i;
- s_range.e_port=(i+granularity)>end_port?end_port+1:i+granularity;
- if (pthread_create(&thread,NULL,(void *)scan_thread,(void *)&s_range)!=0)
- {
- warn("Create thread failed!");
- continue;
- }
- pthread_join(thread,NULL);
- }
- while ((i=s_range.e_port)<end_port);
- }
- /*
- * 扫描ip范围 从s_ip 到 e_ip
- */
- int scan_ip_range(u_long s_ip,u_long e_ip,u_short port)
- {
- int sum=e_ip-s_ip;
- int granularity=sum>>3;
- int i=s_ip;
- if (!granularity)
- granularity=sum;
- s_range.s_port=port;
- s_range.e_port=port;
- do
- {
- s_range.s_ip=i;
- s_range.e_ip=(i+granularity)>e_ip?e_ip+1:i+granularity;
- if (pthread_create(&thread,NULL,(void *)scan_thread,(void *)&s_range)!=0)
- {
- warn("Create thread failed!");
- continue;
- }
- pthread_join(thread,NULL);
- }
- while ((i=s_range.e_ip)<e_ip);
- }
- /*
- * 扫描线程 注意 我没有实现多ip多port扫描
- */
- int scan_thread(struct scan_range *s_range)
- {
- int start,end,temp;
- if (s_range->s_ip==s_range->e_ip) //扫描端口
- {
- temp=htonl(s_range->s_ip);
- start=s_range->s_port;
- end=s_range->e_port;
- while (start<end)
- {
- if (do_connect(temp,htons(start))==1)
- {
- printf("%d/n",start);
- fflush(stdout);
- }
- start++;
- }
- }
- else //扫描ip
- {
- temp=htons(s_range->s_port);
- start=s_range->s_ip;
- end=s_range->e_ip;
- while (start<end)
- {
- if (do_connect(htonl(start),temp)==1)
- {
- printf("%s/n",inet_ntoa(htonl(start)));
- fflush(stdout);
- }
- start++;
- }
- }
- return (0);
- }
- /*
- * 扫描端口数组
- */
- int scan_port_array(u_long ip,const u_short *port)
- {
- u_short *pos=port;
- while (*pos)
- {
- if (do_connect(htonl(ip),htons(*pos))==1)
- printf("%d/n",*pos);
- pos++;
- }
- }
- /*
- * 扫描ip数组
- */
- int scan_ip_array(const u_long *ip_array,u_short port)
- {
- u_long *pos=ip_array;
- while (*pos)
- {
- if (do_connect(*pos,htons(port))==1)
- printf("%s/n",inet_ntoa(*pos));
- pos++;
- }
- }
- /*
- * 读取port文件和ip文件
- */
- int read_port(char *filename)
- {
- int count=0,buffer;
- FILE *fp;
- if ((fp=fopen(filename,"r"))==NULL)
- oops("Cannot open the port file",-1);
- while (!feof(fp)&&count<PORT_LIMIT)
- {
- fscanf(fp,"%d",&port_array[count++]);
- }
- return 0;
- }
- int read_ip(char *filename)
- {
- int count=0;
- char buffer[20];
- FILE *fp;
- if ((fp=fopen(filename,"r"))==NULL)
- oops("Cannot open the ip file",-1);
- while (!feof(fp)&&count<IP_LIMIT)
- {
- fscanf(fp,"%s",buffer);
- ip_array[count++]=(inet_addr(buffer));
- }
- ip_array[--count]=0;
- return 0;
- }
- /*
- * 如果连接成功 表示该端口打开
- */
- int do_connect(u_long addr,u_short port)
- {
- u_long sock_fd;
- fd_set mask;
- struct timeval timeout;
- struct sockaddr_in host;
- host.sin_family=AF_INET;
- host.sin_addr.s_addr=addr;
- host.sin_port=port;
- if ((sock_fd=socket(AF_INET,SOCK_STREAM,0))<0)
- {
- perror("1:");
- return(-1);
- }
- if (fcntl(sock_fd,F_SETFL,O_NONBLOCK)<0)
- {
- close(sock_fd);
- perror("2:");
- return(-1);
- }
- connect(sock_fd,(struct sockaddr *)&host,sizeof(host));
- timeout.tv_sec=1;
- timeout.tv_usec=0;
- FD_ZERO(&mask);
- FD_SET(sock_fd,&mask);
- switch (select(sock_fd+1,NULL,&mask,NULL,&timeout))
- {
- case -1:
- close(sock_fd);
- perror("3:");
- return(-1);
- case 0:
- close(sock_fd);
- break;
- default:
- if (FD_ISSET(sock_fd,&mask))
- {
- err=1;
- getsockopt(sock_fd,SOL_SOCKET,SO_ERROR,(char *)&err,(void *)&errlen);
- if (err==0)
- {
- close(sock_fd);
- return 1;
- }
- }
- close(sock_fd);
- break;
- }
- return 0;
- }
- int scan_test(struct scan_range *s_range)
- {
- int start=s_range->s_port;
- int end=s_range->e_port;
- printf("%d/t%d/t%d/n",s_range->s_ip,(start),(end));
- sleep(1);
- return (0);
- }