from scapy.all import *
import random
import argparse
# 半开连接扫描
def stscan(dstip,dport):
# 随机的 seq 号和源端口
seq = random.randint(1, 65535)
sport = random.randint(1, 65535)
ip = IP(dst=dstip)
tcp = TCP(sport=sport, dport=dport, seq=seq, flags="S")
pkt = ip/tcp
res = sr1(pkt,timeout=1,verbose=False)
# 判断返回 rst 的 flag 值
if res[TCP].flags=='SA':
print(dport,'port open')
else:
print(dport,'port close')
# 回去的包 seq = 对方的ack , ack = seq+1
send_ack = res[TCP].ack
send_seq = res[TCP].seq+1
ip_2 = IP(dst=dstip)
tcp_2 = TCP(sport=sport,dport=dport,seq=send_seq, ack=send_ack)
pkt_2 = ip_2/tcp_2
send(pkt_2,verbose=False)
if __name__ == '__main__':
# 定义接受参数
par=argparse.ArgumentParser("python stscan")
par.add_argument("-t","--target",help="destination ip")
args=par.parse_args()
print('ip address:',args.target)
# 循环扫描 for 循环端口
for i in range(1,65535):
stscan(args.target,i)
socket半连接扫描
最新推荐文章于 2022-09-07 20:00:00 发布