A-A+

socket python3 主机开放端口的多线程扫描脚本

2019年11月26日 15:31 学习笔记 暂无评论 阅读 45 views 次

【注意:此文章为博主原创文章!转载需注意,请带原文链接,至少也要是txt格式!】

代码是我在网上看到,然后经过自己简单加工,准确的说不是我原创,属于修改。python3下可以使用,下面是源码,

有的朋友可能说,我没Py环境,那我这边也有一个打包好的,直接是exe可以运行的。

使用命令是(如果你把文件保存位scan.py):

scan.py  -i 192.168.1.100 -p 1-65535 -t 50    扫描主机 端口1到65535 50个线程

或者:

scan.py  -i 192.168.1.100 -p 50 -t 50   扫描常用的50个端口

或者:

scan.py  -i 192.168.1.100 -p 100 -t 50     扫描常用的100个端口

 

windows 下可以直接运行我打包好的程序,命令如下。

port_scan.exe  -i 192.168.1.100 -p 1-65535 -t 50

 

个人测试 从1到65535需要大概 13分钟左右  50个线程的话。放个windows下的图吧

socket python3多次线程主机端口扫描脚本

socket python3多次线程主机端口扫描脚本

 

#!/usr/bin/env python3
# -*-coding:utf-8-*-

import time, sys
import socket
import queue
import threading
import re
import base64

