-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathscanner.py
138 lines (113 loc) · 4.77 KB
/
scanner.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# Author: Eugenio Pastoral
# Course: Advanced and Offensive Security
import port_scan, sys
# This function will initiate TCP port scans. It will get the mode to be used based on the arguments used. It takes in the target IP address, target port, and scan type flag as the parameters.
def portscan(ip, port, type, print_flag):
# Get the type and set the appropriate flags to be set in the packet.
flag, flags = parse_type(ip, port, type, print_flag)
# # Check if the target host is alive.
# if port_scan.is_up(ip):
# Send a TCP packet based on the flags from the previous line. The return value will determine if it's open, closed, filtered, unfiltered.
response = port_scan.probe_port(ip, int(port), flags, flag, type, print_flag)
# If the return value is 1, it is open.
if response == 1:
openp = port
filterdp = ''
# If the return value is 2, it is filtered.
elif response == 2:
filterdp = port
openp = ''
# Otherwise, it closed or unfiltered.
else:
filterdp, openp = '', ''
# If the scanning mode is TCP Connect Scan, print the following messages.
if type == 1 or type == 2:
if response == 1:
if print_flag:
print('\n' + port + " is open.")
return 'O'
elif response == 0:
if print_flag:
print('\n' + port + " is closed.")
return 'C'
else:
t1_flag = 'F'
if print_flag:
print('\n' + port + " is filtered.")
return 'F'
# If the scanning mode is TCP SYN Scan, TCP XMAS Scan, TCP FIN Scan, or TCP NULL Scan, print the following messages.
if type == 3 or type == 4 or type == 5:
if openp != '':
if print_flag:
print('\n' + openp + " is possibly open or filtered.")
return 'O|F'
if filterdp != '':
if print_flag:
print('\n' + filterdp + " is filtered.")
return 'F'
if (openp == '') and (filterdp == ''):
if print_flag:
print('\n' + port + " is closed.")
return 'C'
# If the scanning mode is TCP ACK Scan, print the following messages.
if type == 6:
if openp != '':
if print_flag:
print('\n' + openp + " is filtered by stateful firewall.")
return 'F'
if filterdp != '':
if print_flag:
print('\n' + filterdp + " is filtered by stateful firewall.")
return 'F'
if (openp == '') and (filterdp == ''):
if print_flag:
print('\n' + port + " is not filtered.")
return 'UF'
#
# # Otherwise, the target host is down.
# else:
# print("Host is down.")
# This function will set the appropriate flags based on the scanning mode specified. It takes in the target IP address, target port, and scan type flag as the parameters.
def parse_type(ip, port, type, print_flag):
# If the scanning mode is TCP Connect Scan, set the appropriate flags.
if type == 1:
if print_flag:
print('\nPerforming TCP Connect Scan on ' + ip + ':' + port + '.\n')
return 0x14, 'S'
# If the scanning mode is TCP SYN Scan, set the appropriate flags.
elif type == 2:
if print_flag:
print('\nPerforming TCP SYN Scan on ' + ip + ':' + port + '.\n')
return 0x14, 'S'
# If the scanning mode is TCP XMAS Scan, set the appropriate flags.
elif type == 3:
if print_flag:
print('\nPerforming TCP XMAS Scan on ' + ip + ':' + port + '.\n')
return 0x14, 'FPU'
# If the scanning mode is TCP FIN Scan, set the appropriate flags.
elif type == 4:
if print_flag:
print('\nPerforming TCP FIN Scan on ' + ip + ':' + port + '.\n')
return 0x14, 'F'
# If the scanning mode is TCP NULL Scan, set the appropriate flags.
elif type == 5:
if print_flag:
print('\nPerforming TCP NULL Scan on ' + ip + ':' + port + '.\n')
return 0x14, ''
# If the scanning mode is TCP ACK Scan, set the appropriate flags.
elif type == 6:
if print_flag:
print('\nPerforming TCP ACK Scan on ' + ip + ':' + port + '.\n')
return 0x4, 'A'
# This function will initiate a Ping Sweep. It will send out n ICMP ECHO requests to the target host. It takes in the target IP address and the number of packets to be sent.
def ping(ip, n, print_flag):
result = False
if print_flag:
print('\nPerforming Ping Sweep on ' + ip + '.\n')
# Send n ICMP ECHO requests.
for i in range(n):
if port_scan.is_up(ip):
if print_flag:
print('[' + str(i + 1) + '] ' + ip + ' is alive.')
result = True
return result