Jump to content
Best_Andre

Putin Ajutor ?

Recommended Posts

Buna sunt andrei sunt nou in aceasta comunitate , sunt un skiddie I kw dar totus nu inteleg unde am gresit in acest cod ?

#!/usr/bin/python

import socket

def scan(host,port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
       s.connect((host,port))
       print ("open :"+str(port))
       s.close()
except:
        pass
    
for port in range(1024):
    scan("192.168.0.1",port)

putin ajutor va rog ?

Share this post


Link to post
Share on other sites

It lipseste un alineat/indent:

#!/usr/bin/python
import socket


def scan(host, port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    try:
        s.connect((host, port))
        print ("open :" + str(port))
        s.close()
    except:
        pass

for port in range(10000):
    scan("127.0.0.1", port)

Cum aveai tu codul functia 'scan' doar definea un socket, 'try/pass' facea parte din programul principal, nu din functie.

 

Ca proof-of-concept (PoC) este in regula, dar in practica asta ar scana foarte incet pentru ca astepti fiecare port in parte sa raspunda sau ca perioada de timeout sa expire. Pentru un scanner agresiv poti sa reduci perioada de timeout si sa introduci mai multe thread-uri.

 

Ai aici niste cod scris la furie care face o scanare agresiva la toate 65K porturi TCP. Nu stiu daca mai merge sau daca am facut modificari care l-au stricat, dar este suficient cat sa iti faci o idee. Este un cod destul de jegos si sunt sigur ca unii o sa-si puna mainile in cap, dar ar trebui sa-ti dea o idee despre chestia cu thread-urile/timeout-ul pe sockets, etc. Daca cineva are sugestii la cum ar putea sa fie imbunatatit sunt numai urechi. :)

#!/usr/bin/python

import sys
from multiprocessing import Pool
from multiprocessing import freeze_support

from modules import rs_inf

##########
#  MAIN  #
##########
# this is only temporary
# the purpose is to allow the development version to be used in production
if len(sys.argv) == 1:
    scope_file = 'scope.txt'
else:
    scope_file = sys.argv[1]

# read scope file and create targets array
scope = open(scope_file, 'r')
targets = []
for i in scope.readlines():
    # host = i.split(':')[0]
    # port = int(i.split(':')[1].rstrip())
    targets.append(i.rstrip())

print targets

pool = Pool(processes=200)
results = pool.map(rs_inf.tcp_scan, rs_inf.tcp_scope_generator(targets))
pool.close()
pool.join()

open_ports = []
for i in results:
   if i:
      if i[1] not in open_ports:
         open_ports.append(i[1])

print "\nConevnient Nmap ports flag:"
for i in open_ports:
     sys.stdout.write(str(i) + ',')

Si aici modulul rs_inf:

import socket
from random import shuffle

from modules import rs_ssl


def tcp_scope_generator(targets_array, start_range=1, end_range=65536):
    tcp_scope = []
    for i in targets_array:
        for j in range(start_range, end_range):
            tcp_scope.append((i, j))
    shuffle(tcp_scope)
    return tcp_scope

def tcp_scan((host, port)):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(1)
    if s.connect_ex((host, port)) == 0:
        print host + " - " + str(port)
        s.close()

        # # if the port is open check if SSL is supported
        # if rs_ssl.ssl_verify((host, port)):
        #     # if SSL is supported enumerate
        #     rs_ssl.ssl_enumerate((host, port))
        # else:
        #     print host + ":" + str(port) + " --- SSL not supported"

        return (host, port)
    s.close()
Edited by theeternalwanderer
  • Thanks 1

Share this post


Link to post
Share on other sites
21 minutes ago, theeternalwanderer said:

It lipseste un alineat/indent:


#!/usr/bin/python
import socket


def scan(host, port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    try:
        s.connect((host, port))
        print ("open :" + str(port))
        s.close()
    except:
        pass

for port in range(10000):
    scan("127.0.0.1", port)

Cum aveai tu codul functia 'scan' doar definea un socket, 'try/pass' facea parte din programul principal, nu din functie.

 

Ca proof-of-concept (PoC) este in regula, dar in practica asta ar scana foarte incet pentru ca astepti fiecare port in parte sa raspunda sau ca perioada de timeout sa expire. Pentru un scanner agresiv poti sa reduci perioada de timeout si sa introduci mai multe thread-uri.

 

Ai aici niste cod scris la furie care face o scanare agresiva la toate 65K porturi TCP. Nu stiu daca mai merge sau daca am facut modificari care l-au stricat, dar este suficient cat sa iti faci o idee. Este un cod destul de jegos si sunt sigur ca unii o sa-si puna mainile in cap, dar ar trebui sa-ti dea o idee despre chestia cu thread-urile/timeout-ul pe sockets, etc. Daca cineva are sugestii la cum ar putea sa fie imbunatatit sunt numai urechi. :)


#!/usr/bin/python

import sys
from multiprocessing import Pool
from multiprocessing import freeze_support

from modules import rs_inf

##########
#  MAIN  #
##########
# this is only temporary
# the purpose is to allow the development version to be used in production
if len(sys.argv) == 1:
    scope_file = 'scope.txt'
else:
    scope_file = sys.argv[1]

# read scope file and create targets array
scope = open(scope_file, 'r')
targets = []
for i in scope.readlines():
    # host = i.split(':')[0]
    # port = int(i.split(':')[1].rstrip())
    targets.append(i.rstrip())

print targets

pool = Pool(processes=200)
results = pool.map(rs_inf.tcp_scan, rs_inf.tcp_scope_generator(targets))
pool.close()
pool.join()

open_ports = []
for i in results:
   if i:
      if i[1] not in open_ports:
         open_ports.append(i[1])

print "\nConevnient Nmap ports flag:"
for i in open_ports:
     sys.stdout.write(str(i) + ',')

Si aici modulul rs_inf:


import socket
from random import shuffle

from modules import rs_ssl


def tcp_scope_generator(targets_array, start_range=1, end_range=65536):
    tcp_scope = []
    for i in targets_array:
        for j in range(start_range, end_range):
            tcp_scope.append((i, j))
    shuffle(tcp_scope)
    return tcp_scope

def tcp_scan((host, port)):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(1)
    if s.connect_ex((host, port)) == 0:
        print host + " - " + str(port)
        s.close()

        # # if the port is open check if SSL is supported
        # if rs_ssl.ssl_verify((host, port)):
        #     # if SSL is supported enumerate
        #     rs_ssl.ssl_enumerate((host, port))
        # else:
        #     print host + ":" + str(port) + " --- SSL not supported"

        return (host, port)
    s.close()

ms mult frate :D

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×