PROBES = [
    b'\r\n\r\n',
    b'GET / HTTP/1.0\r\n\r\n',
    b'GET / \r\n\r\n',
    b'\x01\x00\x00\x00\x01\x00\x00\x00\x08\x08',
    b'\x80\0\0\x28\x72\xFE\x1D\x13\0\0\0\0\0\0\0\x02\0\x01\x86\xA0\0\x01\x97\x7C\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0',
    b'\x03\0\0\x0b\x06\xe0\0\0\0\0\0',
    b'\0\0\0\xa4\xff\x53\x4d\x42\x72\0\0\0\0\x08\x01\x40\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x40\x06\0\0\x01\0\0\x81\0\x02PC NETWORK PROGRAM 1.0\0\x02MICROSOFT NETWORKS 1.03\0\x02MICROSOFT NETWORKS 3.0\0\x02LANMAN1.0\0\x02LM1.2X002\0\x02Samba\0\x02NT LANMAN 1.0\0\x02NT LM 0.12\0',
    b'\x80\x9e\x01\x03\x01\x00u\x00\x00\x00 \x00\x00f\x00\x00e\x00\x00d\x00\x00c\x00\x00b\x00\x00:\x00\x009\x00\x008\x00\x005\x00\x004\x00\x003\x00\x002\x00\x00/\x00\x00\x1b\x00\x00\x1a\x00\x00\x19\x00\x00\x18\x00\x00\x17\x00\x00\x16\x00\x00\x15\x00\x00\x14\x00\x00\x13\x00\x00\x12\x00\x00\x11\x00\x00\n\x00\x00\t\x00\x00\x08\x00\x00\x06\x00\x00\x05\x00\x00\x04\x00\x00\x03\x07\x00\xc0\x06\x00@\x04\x00\x80\x03\x00\x80\x02\x00\x80\x01\x00\x80\x00\x00\x02\x00\x00\x01\xe4i<+\xf6\xd6\x9b\xbb\xd3\x81\x9f\xbf\x15\xc1@\xa5o\x14,M \xc4\xc7\xe0\xb6\xb0\xb2\x1f\xf9)\xe8\x98',
    b'\x16\x03\0\0S\x01\0\0O\x03\0?G\xd7\xf7\xba,\xee\xea\xb2`~\xf3\0\xfd\x82{\xb9\xd5\x96\xc8w\x9b\xe6\xc4\xdb<=\xdbo\xef\x10n\0\0(\0\x16\0\x13\0\x0a\0f\0\x05\0\x04\0e\0d\0c\0b\0a\0`\0\x15\0\x12\0\x09\0\x14\0\x11\0\x08\0\x06\0\x03\x01\0',
    b'< NTP/1.2 >\n',
    b'< NTP/1.1 >\n',
    b'< NTP/1.0 >\n',
    b'\0Z\0\0\x01\0\0\0\x016\x01,\0\0\x08\0\x7F\xFF\x7F\x08\0\0\0\x01\0 \0:\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\04\xE6\0\0\0\x01\0\0\0\0\0\0\0\0(CONNECT_DATA=(COMMAND=version))',
    b'\x12\x01\x00\x34\x00\x00\x00\x00\x00\x00\x15\x00\x06\x01\x00\x1b\x00\x01\x02\x00\x1c\x00\x0c\x03\x00\x28\x00\x04\xff\x08\x00\x01\x55\x00\x00\x00\x4d\x53\x53\x51\x4c\x53\x65\x72\x76\x65\x72\x00\x48\x0f\x00\x00',
    b'\0\0\0\0\x44\x42\x32\x44\x41\x53\x20\x20\x20\x20\x20\x20\x01\x04\0\0\0\x10\x39\x7a\0\x01\0\0\0\0\0\0\0\0\0\0\x01\x0c\0\0\0\0\0\0\x0c\0\0\0\x0c\0\0\0\x04',
    b'\x01\xc2\0\0\0\x04\0\0\xb6\x01\0\0\x53\x51\x4c\x44\x42\x32\x52\x41\0\x01\0\0\x04\x01\x01\0\x05\0\x1d\0\x88\0\0\0\x01\0\0\x80\0\0\0\x01\x09\0\0\0\x01\0\0\x40\0\0\0\x01\x09\0\0\0\x01\0\0\x40\0\0\0\x01\x08\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x01\0\0\x40\0\0\0\x40\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x02\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\0\0\0\0\x01\0\0\x40\0\0\0\0\x04\0\0\0\x04\0\0\x80\0\0\0\x01\x04\0\0\0\x04\0\0\x80\0\0\0\x01\x04\0\0\0\x03\0\0\x80\0\0\0\x01\x04\0\0\0\x04\0\0\x80\0\0\0\x01\x08\0\0\0\x01\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x10\0\0\0\x01\0\0\x80\0\0\0\x01\x10\0\0\0\x01\0\0\x80\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x09\0\0\0\x01\0\0\x40\0\0\0\x01\x09\0\0\0\x01\0\0\x80\0\0\0\x01\x04\0\0\0\x03\0\0\x80\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\x01\x04\0\0\x01\0\0\x80\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01\0\0\x40\0\0\0\x01\0\0\0\0\x01\0\0\x40\0\0\0\0\x20\x20\x20\x20\x20\x20\x20\x20\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01\0\xff\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\xe4\x04\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x7f',
    b'\x41\0\0\0\x3a\x30\0\0\xff\xff\xff\xff\xd4\x07\0\0\0\0\0\0test.$cmd\0\0\0\0\0\xff\xff\xff\xff\x1b\0\0\0\x01serverStatus\0\0\0\0\0\0\0\xf0\x3f\0'
]

