-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathtcp_scanner.py
More file actions
138 lines (111 loc) · 3.93 KB
/
tcp_scanner.py
File metadata and controls
138 lines (111 loc) · 3.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/usr/bin/env python3
"""
TCP Port Scanner Module (AuxiliaryModule version)
Performs TCP port scanning against targets. Converted from ScannerModule to
AuxiliaryModule so it behaves as an auxiliary module in ExploitDF.
"""
import socket
import threading
from queue import Queue, Empty
from BaseModule import AuxiliaryModule
class TCPScanner(AuxiliaryModule):
def __init__(self):
super().__init__()
self.info.update({
'name': 'TCP Port Scanner',
'description': 'Performs TCP port scanning against targets',
'author': 'Abhay Pratap Singh',
'version': '4.0'
})
self.options.update({
'RHOSTS': '',
'RPORT': '1-1000',
'THREADS': 100,
'TIMEOUT': 1
})
self.required_options.add('RHOSTS')
self.required_options.add('RPORT')
self.q = None
self.timeout = 1
def parse_ports(self, port_string):
ports = set()
for part in str(port_string).split(','):
part = part.strip()
if not part:
continue
if '-' in part:
try:
start, end = part.split('-', 1)
for p in range(int(start), int(end) + 1):
if 0 < p <= 65535:
ports.add(p)
except ValueError:
self.print_error(f"Invalid port range: {part}")
else:
try:
p = int(part)
if 0 < p <= 65535:
ports.add(p)
except ValueError:
self.print_error(f"Invalid port: {part}")
return sorted(ports)
def worker(self, target):
while self.running:
try:
port = self.q.get(timeout=0.3)
except Empty:
return
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(self.timeout)
if sock.connect_ex((target, port)) == 0:
banner = ""
try:
sock.settimeout(0.2) # FAST banner grab
data = sock.recv(1024)
banner = data.decode(errors='ignore').strip()
except Exception:
pass
if banner:
self.print_good(f"{target}:{port} OPEN | {banner}")
else:
self.print_good(f"{target}:{port} OPEN")
sock.close()
except Exception:
pass
finally:
self.q.task_done()
def scan_target(self, target):
self.print_status(f"Scanning {target}")
ports = self.parse_ports(self.get_option('RPORT'))
self.timeout = int(self.get_option('TIMEOUT'))
self.q = Queue()
for p in ports:
self.q.put(p)
threads = []
for _ in range(int(self.get_option('THREADS'))):
t = threading.Thread(target=self.worker, args=(target,))
t.start()
threads.append(t)
try:
while not self.q.empty() and self.running:
pass
except KeyboardInterrupt:
self.running = False
self.print_status("Scan interrupted by user (Ctrl+C)")
for t in threads:
t.join(timeout=1)
def run(self):
if super().run() is False:
return False
targets = [t.strip() for t in self.get_option('RHOSTS').split(',') if t.strip()]
try:
for target in targets:
if not self.running:
break
self.scan_target(target)
except KeyboardInterrupt:
self.running = False
self.print_status("Execution stopped by user")
self.cleanup()
return True