Jump to content
Best_Andre

Putin Ajutor ?

By Best_Andre, in Programare

Recommended Posts

Best_Andre Newbie

Best_Andre

Posted
Posted

Buna sunt andrei sunt nou in aceasta comunitate , sunt un skiddie I kw dar totus nu inteleg unde am gresit in acest cod ?

#!/usr/bin/python

import socket

def scan(host,port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
       s.connect((host,port))
       print ("open :"+str(port))
       s.close()
except:
        pass
    
for port in range(1024):
    scan("192.168.0.1",port)

putin ajutor va rog ?

Link to comment
Share on other sites
theeternalwanderer Newbie

theeternalwanderer

Posted
Posted (edited)

It lipseste un alineat/indent: 

#!/usr/bin/python
import socket


def scan(host, port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    try:
        s.connect((host, port))
        print ("open :" + str(port))
        s.close()
    except:
        pass

for port in range(10000):
    scan("127.0.0.1", port)

Cum aveai tu codul functia 'scan' doar definea un socket, 'try/pass' facea parte din programul principal, nu din functie.

 

Ca proof-of-concept (PoC) este in regula, dar in practica asta ar scana foarte incet pentru ca astepti fiecare port in parte sa raspunda sau ca perioada de timeout sa expire. Pentru un scanner agresiv poti sa reduci perioada de timeout si sa introduci mai multe thread-uri.

 

Ai aici niste cod scris la furie care face o scanare agresiva la toate 65K porturi TCP. Nu stiu daca mai merge sau daca am facut modificari care l-au stricat, dar este suficient cat sa iti faci o idee. Este un cod destul de jegos si sunt sigur ca unii o sa-si puna mainile in cap, dar ar trebui sa-ti dea o idee despre chestia cu thread-urile/timeout-ul pe sockets, etc. Daca cineva are sugestii la cum ar putea sa fie imbunatatit sunt numai urechi. :)

#!/usr/bin/python

import sys
from multiprocessing import Pool
from multiprocessing import freeze_support

from modules import rs_inf

##########
#  MAIN  #
##########
# this is only temporary
# the purpose is to allow the development version to be used in production
if len(sys.argv) == 1:
    scope_file = 'scope.txt'
else:
    scope_file = sys.argv[1]

# read scope file and create targets array
scope = open(scope_file, 'r')
targets = []
for i in scope.readlines():
    # host = i.split(':')[0]
    # port = int(i.split(':')[1].rstrip())
    targets.append(i.rstrip())

print targets

pool = Pool(processes=200)
results = pool.map(rs_inf.tcp_scan, rs_inf.tcp_scope_generator(targets))
pool.close()
pool.join()

open_ports = []
for i in results:
   if i:
      if i[1] not in open_ports:
         open_ports.append(i[1])

print "\nConevnient Nmap ports flag:"
for i in open_ports:
     sys.stdout.write(str(i) + ',')

Si aici modulul rs_inf: 

import socket
from random import shuffle

from modules import rs_ssl


def tcp_scope_generator(targets_array, start_range=1, end_range=65536):
    tcp_scope = []
    for i in targets_array:
        for j in range(start_range, end_range):
            tcp_scope.append((i, j))
    shuffle(tcp_scope)
    return tcp_scope

def tcp_scan((host, port)):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(1)
    if s.connect_ex((host, port)) == 0:
        print host + " - " + str(port)
        s.close()

        # # if the port is open check if SSL is supported
        # if rs_ssl.ssl_verify((host, port)):
        #     # if SSL is supported enumerate
        #     rs_ssl.ssl_enumerate((host, port))
        # else:
        #     print host + ":" + str(port) + " --- SSL not supported"

        return (host, port)
    s.close()
Edited by theeternalwanderer
  • Thanks 1
Link to comment
Share on other sites
Best_Andre Newbie

Best_Andre

Posted
  • Author
Posted
21 minutes ago, theeternalwanderer said:

It lipseste un alineat/indent: 


#!/usr/bin/python
import socket


def scan(host, port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    try:
        s.connect((host, port))
        print ("open :" + str(port))
        s.close()
    except:
        pass

for port in range(10000):
    scan("127.0.0.1", port)

Cum aveai tu codul functia 'scan' doar definea un socket, 'try/pass' facea parte din programul principal, nu din functie.

 

Ca proof-of-concept (PoC) este in regula, dar in practica asta ar scana foarte incet pentru ca astepti fiecare port in parte sa raspunda sau ca perioada de timeout sa expire. Pentru un scanner agresiv poti sa reduci perioada de timeout si sa introduci mai multe thread-uri.

 

Ai aici niste cod scris la furie care face o scanare agresiva la toate 65K porturi TCP. Nu stiu daca mai merge sau daca am facut modificari care l-au stricat, dar este suficient cat sa iti faci o idee. Este un cod destul de jegos si sunt sigur ca unii o sa-si puna mainile in cap, dar ar trebui sa-ti dea o idee despre chestia cu thread-urile/timeout-ul pe sockets, etc. Daca cineva are sugestii la cum ar putea sa fie imbunatatit sunt numai urechi. :)


#!/usr/bin/python

import sys
from multiprocessing import Pool
from multiprocessing import freeze_support

from modules import rs_inf

##########
#  MAIN  #
##########
# this is only temporary
# the purpose is to allow the development version to be used in production
if len(sys.argv) == 1:
    scope_file = 'scope.txt'
else:
    scope_file = sys.argv[1]

# read scope file and create targets array
scope = open(scope_file, 'r')
targets = []
for i in scope.readlines():
    # host = i.split(':')[0]
    # port = int(i.split(':')[1].rstrip())
    targets.append(i.rstrip())

print targets

pool = Pool(processes=200)
results = pool.map(rs_inf.tcp_scan, rs_inf.tcp_scope_generator(targets))
pool.close()
pool.join()

open_ports = []
for i in results:
   if i:
      if i[1] not in open_ports:
         open_ports.append(i[1])

print "\nConevnient Nmap ports flag:"
for i in open_ports:
     sys.stdout.write(str(i) + ',')

Si aici modulul rs_inf: 


import socket
from random import shuffle

from modules import rs_ssl


def tcp_scope_generator(targets_array, start_range=1, end_range=65536):
    tcp_scope = []
    for i in targets_array:
        for j in range(start_range, end_range):
            tcp_scope.append((i, j))
    shuffle(tcp_scope)
    return tcp_scope

def tcp_scan((host, port)):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(1)
    if s.connect_ex((host, port)) == 0:
        print host + " - " + str(port)
        s.close()

        # # if the port is open check if SSL is supported
        # if rs_ssl.ssl_verify((host, port)):
        #     # if SSL is supported enumerate
        #     rs_ssl.ssl_enumerate((host, port))
        # else:
        #     print host + ":" + str(port) + " --- SSL not supported"

        return (host, port)
    s.close()

ms mult frate :D

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...