SIGNS = [
    'http|^HTTP.*',
    'ssh|SSH-2.0-OpenSSH.*',
    'ssh|SSH-1.0-OpenSSH.*',
    'netbios|^\x79\x08.*BROWSE',
    'netbios|^\x79\x08.\x00\x00\x00\x00',
    'netbios|^\x05\x00\x0d\x03',
    'netbios|^\x83\x00',
    'netbios|^\x82\x00\x00\x00',
    'netbios|\x83\x00\x00\x01\x8f',
    'backdoor-fxsvc|^500 Not Loged in',
    'backdoor-shell|GET: command',
    'backdoor-shell|sh: GET:',
    'bachdoor-shell|[a-z]*sh: .* command not found',
    'backdoor-shell|^bash[$#]',
    'backdoor-shell|^sh[$#]',
    'backdoor-cmdshell|^Microsoft Windows .* Copyright .*>',
    'db2|.*SQLDB2RA',
    'db2jds|^N\x00',
    'dell-openmanage|^\x4e\x00\x0d',
    'finger|^\r\n        Line          User',
    'finger|Line         User',
    'finger|Login name: ',
    'finger|Login.*Name.*TTY.*Idle',
    'finger|^No one logged on',
    'finger|^\r\nWelcome',
    'finger|^finger:',
    'finger|^must provide username',
    'finger|finger: GET: ',
    'ftp|^220.*\n331',
    'ftp|^220.*\n530',
    'ftp|^220.*FTP',
    'ftp|^220 .* Microsoft .* FTP',
    'ftp|^220 Inactivity timer',
    'ftp|^220 .* UserGate',
    'http|HTTP/0.',
    'http|HTTP/1.',
    'http|.*',
    'http|.*',
    'http|.*',
    'http|Bad Request .Invalid URL.',
    'http-jserv|^HTTP/.*Cookie.*JServSessionId',
    'http-tomcat|^HTTP/.*Cookie.*JSESSIONID',
    'http-weblogic|^HTTP/.*Cookie.*WebLogicSession',
    'http-vnc|^HTTP/.*VNC desktop',
    'http-vnc|^HTTP/.*RealVNC/',
    'ldap|^\x30\x0c\x02\x01\x01\x61',
    'ldap|^\x30\x32\x02\x01',
    'ldap|^\x30\x33\x02\x01',
    'ldap|^\x30\x38\x02\x01',
    'ldap|^\x30\x84',
    'ldap|^\x30\x45',
    'smb|^\0\0\0.\xffSMBr\0\0\0\0.*',
    'msrdp|^\x03\x00\x00\x0b',
    'msrdp|^\x03\x00\x00\x11',
    'msrdp|^\x03\0\0\x0b\x06\xd0\0\0\x12.\0$',
    'msrdp|^\x03\0\0\x17\x08\x02\0\0Z~\0\x0b\x05\x05@\x06\0\x08\x91J\0\x02X$',
    'msrdp|^\x03\0\0\x11\x08\x02..}\x08\x03\0\0\xdf\x14\x01\x01$',
    'msrdp|^\x03\0\0\x0b\x06\xd0\0\0\x03.\0$',
    'msrdp|^\x03\0\0\x0b\x06\xd0\0\0\0\0\0',
    'msrdp|^\x03\0\0\x0e\t\xd0\0\0\0[\x02\xa1]\0\xc0\x01\n$',
    'msrdp|^\x03\0\0\x0b\x06\xd0\0\x004\x12\0',
    'msrdp-proxy|^nmproxy: Procotol byte is not 8\n$',
    'msrpc|^\x05\x00\x0d\x03\x10\x00\x00\x00\x18\x00\x00\x00\x00\x00',
    'msrpc|\x05\0\r\x03\x10\0\0\0\x18\0\0\0....\x04\0\x01\x05\0\0\0\0$',
    'mssql|^\x04\x01\0C..\0\0\xaa\0\0\0/\x0f\xa2\x01\x0e.*',
    'mssql|^\x05\x6e\x00',
    'mssql|^\x04\x01\x00\x25\x00\x00\x01\x00\x00\x00\x15.*',
    'mssql|^\x04\x01\x00.\x00\x00\x01\x00\x00\x00\x15.*',
    'mssql|^\x04\x01\x00\x25\x00\x00\x01\x00\x00\x00\x15.*',
    'mssql|^\x04\x01\x00.\x00\x00\x01\x00\x00\x00\x15.*',
    'mssql|^\x04\x01\0\x25\0\0\x01\0\0\0\x15\0\x06\x01.*',
    'mssql|^\x04\x01\x00\x25\x00\x00\x01.*',
    'telnet|^xff\xfb\x01\xff\xfb\x03\xff\xfb\0\xff\xfd.*',
    'mssql|;MSSQLSERVER;',
    'mysql|^\x19\x00\x00\x00\x0a',
    'mysql|^\x2c\x00\x00\x00\x0a',
    'mysql|hhost \'',
    'mysql|khost \'',
    'mysql|mysqladmin',
    'mysql|whost \'',
    'mysql-blocked|^\(\x00\x00',
    'mysql-secured|this MySQL',
    'mongodb|^.*version.....([\.\d]+)',
    'nagiosd|Sorry, you \(.*are not among the allowed hosts...',
    'nessus|< NTP 1.2 >\x0aUser:',
    'oracle-tns-listener|\(ERROR_STACK=\(ERROR=\(CODE=',
    'oracle-tns-listener|\(ADDRESS=\(PROTOCOL=',
    'oracle-dbsnmp|^\x00\x0c\x00\x00\x04\x00\x00\x00\x00',
    'oracle-https|^220- ora',
    'oracle-rmi|\x00\x00\x00\x76\x49\x6e\x76\x61',
    'oracle-rmi|^\x4e\x00\x09',
    'postgres|Invalid packet length',
    'postgres|^EFATAL',
    'rlogin|login: ',
    'rlogin|rlogind: ',
    'rlogin|^\x01\x50\x65\x72\x6d\x69\x73\x73\x69\x6f\x6e\x20\x64\x65\x6e\x69\x65\x64\x2e\x0a',
    'rpc-nfs|^\x02\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x00',
    'rpc|\x01\x86\xa0',
    'rpc|\x03\x9b\x65\x42\x00\x00\x00\x01',
    'rpc|^\x80\x00\x00',
    'rsync|^@RSYNCD:.*',
    'smux|^\x41\x01\x02\x00',
    'snmp-public|\x70\x75\x62\x6c\x69\x63\xa2',
    'snmp|\x41\x01\x02',
    'socks|^\x05[\x00-\x08]\x00',
    'ssh|^SSH-',
    'ssh|^SSH-.*openssh',
    'ssl|^..\x04\0.\0\x02',
    'ssl|^\x16\x03\x01..\x02...\x03\x01',
    'ssl|^\x16\x03\0..\x02...\x03\0',
    'ssl|SSL.*GET_CLIENT_HELLO',
    'ssl|-ERR .*tls_start_servertls',
    'ssl|^\x16\x03\0\0J\x02\0\0F\x03\0',
    'ssl|^\x16\x03\0..\x02\0\0F\x03\0',
    'ssl|^\x15\x03\0\0\x02\x02\.*',
    'ssl|^\x16\x03\x01..\x02...\x03\x01',
    'ssl|^\x16\x03\0..\x02...\x03\0',
    'sybase|^\x04\x01\x00',
    'telnet|^\xff\xfd',
    'telnet|Telnet is disabled now',
    'telnet|^\xff\xfe',
    'tftp|^\x00[\x03\x05]\x00',
    'http-tomcat|.*Servlet-Engine',
    'uucp|^login: password: ',
    'vnc|^RFB.*',
    'webmin|.*MiniServ',
    'webmin|^0\.0\.0\.0:.*:[0-9]',
    'websphere-javaw|^\x15\x00\x00\x00\x02\x02\x0a']


