Government Security
Network Security Resources

Jump to content

Photo

Fast Port Scanner

- - - - - scanner port scan
  • Please log in to reply
32 replies to this topic

#1 GAN_GR33N

GAN_GR33N

    Corporal

  • Members
  • 163 posts

Posted 17 October 2003 - 03:43 PM

i know eveyone bitches about VB but i like it

Attached Files



#2 GhostCow

GhostCow

    Staff Sergeant

  • Members
  • 345 posts

Posted 17 October 2003 - 04:19 PM

sweet man i love it!!!
now the only thing missing is a post by coder with the perl version of this baby with an output file option for those darn nice command line prompts :D

#3 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 18 October 2003 - 07:05 AM

I dislike VB because portability is a joke. Basically, programs written in VB are for Windows, and only Windows...


-Shaun.

#4 Guest_coder_*

Guest_coder_*
  • Guests

Posted 18 October 2003 - 07:46 AM

hmm <_< a fast port scanner is not always what you may want to use? doing that many handshakes in a small amount of time is very suspicious and would most likely raise concern by an Admin or ISP...

the fact that this was written in VB (and comes with no ActiveX controls) tells us that it's a TCP Connect Scanner (I'm guessing winsock...) another very LOAD scan type. Now of course this kind of probe can still be done quietly, but this requires a lot of timing and patience...

i haven't taken a look at the scanner yet (i'm on *nix) - i'm just stating some simple facts :)

GhostCow: i'll take a look at it, and see what options i have to port to perl ;)

oh- btw; excuse the bad spelling (i'm really hung over :D )

#5 GhostCow

GhostCow

    Staff Sergeant

  • Members
  • 345 posts

Posted 18 October 2003 - 12:29 PM

thanks coder a perl script for a stealth auto port scanner with a direct output file would be very nice ... :ph34r:

#6 GAN_GR33N

GAN_GR33N

    Corporal

  • Members
  • 163 posts

Posted 18 October 2003 - 12:20 PM

i relize it may not be the most stealthy way to scan. i use nmap for that but i do security audits. i am not scared of getting in trouble because i have permission and i write tools with that in mind.

#7 Guest_coder_*

Guest_coder_*
  • Guests

Posted 18 October 2003 - 01:00 PM

GhostCow: a stealth scanner would require raw_sockets and a packet capturing lib... i haven't seen any perl / pcap libs (although that would be sweet!)

Gr33n: You can easily add UDP capabilities to your winsock scanner... changing the protocol value between 0 and 1

#8 GAN_GR33N

GAN_GR33N

    Corporal

  • Members
  • 163 posts

Posted 18 October 2003 - 07:16 PM

i am working on a new one now that will have that option as well as several tabs with different functions

#9 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 19 October 2003 - 01:26 AM

Hmm, if I remember correctly, UDP scanning is usually not as simple as simply changing the protocol to UDP. If a UDP port is listening, the remote host will NOT reply to your datagram, and if the port is closed, it will reply, with an ICMP_UNREACH packet.
A better way to write a UDP scanner is to open a datagram socket (UDP), send a UDP datagram, open an ICMP raw socket, and use select() to monitor the ICMP raw socket for an incoming ICMP_UNREACH packet.

Raw sockets are pretty simple in both C and Perl. Coder, Perl does have raw sockets, I've seen people write raw socket code in Perl before. To implement stealth scanning techniques (e.g syn scanning, fin scanning, xmas tree scanning etc...), just open a raw TCP socket, build the correct datagram, and send the datagram, whilst monitoring the socket for a response. You can then use an if() statement to evaluate the packet. You then report the open or closed status based on the evaluation of the packet. Put this routine in a while(i < end_port) loop.


-Shaun.

#10 Guest_coder_*

Guest_coder_*
  • Guests

Posted 20 October 2003 - 06:53 AM

shaun2k2, i have never seen a Perl Net::Pcap for Windows (the current topic...) if so- please post resource!

#11 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 20 October 2003 - 07:34 AM

http://www.bribes.or...l/wnetpcap.html

I think this may help.


Thank you for your time.
Shaun.

#12 Guest_coder_*

Guest_coder_*
  • Guests

Posted 20 October 2003 - 07:40 AM

thank you very much shaun2k2! that was very helpful... i appreciate it :)

yay!, now i have .pl to capture packets...

use Net::Pcap;

$count = 10;


my $err;
my $dev=Net::Pcap::lookupdev(\$err);

if (defined $err) {
   die ('Unable to determine network device for monitoring - ',$err);
}

my ($address, $netmask, $err);
if (Net::Pcap::lookupnet($dev, \$address, \$netmask, \$err)) {
   die 'Unable to look up device information for ', $dev, ' - ', $err;
}
print STDOUT "$dev: addr/mask -> $addr/$mask\n";

$object = Net::Pcap::open_live($dev, $snaplen, $promisc, $to_ms, \$err);
Net::Pcap::loop($object, $count, \&callback_function, $user_data);


Net::Pcap::close($object);


sub callback_function {
   my ($user_data, $header, $packet) = @_;
   #Blah Blah Blah with my data =)
}


#13 GhostCow

GhostCow

    Staff Sergeant

  • Members
  • 345 posts

Posted 20 October 2003 - 10:56 AM

thanks coder and shaun2k2 i love you guys!!!! :D


edit: how exactly am i supposed to use it? i tried entering my ip (for example) as a parameter but nothing seems to happen except my firewall asking me if to allow access to that program.... what to do?

#14 shaun2k2

shaun2k2

    Staff Sergeant

  • Sergeant Major
  • 348 posts

Posted 20 October 2003 - 11:19 AM

You're welcome. :)


-Shaun.

#15 SLiM577

SLiM577

    Private First Class

  • Members
  • 83 posts

Posted 06 December 2003 - 11:22 AM

Fport is a nice quick smooth port scannner u can specify the ports /threads and an output result text.





Also tagged with one or more of these keywords: scanner, port scan