用python写一个端口扫描器,扫描ip网段每个IP开放哪些端口,并将扫描结果写入文件保存
from socket import *
import IPy,platform,threadpool
import threading
from subprocess import Popen,PIPE
ip=IPy.IP('172.18.32.210').make_net('255.255.255.0') ##表示整个网段的ip地址
##判断当前运行环境
def get_env():
if platform.system()=='Windows':
parm='n'
elif platform.system()=='Linux':
parm='c'
return parm
##ping指定IP
def ping_ip(ip):
os=get_env()
p = Popen('ping -{} 1 {}'.format(os,ip), shell=True,stdin=PIPE,stdout=PIPE,stderr=PIPE,close_fds=True)
output, errors = p.communicate()
if p.returncode == 0:
ls.append(str(ip))
##得到ip段中存活的ip
def get_alive_ip():
pool=threadpool.ThreadPool(50)
requests=threadpool.makeRequests(ping_ip,ip)
[pool.putRequest(req) for req in requests]
pool.wait()
##探测指定端口是否开放
def scan_port(ip,port):
sock = socket(AF_INET, SOCK_STREAM)
sock.settimeout(5)
result = sock.connect_ex((ip, port))
if result == 0:
opened_ports.append(port)
##扫描指定ip的所有开放端口
def get_open_port(ip):
pool=threadpool.ThreadPool(1000)
a=[]
for i in range(1,65536):
a.append((None,{"ip":ip,"port":i}))
requests=threadpool.makeRequests(scan_port,a)
[pool.putRequest(req) for req in requests]
pool.wait()
if __name__ == "__main__":
ls=[]
get_alive_ip()
for ip in ls:
opened_ports=[]
get_open_port(ip)
res=ip+" opened ports is: "+str(opened_ports)
with open("result.txt", 'a') as f:
f.write(res + '\n')