class PortScaner:

    class PortScan(threading.Thread):
        def __init__(self, port_queue, ip, timeout=3):
            '''
            初始化参数
            '''
            threading.Thread.__init__(self)
            self.__port_queue = port_queue
            self.__ip = ip
            self.__timeout = timeout
            self.signs = PortScaner.prepsigns()

        def run(self):
            '''
            多线程实际调用的方法,如果端口队列不为空,循环执行
            '''
            while True:
                if self.__port_queue.empty():
                    break
                service = ''
                OPEN_MSG = "{:6d} [OPEN] Banner:{}\n"
                port = self.__port_queue.get(timeout=0.5)
                ip = self.__ip
                timeout = self.__timeout
                s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                s.settimeout(timeout)

                try:
                    s.connect((ip, port))  # 开放放回0
                except Exception as e:
                    s.close()
                    continue
                try:
                    banner = s.recv(1024)  # 阻塞函数
                    service = PortScaner.matchbanner(banner, self.signs)
                    # print(OPEN_MSG % port) # print不适合多线程
                    ###sys.stdout.write(OPEN_MSG.format(port, banner))
                    # result_list.append(port)
                    # else:
                    #     sys.stdout.write("% 6d [CLOSED]\n" % port)
                except Exception as e:
                    s.close()
                    for probe in PROBES:
                        try:
                            s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                            s.settimeout(timeout)
                            s.connect_ex((ip, port))
                        except:
                            continue
                        try:
                            s.sendall(probe)
                            result = s.recv(256)
                            service = PortScaner.matchbanner(result, self.signs)
                            if service:
                                break
                        except Exception as e:
                            # print(e)
                            continue
                        finally:
                            s.close()
                    # print(e)
                sys.stdout.write(OPEN_MSG.format(port, service))
                # finally:
                #     if service!='Unknown':
                #         sys.stdout.write(OPEN_MSG.format(port, service))
                #     s.close()

