I learned from a CTF book that port scanning can be done with python Start with the curiosity of "What? Can python do that?" In the process, I learned that multithreading is much faster than running single. Since it's a big deal, I'll leave both for comparison.
Because it is NG to do port scan to an external site In the experiment, start up a virtual server using Virtualbox on your own PC I did a port scan on it. That's why "10.0.0.2" written in the source code of ↓↓ is the IP of your own virtual server.
Reference: https://qiita.com/najayama/items/728682bcae824c902046
The code I learned the most is this. There is no waste. Instead it's slow. On the contrary, because it was slow, I could feel the "effectiveness of multithreading".
simple-port-scanner.py
import socket
max_port = 6000
min_port = 1
target_host = input("Input target host name or address: ")
for port in range(min_port, max_port):
#target_Attempt to connect to port number port of host
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
return_code = sock.connect_ex((target_host, port))
sock.close()
#socket.connect_ex returns 0 on success
if return_code == 0:
print("Port %d open!" % (port))
print("Complete!")
Reference: https://www.valuestar.work/news/archives/20
This is no less wasteful than it is. I use thread well so it's fast enough to die. 1. 1. Then it took about 1 second per port It took quite a while to do ports 1 to 1024, but with this program, the process was completed in about 3 seconds. thread is bad.
This time, I used it as a reference in the rush, so it is not a copy of the code, so it is not in a comparable form. I wish I could shape it so that I could compare it later ...
multi-port-scanner.py
import socket
import threading
scan_range = [1, 10000];
host = "10.0.0.2";
threads = [];
ports = [];
isopen = [];
def Run(port, i):
con = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
return_code = con.connect_ex((host, port))
con.close()
if return_code == 0:
isopen[i] = 1;
count = 0;
for port in range(scan_range[0], scan_range[1]):
ports.append(port);
isopen.append(0);
thread = threading.Thread(target=Run, args=(port, count));
thread.start();
threads.append(thread);
count = count + 1;
for i in range(len(threads)):
threads[i].join();
if isopen[i] == 1:
print("%d open" % ports[i]);
I looked it up to study portscan The destructive power of thread left an impression on me more than I expected. Let's slowly look at the source code and organize it later
~ End ~
Recommended Posts