Attached Files
-
VOODOOSCAN.exe 44K
502 downloads
Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Fast Port Scanner
Started by
GAN_GR33N
, Oct 17 2003 03:43 PM
32 replies to this topic
#1
GAN_GR33N
-
- Members
-
- 163 posts
Corporal
Posted 17 October 2003 - 03:43 PM
i know eveyone bitches about VB but i like it
#2
GhostCow
-
- Members
-
- 345 posts
Staff Sergeant
Posted 17 October 2003 - 04:19 PM
sweet man i love it!!!
now the only thing missing is a post by coder with the perl version of this baby with an output file option for those darn nice command line prompts
now the only thing missing is a post by coder with the perl version of this baby with an output file option for those darn nice command line prompts
#3
shaun2k2
-
- Sergeant Major
-
- 348 posts
Staff Sergeant
Posted 18 October 2003 - 07:05 AM
I dislike VB because portability is a joke. Basically, programs written in VB are for Windows, and only Windows...
-Shaun.
-Shaun.
#4 Guest_coder_*
Guest_coder_*
-
- Guests
Posted 18 October 2003 - 07:46 AM
hmm 
a fast port scanner is not always what you may want to use? doing that many handshakes in a small amount of time is very suspicious and would most likely raise concern by an Admin or ISP...
the fact that this was written in VB (and comes with no ActiveX controls) tells us that it's a TCP Connect Scanner (I'm guessing winsock...) another very LOAD scan type. Now of course this kind of probe can still be done quietly, but this requires a lot of timing and patience...
i haven't taken a look at the scanner yet (i'm on *nix) - i'm just stating some simple facts
GhostCow: i'll take a look at it, and see what options i have to port to perl
oh- btw; excuse the bad spelling (i'm really hung over )
a fast port scanner is not always what you may want to use? doing that many handshakes in a small amount of time is very suspicious and would most likely raise concern by an Admin or ISP... the fact that this was written in VB (and comes with no ActiveX controls) tells us that it's a TCP Connect Scanner (I'm guessing winsock...) another very LOAD scan type. Now of course this kind of probe can still be done quietly, but this requires a lot of timing and patience...
i haven't taken a look at the scanner yet (i'm on *nix) - i'm just stating some simple facts
GhostCow: i'll take a look at it, and see what options i have to port to perl
oh- btw; excuse the bad spelling (i'm really hung over
)
#5
GhostCow
-
- Members
-
- 345 posts
Staff Sergeant
Posted 18 October 2003 - 12:29 PM
thanks coder a perl script for a stealth auto port scanner with a direct output file would be very nice ... 
#6
GAN_GR33N
-
- Members
-
- 163 posts
Corporal
Posted 18 October 2003 - 12:20 PM
i relize it may not be the most stealthy way to scan. i use nmap for that but i do security audits. i am not scared of getting in trouble because i have permission and i write tools with that in mind.
#7 Guest_coder_*
Guest_coder_*
-
- Guests
Posted 18 October 2003 - 01:00 PM
GhostCow: a stealth scanner would require raw_sockets and a packet capturing lib... i haven't seen any perl / pcap libs (although that would be sweet!)
Gr33n: You can easily add UDP capabilities to your winsock scanner... changing the protocol value between 0 and 1
Gr33n: You can easily add UDP capabilities to your winsock scanner... changing the protocol value between 0 and 1
#8
GAN_GR33N
-
- Members
-
- 163 posts
Corporal
Posted 18 October 2003 - 07:16 PM
i am working on a new one now that will have that option as well as several tabs with different functions
#9
shaun2k2
-
- Sergeant Major
-
- 348 posts
Staff Sergeant
Posted 19 October 2003 - 01:26 AM
Hmm, if I remember correctly, UDP scanning is usually not as simple as simply changing the protocol to UDP. If a UDP port is listening, the remote host will NOT reply to your datagram, and if the port is closed, it will reply, with an ICMP_UNREACH packet.
A better way to write a UDP scanner is to open a datagram socket (UDP), send a UDP datagram, open an ICMP raw socket, and use select() to monitor the ICMP raw socket for an incoming ICMP_UNREACH packet.
Raw sockets are pretty simple in both C and Perl. Coder, Perl does have raw sockets, I've seen people write raw socket code in Perl before. To implement stealth scanning techniques (e.g syn scanning, fin scanning, xmas tree scanning etc...), just open a raw TCP socket, build the correct datagram, and send the datagram, whilst monitoring the socket for a response. You can then use an if() statement to evaluate the packet. You then report the open or closed status based on the evaluation of the packet. Put this routine in a while(i < end_port) loop.
-Shaun.
A better way to write a UDP scanner is to open a datagram socket (UDP), send a UDP datagram, open an ICMP raw socket, and use select() to monitor the ICMP raw socket for an incoming ICMP_UNREACH packet.
Raw sockets are pretty simple in both C and Perl. Coder, Perl does have raw sockets, I've seen people write raw socket code in Perl before. To implement stealth scanning techniques (e.g syn scanning, fin scanning, xmas tree scanning etc...), just open a raw TCP socket, build the correct datagram, and send the datagram, whilst monitoring the socket for a response. You can then use an if() statement to evaluate the packet. You then report the open or closed status based on the evaluation of the packet. Put this routine in a while(i < end_port) loop.
-Shaun.
#10 Guest_coder_*
Guest_coder_*
-
- Guests
Posted 20 October 2003 - 06:53 AM
shaun2k2, i have never seen a Perl Net::Pcap for Windows (the current topic...) if so- please post resource!
#12 Guest_coder_*
Guest_coder_*
-
- Guests
Posted 20 October 2003 - 07:40 AM
thank you very much shaun2k2! that was very helpful... i appreciate it
yay!, now i have .pl to capture packets...
yay!, now i have .pl to capture packets...
use Net::Pcap;
$count = 10;
my $err;
my $dev=Net::Pcap::lookupdev(\$err);
if (defined $err) {
die ('Unable to determine network device for monitoring - ',$err);
}
my ($address, $netmask, $err);
if (Net::Pcap::lookupnet($dev, \$address, \$netmask, \$err)) {
die 'Unable to look up device information for ', $dev, ' - ', $err;
}
print STDOUT "$dev: addr/mask -> $addr/$mask\n";
$object = Net::Pcap::open_live($dev, $snaplen, $promisc, $to_ms, \$err);
Net::Pcap::loop($object, $count, \&callback_function, $user_data);
Net::Pcap::close($object);
sub callback_function {
my ($user_data, $header, $packet) = @_;
#Blah Blah Blah with my data =)
}
#13
GhostCow
-
- Members
-
- 345 posts
Staff Sergeant
Posted 20 October 2003 - 10:56 AM
thanks coder and shaun2k2 i love you guys!!!!
edit: how exactly am i supposed to use it? i tried entering my ip (for example) as a parameter but nothing seems to happen except my firewall asking me if to allow access to that program.... what to do?
edit: how exactly am i supposed to use it? i tried entering my ip (for example) as a parameter but nothing seems to happen except my firewall asking me if to allow access to that program.... what to do?
#14
shaun2k2
-
- Sergeant Major
-
- 348 posts
Staff Sergeant
Posted 20 October 2003 - 11:19 AM
You're welcome.
-Shaun.
-Shaun.
#15
SLiM577
-
- Members
-
- 83 posts
Private First Class
Posted 06 December 2003 - 11:22 AM
Fport is a nice quick smooth port scannner u can specify the ports /threads and an output result text.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