    def get_port_lists(self, top=None, start_port=1, end_port=65535):
        '''
        获取扫描的端口list,top == None, start_port和end_port有效,top取值为50,100,1000分为为前top端口,当top == None时,并且端口号无效返回[1-65535]
        '''
        top50_list = [21, 22, 25, 53, 80, 110, 113, 135, 139, 143, 179, 199, 443, 445, 465, 514, 548, 554, 587, 646,
                      993, 995, 1025, 1026, 1433, 1720, 1723, 2000, 3306, 3389, 5060, 5666, 5900, 6001, 8000, 8008,
                      8080, 8443, 8888, 10000, 32768, 49152, 49154]
        top100_list = [7, 9, 13, 21, 22, 25, 37, 53, 79, 80, 88, 106, 110, 113, 119, 135, 139, 143, 179, 199, 389, 427,
                       443, 444, 465, 513, 514, 543, 548, 554, 587, 631, 646, 873, 990, 993, 995, 1025, 1026, 1027,
                       1028, 1110, 1433, 1720, 1723, 1755, 1900, 2000, 2049, 2121, 2717, 3000, 3128, 3306, 3389, 3986,
                       4899, 5000, 5009, 5051, 5060, 5101, 5190, 5357, 5432, 5631, 5666, 5800, 5900, 6000, 6646, 7070,
                       8000, 8008, 8080, 8443, 8888, 9100, 9999, 32768, 49152, 49153, 49154, 49155, 49156]
        top1000_list = [1, 3, 6, 9, 13, 17, 19, 20, 21, 22, 23, 24, 25, 30, 32, 37, 42, 49, 53, 70, 79, 80, 81, 82, 83,
                        84, 88, 89, 99, 106, 109, 110, 113, 119, 125, 135, 139, 143, 146, 161, 163, 179, 199, 211, 222,
                        254, 255, 259, 264, 280, 301, 306, 311, 340, 366, 389, 406, 416, 425, 427, 443, 444, 458, 464,
                        481, 497, 500, 512, 513, 514, 524, 541, 543, 544, 548, 554, 563, 587, 593, 616, 625, 631, 636,
                        646, 648, 666, 667, 683, 687, 691, 700, 705, 711, 714, 720, 722, 726, 749, 765, 777, 783, 787,
                        800, 808, 843, 873, 880, 888, 898, 900, 901, 902, 911, 981, 987, 990, 992, 995, 999, 1000, 1001,
                        1007, 1009, 1010, 1021, 1022, 1023, 1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1032, 1033,
                        1034, 1035, 1036, 1037, 1038, 1039, 1040, 1041, 1042, 1043, 1044, 1045, 1046, 1047, 1048, 1049,
                        1050, 1051, 1052, 1053, 1054, 1055, 1056, 1057, 1058, 1059, 1060, 1061, 1062, 1063, 1064, 1065,
                        1066, 1067, 1068, 1069, 1070, 1071, 1072, 1073, 1074, 1075, 1076, 1077, 1078, 1079, 1080, 1081,
                        1082, 1083, 1084, 1085, 1086, 1087, 1088, 1089, 1090, 1091, 1092, 1093, 1094, 1095, 1096, 1097,
                        1098, 1099, 1102, 1104, 1105, 1106, 1107, 1110, 1111, 1112, 1113, 1117, 1119, 1121, 1122, 1123,
                        1126, 1130, 1131, 1137, 1141, 1145, 1147, 1148, 1151, 1154, 1163, 1164, 1165, 1169, 1174, 1183,
                        1185, 1186, 1192, 1198, 1201, 1213, 1216, 1217, 1233, 1236, 1244, 1247, 1259, 1271, 1277, 1287,
                        1296, 1300, 1309, 1310, 1322, 1328, 1334, 1352, 1417, 1433, 1443, 1455, 1461, 1494, 1500, 1503,
                        1521, 1524, 1533, 1556, 1580, 1583, 1594, 1600, 1641, 1658, 1666, 1687, 1700, 1717, 1718, 1719,
                        1720, 1723, 1755, 1761, 1782, 1801, 1805, 1812, 1839, 1862, 1863, 1875, 1900, 1914, 1935, 1947,
                        1971, 1974, 1984, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2013,
                        2020, 2021, 2030, 2033, 2034, 2038, 2040, 2041, 2042, 2045, 2046, 2047, 2048, 2065, 2068, 2099,
                        2103, 2105, 2106, 2111, 2119, 2121, 2126, 2135, 2144, 2160, 2170, 2179, 2190, 2196, 2200, 2222,
                        2251, 2260, 2288, 2301, 2323, 2366, 2381, 2382, 2393, 2399, 2401, 2492, 2500, 2522, 2525, 2557,
                        2601, 2604, 2607, 2638, 2701, 2710, 2717, 2725, 2800, 2809, 2811, 2869, 2875, 2909, 2920, 2967,
