做一個戰士不是一件簡單的事,這是一件無休止的,會持續到我們生命最後一刻的鬥爭。沒有人生下來就是戰士,就像沒人生下來就註定庸碌,是我們讓自己變成這樣或者那樣!
——夏目漱石
設計思路:
調用optparse.OptionParse()方法,構建選項分析器,接受主機名(或者IP地址),掃描的端口列表兩個參數。構建兩個函數PortScan和ConnScan,PortScan解析主機名成IP地址,然後枚舉端口列表中的每個端口用ConnScan函數嘗試連接主機,打印掃描端口的信息。
主函數代碼:
def main():
parser = optparse.OptionParser('usage %prog -H <target host> -p <target port>')
parser.add_option('-H',dest='tgtHost',type='string',
help='specify target host')
parser.add_option('-p',dest='tgtPort',type='int',
help='specify target port')
(options,args) = parser.parse_args()
tgtHost = options.tgtHost
tgtPort = options.tgtPort
args.append(tgtPort)
if (tgtHost == None) | (tgtPort == None):
print(parser.usage)
exit(0)
portScan(tgtHost,args)
PortScann函數代碼:
def portScan(tgtHost,tgtPorts):
try:
tgtIP = socket.gethostbyname(tgtHost)
except:
print("[-]Cannot resolve '%s':Unkown host" % tgtHost)
return
try:
tgtName = socket.gethostbyaddr(tgtIP)
print('\n[+]Scan Result for:'+ tgtName[0])
except:
print('\n[+]Scan Result for:'+ tgtIP)
socket.setdefaulttimeout(1)
for tgtPort in tgtPorts:
print('Scanning port' + str(tgtPort))
connScan(tgtHost,int(tgtPort))
ConnScan函數代碼:
def connScan(tgtHost,tgtPort):
try:
connSkt = s
ocket.socket(socket.AF_INET,socket.SOCK_STREAM)
connSkt.connect((tgtHost,tgtPort))
connSkt.send('ViolenPython\r\n')
results = connSkt.recv(100)
print('[+]%d/tcp open' % tgtPort)
print('[+]'+str(results))
connSkt.close()
except:
print('[-]%d/tcp closed' % tgtPort)
**結合nmap掃描端口設計思路**
導入nmap庫,並且構建一個Scan()函數,接收主機地址IP和需要掃描的端口號。然後創建一個PortScanner()類的實例運行基本的nmap掃描。
**關鍵代碼**
```
def nmapScan(tgthost,tgtport):
nmScan = nmap.PortScanner()
results = nmScan.scan(tgthost,tgtport)
state = results['scan'][tgthost]['tcp'][int(tgtport)]['state']
print('[*]'+tgthost+" tcp/"+tgtport+" "+state)
```