爲了加深自己對端口掃描的理解,寫了兩個小的腳本
1、使用python socket 模塊多線程進行tcp端口掃描
2、使用python-nmap 模塊進行端口探測
綜合來看,還是更喜歡masscan,如上,開源地址
https://github.com/dongfangyuxiao/py-study/tree/master/py-study/practice/port-scan
代碼如下:
!/usr/bin/env python
-- coding:utf-8 --
Time : 18-6-23 上午8:06
Author : xiaodong
File : port-tcp.py
一個多線程的tcp端口掃描器,,定義了兩個函數
import argparse
import socket
from socket import *
from threading import *
screenlock = Semaphore(value=1)
def connScan(tgtHost,tgtPort):# 這個主要是進行端口掃描,進行tcp鏈接,獲取一些信息
try:
connskt = socket(AF_INET,SOCK_STREAM)# 創建一個socket 對象family的取值通常是AF_INET。type 的取值通常是SOCK_STREAM(用於定向的連接,可靠的TCP連接)或SOCK_DGRAM(用於UDP)
connskt.connect((tgtHost,tgtPort))
connskt.send('hello word\r\n')
result = connskt.recv(100)
screenlock.acquire()
print "{} open and found {}".format(tgtPort,result)
except:
screenlock.acquire()
print "sorry, {} closed".format(tgtPort)
finally:
screenlock.release()
connskt.close()
def portscan(tgtHost,tgtPorts):# 這個主要是進行主機名的變換,並且多線程調用connScan函數
try:
tgtIp = gethostbyname(tgtHost)#gethostbyname(name) 嘗試將給定的主機名解釋爲一個IP地址。
except:
print “cannot resolve {}”.format(tgtHost)
return
try:
tgtName = gethostbyaddr(tgtIp)#gethostbyaddr() 由IP 地址得到DNS 信息,返回一個類似gethostbyname_ex()的3 元組。
print “scan result for {}”.format(tgtName[0])
except:
print “scan result for {}”.format(tgtIp)
setdefaulttimeout(1)
for tgtPort in tgtPorts:
t = Thread(target=connScan,args=(tgtHost,int(tgtPort)))
t.start()
def main():
parser = argparse.ArgumentParser()
parser.add_argument(‘host’,help=’please input what you want to scan host,eg:www.baidu.com’)
parser.add_argument(‘port’,help=’please input port what you want to scan,eg:21,22’)
args = parser.parse_args()
tgtHost = args.host
tgtPorts = str(args.port).split(',')
if (tgtHost == None) | (tgtPorts ==None):
print " are you sure you input is right?"
exit(0)
portscan(tgtHost,tgtPorts)
if name == “main“:
main()
!/usr/bin/env python
-- coding:utf-8 --
Time : 18-6-23 上午9:54
Author : xiaodong
File : port-nmap.py
import nmap
(此處導入的nmap 爲python-nmap)
import argparse
https://www.cnblogs.com/aylin/p/5996229.html
AttributeError: ‘function’ object has no attribute ‘PortScanner’ 如果出現這個,說明安裝錯了,要安裝python-nmap
def nmapScan(tgtHost,tgtPort):
nmscan = nmap.PortScanner()
nmscan.scan(tgtHost,tgtPort)
state = nmscan[tgtHost][‘tcp’][int(tgtPort)][‘state’]#獲取主機 端口(tcp)的狀態 (open|closed|filter)
print “{} found {}”.format(tgtHost,state)
def main():
parser = argparse.ArgumentParser()
parser.add_argument(‘host’,help=’input ip you want to scan’)
parser.add_argument(‘port’,help=’scan port’)
args = parser.parse_args()
tgtHost = args.host
tgtPorts = str(args.port).split(',')
for tgtPort in tgtPorts:
nmapScan(tgtHost,tgtPort)
if name == “main“:
main()