                        2998, 3000, 3003, 3005, 3006, 3011, 3013, 3017, 3030, 3052, 3071, 3077, 3128, 3168, 3211, 3221,
                        3260, 3268, 3283, 3300, 3306, 3322, 3323, 3324, 3333, 3351, 3367, 3369, 3370, 3371, 3389, 3404,
                        3476, 3493, 3517, 3527, 3546, 3551, 3580, 3659, 3689, 3703, 3737, 3766, 3784, 3800, 3809, 3814,
                        3826, 3827, 3851, 3869, 3871, 3878, 3880, 3889, 3905, 3914, 3918, 3920, 3945, 3971, 3986, 3995,
                        3998, 4000, 4001, 4002, 4003, 4004, 4005, 4045, 4111, 4125, 4129, 4224, 4242, 4279, 4321, 4343,
                        4443, 4444, 4445, 4449, 4550, 4567, 4662, 4848, 4899, 4998, 5000, 5001, 5002, 5003, 5009, 5030,
                        5033, 5050, 5054, 5060, 5080, 5087, 5100, 5101, 5120, 5190, 5200, 5214, 5221, 5225, 5269, 5280,
                        5298, 5357, 5405, 5414, 5431, 5440, 5500, 5510, 5544, 5550, 5555, 5560, 5566, 5631, 5633, 5666,
                        5678, 5718, 5730, 5800, 5801, 5810, 5815, 5822, 5825, 5850, 5859, 5862, 5877, 5900, 5901, 5902,
                        5903, 5906, 5910, 5915, 5922, 5925, 5950, 5952, 5959, 5960, 5961, 5962, 5987, 5988, 5998, 5999,
                        6000, 6001, 6002, 6003, 6004, 6005, 6006, 6009, 6025, 6059, 6100, 6106, 6112, 6123, 6129, 6156,
                        6346, 6389, 6502, 6510, 6543, 6547, 6565, 6566, 6580, 6646, 6666, 6667, 6668, 6689, 6692, 6699,
                        6779, 6788, 6792, 6839, 6881, 6901, 6969, 7000, 7001, 7004, 7007, 7019, 7025, 7070, 7100, 7103,
                        7106, 7200, 7402, 7435, 7443, 7496, 7512, 7625, 7627, 7676, 7741, 7777, 7800, 7911, 7920, 7937,
                        7999, 8000, 8001, 8007, 8008, 8009, 8010, 8021, 8031, 8042, 8045, 8080, 8081, 8082, 8083, 8084,
                        8085, 8086, 8087, 8088, 8089, 8093, 8099, 8180, 8192, 8193, 8200, 8222, 8254, 8290, 8291, 8300,
                        8333, 8383, 8400, 8402, 8443, 8500, 8600, 8649, 8651, 8654, 8701, 8800, 8873, 8888, 8899, 8994,
                        9000, 9001, 9002, 9009, 9010, 9040, 9050, 9071, 9080, 9090, 9099, 9100, 9101, 9102, 9110, 9200,
                        9207, 9220, 9290, 9415, 9418, 9485, 9500, 9502, 9535, 9575, 9593, 9594, 9618, 9666, 9876, 9877,
                        9898, 9900, 9917, 9929, 9943, 9968, 9998, 9999, 10000, 10001, 10002, 10003, 10009, 10012, 10024,
                        10082, 10180, 10215, 10243, 10566, 10616, 10621, 10626, 10628, 10778, 11110, 11967, 12000,
                        12174, 12265, 12345, 13456, 13722, 13782, 14000, 14238, 14441, 15000, 15002, 15003, 15660,
                        15742, 16000, 16012, 16016, 16018, 16080, 16113, 16992, 17877, 17988, 18040, 18101, 18988,
                        19101, 19283, 19315, 19350, 19780, 19801, 19842, 20000, 20005, 20031, 20221, 20828, 21571,
                        22939, 23502, 24444, 24800, 25734, 26214, 27000, 27352, 27355, 27715, 28201, 30000, 30718,
                        30951, 31038, 31337, 32768, 32769, 32770, 32771, 32772, 32773, 32774, 32775, 32776, 32777,
                        32778, 32779, 32780, 32781, 32782, 32783, 32784, 33354, 33899, 34571, 34572, 35500, 38292,
                        40193, 40911, 41511, 42510, 44176, 44442, 44501, 45100, 48080, 49152, 49153, 49154, 49155,
                        49156, 49157, 49158, 49159, 49160, 49163, 49165, 49167, 49175, 49400, 49999, 50000, 50001,
                        50002, 50006, 50300, 50389, 50500, 50636, 50800, 51103, 51493, 52673, 52822, 52848, 52869,
                        54045, 54328, 55055, 55555, 55600, 56737, 57294, 57797, 58080, 60020, 60443, 61532, 61900,
                        62078, 63331, 64623, 64680, 65000, 65129, 65389]

