网络端口扫描器程序设计
一、實驗目的
(1) 理解網絡端口掃描器的基本結構、工作原理與設計方法。
(2) 掌握TCP connect掃描、TCP SYN掃描、TCP FIN掃描、以及UDP掃描的基本原理、設計與實現方法。
二、實驗要求
(1) 完成一個網絡端口掃描程序。
(2) 要求程序能夠實現TCP connect掃描、TCP SYN掃描、TCP FIN掃描、以及UDP掃描等4種基本的掃描方式。
三、實驗思路
端口掃描的特征碼:
Connect掃描(端口開放):
1、 客戶端發送包:URG=0,ACK=0,PSH=0,RST=0,SYN=1,FIN=0
2、 服務端回包: URG=0,ACK=1,PSH=0,RST=0,SYN=1,FIN=0
3、 客戶端發送包:URG=0,ACK=1,PSH=0,RST=0,SYN=0,FIN=0
4、 客戶端發送包:URG=0,ACK=1,PSH=0,RST=1,SYN=0,FIN=0
SYN掃描(端口開放):
1、 客戶端發送包:URG=0,ACK=0,PSH=0,RST=0,SYN=1,FIN=0
2、 服務端回包: URG=0,ACK=1,PSH=0,RST=0,SYN=1,FIN=0
3、 客戶端發送包:URG=0,ACK=0,PSH=0,RST=1,SYN=0,FIN=0
端口未開放時:(Connect和SYN掃描數據包一樣)
1、 客戶端發送包:URG=0,ACK=0,PSH=0,RST=0,SYN=1,FIN=0
2、 服務端回包: URG=0,ACK=1,PSH=0,RST=1,SYN=0,FIN=0
FIN掃描(端口未開放):
1、 客戶端發送包:URG=0,ACK=0,PSH=0,RST=0,SYN=0,FIN=1
2、 服務端回包: URG=0,ACK=1,PSH=0,RST=1,SYN=0,FIN=0
四、實驗源碼
主程序:
connect掃描
# -*- coding: utf-8 -*- """簡單端口掃描程序connect掃描@author WQ@time 2021/5/8 """ import socket import time import threadingtargetIP="192.168.137.226" portslist=[21,22,23,80,135,139,445] def conn_scan(ip,port):scansocket=socket.socket(socket.AF_INET,socket.SOCK_STREAM)try:status=scansocket.connect_ex((ip,port))if status==0:print(f"[+] Port {str(port)} Is Open\n")except:print("error")scansocket.close() def conn_scanner(targetIP,portslist):print(f"Scanning {targetIP} for Open TCP_CONN Ports\n")for i in portslist:run=threading.Thread(target=conn_scan,args=(targetIP,i))run.start()run.join()conn_scanner(targetIP,portslist)SYN掃描
# -*- coding: utf-8 -*- """簡單端口掃描程序SYN掃描@author WQ@time 2021/5/8 """ import logging import threading logging.getLogger("scapy.runtime").setLevel(logging.ERROR) from scapy.layers.inet import IP, TCP, UDP, ICMP from scapy.all import *#target = str(input("請輸入目標IP: ")) target="192.168.237.130" portslist=[21, 22, 34, 135, 139, 80, 445]def syn_scan(port):sport = RandShort()pkt = sr1(IP(dst=target) / TCP(sport=sport, dport=port, flags="S"), timeout=1, verbose=0)if pkt != None:if pkt.haslayer(TCP):if pkt[TCP].flags == 18:print(f"[+] Port {str(port)} Is Open\n")else:print(f"[+] Port {str(port)} Is Close\n")def syn_scanner(target,portslist):print(f"Scanning {target} for Open TCP_SYN Ports\n")for x in portslist:threading.Thread(target=syn_scan,args=(x,)).start()#syn_scanner(target,portslist) #print('Scan Is Completed!\n')FIN掃描
# -*- coding: utf-8 -*- """簡單端口掃描程序FIN掃描@author WQ@time 2021/5/8 """ from scapy.layers.inet import IP, TCP from scapy.sendrecv import sr, sr1 import threading''' 適用于Linux設備 通過設置flags位為'FIN',不回復則表示端口開啟,回復并且回復的標志位為RST表示端口關閉 ''' targetIP="192.168.170.98" portslist=[21,22,23,80,135,139,445] def fin_scan(targetIP,port):p = IP(dst=targetIP) / TCP(dport=int(port), flags="F")ans = sr1(p, timeout=1, verbose=0)if sr1(p, timeout=1, verbose=0) == None:print(f"[+] Port {str(port)} Is Open\n")elif ans != None and ans[TCP].flags == 'RA':#ans.display()#print(f"[+] Port {str(port)} Is Close\n")passdef fin_scanner(targetIP,portslist):print(f"Scanning {targetIP} for Open TCP_FIN Ports\n")for p in portslist:threading.Thread(target=fin_scan,args=(targetIP,p)).start()#scanner(targetIP,portslist)UDP掃描
# -*- coding: utf-8 -*- """簡單端口掃描程序UDP掃描@author WQ@time 2021/5/8 """ from scapy.all import * from scapy.layers.inet import IP, UDP import threadingtarget="192.168.189.98" portslist=[21, 22, 34, 135, 139, 80, 445]def UDP_scan(target,port):pkt=IP(dst=target)/UDP(dport=int(port))res=sr1(pkt,timeout=0.1,verbose=0)if res==None:print(f"[+] Port {str(port)} Is Open\n")def udp_scanner(target,portslist):print(f"Scanning {target} for Open UDP Ports\n")for port in portslist:t=threading.Thread(target=UDP_scan,args=(target,port))t.start()if __name__=='__main__':udp_scanner(target,portslist)五、實驗結果
總結
以上是生活随笔為你收集整理的网络端口扫描器程序设计的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 发电厂电气部分第三版pdf_“十三五”普
- 下一篇: flash 实例教程