sweet man i love it!!! now the only thing missing is a post by coder with the perl version of this baby with an output file option for those darn nice command line prompts
shaun2k2
Oct 18 2003, 03:05 PM
I dislike VB because portability is a joke. Basically, programs written in VB are for Windows, and only Windows...
-Shaun.
coder
Oct 18 2003, 03:46 PM
hmm a fast port scanner is not always what you may want to use? doing that many handshakes in a small amount of time is very suspicious and would most likely raise concern by an Admin or ISP...
the fact that this was written in VB (and comes with no ActiveX controls) tells us that it's a TCP Connect Scanner (I'm guessing winsock...) another very LOAD scan type. Now of course this kind of probe can still be done quietly, but this requires a lot of timing and patience...
i haven't taken a look at the scanner yet (i'm on *nix) - i'm just stating some simple facts
GhostCow: i'll take a look at it, and see what options i have to port to perl
oh- btw; excuse the bad spelling (i'm really hung over )
GhostCow
Oct 18 2003, 08:29 PM
thanks coder a perl script for a stealth auto port scanner with a direct output file would be very nice ...
GAN_GR33N
Oct 18 2003, 08:20 PM
i relize it may not be the most stealthy way to scan. i use nmap for that but i do security audits. i am not scared of getting in trouble because i have permission and i write tools with that in mind.
coder
Oct 18 2003, 09:00 PM
GhostCow: a stealth scanner would require raw_sockets and a packet capturing lib... i haven't seen any perl / pcap libs (although that would be sweet!)
Gr33n: You can easily add UDP capabilities to your winsock scanner... changing the protocol value between 0 and 1
GAN_GR33N
Oct 19 2003, 03:16 AM
i am working on a new one now that will have that option as well as several tabs with different functions
shaun2k2
Oct 19 2003, 09:26 AM
Hmm, if I remember correctly, UDP scanning is usually not as simple as simply changing the protocol to UDP. If a UDP port is listening, the remote host will NOT reply to your datagram, and if the port is closed, it will reply, with an ICMP_UNREACH packet. A better way to write a UDP scanner is to open a datagram socket (UDP), send a UDP datagram, open an ICMP raw socket, and use select() to monitor the ICMP raw socket for an incoming ICMP_UNREACH packet.
Raw sockets are pretty simple in both C and Perl. Coder, Perl does have raw sockets, I've seen people write raw socket code in Perl before. To implement stealth scanning techniques (e.g syn scanning, fin scanning, xmas tree scanning etc...), just open a raw TCP socket, build the correct datagram, and send the datagram, whilst monitoring the socket for a response. You can then use an if() statement to evaluate the packet. You then report the open or closed status based on the evaluation of the packet. Put this routine in a while(i < end_port) loop.
-Shaun.
coder
Oct 20 2003, 02:53 PM
shaun2k2, i have never seen a Perl Net::Pcap for Windows (the current topic...) if so- please post resource!
thank you very much shaun2k2! that was very helpful... i appreciate it
yay!, now i have .pl to capture packets...
CODE
use Net::Pcap;
$count = 10;
my $err; my $dev=Net::Pcap::lookupdev(\$err);
if (defined $err) { die ('Unable to determine network device for monitoring - ',$err); }
my ($address, $netmask, $err); if (Net::Pcap::lookupnet($dev, \$address, \$netmask, \$err)) { die 'Unable to look up device information for ', $dev, ' - ', $err; } print STDOUT "$dev: addr/mask -> $addr/$mask\n";
sub callback_function { my ($user_data, $header, $packet) = @_; #Blah Blah Blah with my data =) }
GhostCow
Oct 20 2003, 06:56 PM
thanks coder and shaun2k2 i love you guys!!!!
edit: how exactly am i supposed to use it? i tried entering my ip (for example) as a parameter but nothing seems to happen except my firewall asking me if to allow access to that program.... what to do?
shaun2k2
Oct 20 2003, 07:19 PM
You're welcome.
-Shaun.
SLiM577
Dec 6 2003, 07:22 PM
Fport is a nice quick smooth port scannner u can specify the ports /threads and an output result text.
yes indeed its a very fast scanner with a nice gui and some nice features like bannergrabbing ssl connect, sock v4, smtp relay and some other stuff
really worth to take a look at it
tstngry
Dec 31 2003, 09:10 AM
The best port scanner i have yet come accross (i have used all of the ones discussed) is called netburn. It is mainly used for searching out telent ports but can also scan other ports too. It also does somthing that i have no explination for. Sometimes when scaning for port 23 it gains access to the system and displays the output in the program, I HAVE NO IDEA HOW IT DOES THIS! You can set its speed by changing the delay. Overall its the best! It can be found at www.tgs-security.com -which is currently down. I would attach it but i dont know how. GOOGLE IT!
rush
Jan 1 2004, 06:21 PM
The DNS scanner looks good, tnx allot!
JackBean
Jan 2 2004, 08:50 AM
nice
wicked
Jan 4 2004, 08:33 AM
This looks interesting:
CODE
17.12.01 21:07 Come get some! Do you want some mp3 files?
Here is a way I discovered how you are able to locate users of the file-sharing tool "KaZaA" with DSNS and access their mp3 files without running KaZaA itself.
1- Select any dailup range 2- Add port 1214 (protocol probe: HTTP (GET), file: /) 3- Go!
After just few seconds I got following results:
217.1.x.x 1214 200 OK, KazaaClient Aug 29 2001 19:44:27 217.1.x.x 1214 200 OK, KazaaClient Aug 29 2001 19:44:27 217.1.x.x 1214 200 OK, KazaaClient 0.1 217.1.x.x 1214 200 OK, KazaaClient Aug 29 2001 19:44:27 217.1.x.x 1214 200 OK, KazaaClient Jul 5 2001 17:18:29 and so on...
4- Now open your favourite browser and goto http://*ip*:1214/ 5- Have fun;)
What do you use DSNS for? Post into the port scanning forum.
-- Hannes Gräuler <lordi@styleliga.org / lordi@IRCnet>
a fast port scanner is not always what you may want to use? doing that many handshakes in a small amount of time is very suspicious and would most likely raise concern by an Admin or ISP... 