        if (top != None):
            if (top == '50'):
                return top50_list
            elif (top == '100'):
                return top100_list
            else:
                return top1000_list
        else:
            if start_port >= 1 and end_port <= 65535 and start_port <= end_port:
                return list(range(start_port, end_port + 1))
            else:
                return list(range(1, 65535 + 1))

    def get_ip_by_name(self, domain):
        '''
        提供域名转ip的功能,利用socket.gethostbyname,返回str
        '''
        domain = (domain.replace("http://", "")).replace("https://", "")  # py3
        print(domain)
        try:
            return socket.gethostbyname(domain)
        except Exception as e:
            print("%s:%s" % (domain, e))

    @staticmethod
    def prepsigns():
        signlist = []
        for item in SIGNS:
            # print item
            (label, pattern) = item.split('|', 2)
            sign = (label, pattern)
            signlist.append(sign)
        return signlist

    @staticmethod
    def matchbanner(banner, slist):
        for item in slist:
            p = re.compile(item[1])
            if p.search(str(banner)) != None:
                return item[0]
        return str(banner)

    def split(self, args):
        port_temp = args.split("-")
        start_port = int(port_temp[0])
        end_port = int(port_temp[1])
        return int(start_port), int(end_port)

    def banber(self):
        logo = '''
 ____            _   ____
|  _ \ ___  _ __| |_/ ___|  ___ __ _ _ __   ___ _ __
| |_) / _ \| '__| __\___ \ / __/ _` | '_ \ / _ \ '__|
|  __/ (_) | |  | |_ ___) | (_| (_| | | | |  __/ |
|_|   \___/|_|   \__|____/ \___\__,_|_| |_|\___|_|   v4.0
        '''
        return logo

    def help(self):
        help = """
[Usage]
    python portscaner_v3.py -i ip -p [port_scope|top_num] [-t thread_num]
    python portscaner_v3.py -u url -p [port_scope|top_num] [-t thread_num]\n\n[Example]
    python3 portscaner_v3.py -i 127.0.0.1 -p 1000 -t 100
    python3 portscaner_v3.py -u [url]https://www.baidu.com[/url] -p 1-65535

[Value]
    ip              0.0.0.0-255.255.255.255
    top_num         [50|100|1000(default)]
    port_scope      1-65535
    thread_num      [int|10(default)]
        """
        return help


def main():
    start_time = time.time()
    port_scner = PortScaner()
    logo = port_scner.banber()
    # usage = port_scner.usage()
    port_queue = queue.Queue()
    thread_num = 10
    threads = [] 
    top = None  # 取端口top数
    start_port = 0
    end_port = 0
    ip = "127.0.0.1"  # 扫描的ip
    signs = port_scner.prepsigns()

    print(logo)
    args = sys.argv
    if "-h" in args or "--help" in args:
        help = port_scner.help()
        print(help)
        sys.exit(1)
    if len(args) == 7:
        # ['portscaner_v3.py', '-i', 'ip', '-p', '10-100', '-t', 'thread_num']
        if args[1] == "-i" and args[3] == "-p" and args[5] == "-t":
            ip = args[2]
            thread_num = args[6]
            if args[4].find("-") != -1:
                split = port_scner.split(args[4])
                start_port = split[0]
                end_port = split[1]
            else:
                top = args[4]

        elif args[1] == "-u" and args[3] == "-p" and args[5] == "-t":
            ip = port_scner.get_ip_by_name(args[2])
            thread_num = args[6]
            if args[4].find("-") != -1:
                split = port_scner.split(args[4])
                start_port = split[0]
                end_port = split[1]
            else:
                top = args[4]
        else:
            sys.exit(1)
    elif len(args) == 5:  # thread_num default 10
        if args[1] == "-i" and args[3] == "-p":
            ip = args[2]
            if args[4].find("-") != -1:
                split = port_scner.split(args[4])
                start_port = split[0]
                end_port = split[1]
            else:
                top = args[4]
        elif args[1] == "-u" and args[3] == "-p":
            ip = port_scner.get_ip_by_name(args[2])
            if args[4].find("-") != -1:
                split = port_scner.split(args[4])
                start_port = split[0]
                end_port = split[1]
            else:
                top = args[4]
        else:
            sys.exit(1)
    else:
        help = port_scner.help()
        print(help)
        sys.exit(1)
    # print("ip:%s,top:%s,start_port:%s,end_port:%s,thread_num:%s"%(ip,type(top),type(start_port),type(end_port),type(thread_num)))

    if top != None:
        port_list = port_scner.get_port_lists(top=top)
    else:
        port_list = port_scner.get_port_lists(start_port=start_port, end_port=end_port)

    for port in port_list:
        port_queue.put(port)

    for t in range(int(thread_num)):
        threads.append(port_scner.PortScan(port_queue, ip, timeout=3))

    print("[RESULT]\n")
    for thread in threads:
        thread.start()
    for thread in threads:
        thread.join()
    end_time = time.time()
    print("[end time] %3ss" % (end_time - start_time,))


if __name__ == '__main__':
    main()

已经编译好得exe版本,直接可以在windows中运行的下载地址:
如果程序报错,提示缺少api-ms-win-crt-process-l1-1-0.dll 等问题 解决方法:https://github.com/sysalong/Data-Segmentation-Program 往下拉,有说解决方法,仔细看。我这里就没拷贝里面的话。

链接: https://pan.baidu.com/s/1nVH8TKil9VqW5hz4UruXrA 提取码: degp

布施恩德可便相知重

微信扫一扫打赏

支付宝扫一扫打赏

×

给我留言