Created
December 7, 2015 04:20
-
-
Save donkey-hotei/c1bb1404f9ef4e94976a to your computer and use it in GitHub Desktop.
a simple port scanner done up in python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# -*- coding: latin-1 -*- | |
# a python stealth port scanner | |
from logging import getLogger, ERROR | |
getLogger("scapy.runtime").setLevel(ERROR) | |
from scapy.all import * | |
from datetime import datetime | |
from time import stdftime | |
# In stealth scanning, one sends a SYN flag | |
# to the server. The server either responds | |
# with a packet with SYN/ACK or RST/ACK flags set, | |
# If it is RST/ACK, then the port is closed. | |
# If one gets SYN/ACK the poer is open. | |
# We then respond with a RST flag to terminate | |
# the connection before it is fully established. | |
random_port = RandShort | |
def check_host( ip ): | |
try: | |
ping = sr1(IP(dst = ip) / ICMP()) | |
return True | |
except: | |
print( "Target not resolvable." ) | |
return False | |
# stealth scanning techniques | |
def stealth_scan( src_ip, dst_ip ): | |
if not check_host( dest_ip ): | |
return None | |
src_port = random_port() | |
dst_port = 80 | |
ack = IP(src="127.0.0.1", dst=dst_ip) /\ | |
TCP(sport=666, dport=random_port(), | |
flag='S') | |
# initier TCP Handshake | |
resp = sr1(ack, timeout = 10) | |
if TCP in resp: | |
if resp[TCP].flags == 0x12: | |
# mais, finis la connexion avant d'etablir. | |
rst = IP(dst = dst_ip) /\ | |
TCP(sport=src_port, dport=dst_port, flag='R') | |
send(rst) | |
elif resp[TCP].flags == 0x14: | |
# dommage.. | |
print( "Port is closed. " ) | |
return -1 | |
print(" Port 80 is open. ") | |
return 0 | |
if __name__ == '__main__': | |
dst_ip = '127.0.0.1' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment