-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathscan.py
More file actions
130 lines (95 loc) · 4.51 KB
/
scan.py
File metadata and controls
130 lines (95 loc) · 4.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
import socket
import threading
from scapy.all import *
import argparse
from os import geteuid
class portScan():
def __init__(self,target,sp=1,ep=1000,spoof=0,time=1,dlen=200,flag="S",msg=""):
self.ip = socket.gethostbyname(target)
self.sp = sp
self.ep = ep
self.spoof = spoof
self.time = time
self.dlen = dlen
self.flag = flag
self.msg = msg
self.__stats__()
def __stats__(self):
print(f"{'\033[94m'}\nTarget: {self.ip} Port:{self.sp}-{self.ep} Spoofing:{self.spoof} Timeout:{self.time} Length:{self.dlen} Flag:{self.flag} Msg:{self.msg}\n")
def __connect__(self,port):
self.s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket.setdefaulttimeout(self.time)
if(self.s.connect_ex((self.ip,port)) == 0):
try:
self.s.send(self.msg.encode())
data = self.s.recv(self.dlen)
except:
data = b""
print(f"{'\033[31m'}\r[+] Port {port} {socket.getservbyport(port)}",end="")
print(f" |__ {data}")
def scan(self):
for i in range(self.sp,self.ep+1):
if self.spoof:
self.Spoof(i)
print(f"{'\033[92m'}[°] Scanning Port {i}",end="\r")
self.__connect__(i)
self.s.close()
def Fscan(self):
for i in range(self.sp,self.ep+1):
if self.spoof:
threading.Thread(target=self.Spoof,args=(i,)).start()
print(f"{'\033[92m'}[°] Scanning Port {i}",end="\r")
threading.Thread(target=self.__connect__,args=(i,)).start()
self.s.close()
def Spoof(self,port):
for _ in range(self.spoof):
sendp(Ether(src=str(RandMAC()))/IP(src=str(RandIP()),dst=self.ip,flags="DF")/TCP(sport=int(RandShort()),dport=port,flags=self.flag)/Raw(load=self.msg),verbose=0)
def Cscan(self):
for i in range(self.sp,self.ep+1):
if self.spoof:
self.Spoof(i)
d=srp(Ether()/IP(dst=self.ip,flags="DF")/TCP(sport=int(RandShort()),dport=i,flags=self.flag)/Raw(load=self.msg),verbose=0, timeout=self.time)
try:
if str(d[0][0][1][2].flags) == "SA":
print(f"{'\033[92m'}[???] Port {i} Service:{socket.getservbyport(i)} Response:{str(d[0][0][1][2].flags)}")
else:
print(f"{'\033[31m'}[???] Port {i} Service:{socket.getservbyport(i)} Response:{str(d[0][0][1][2].flags)}")
except:
pass
def main():
parser = argparse.ArgumentParser()
parser.add_argument("-ip", help="Target IP", type=str,default=None)
parser.add_argument("-p", help="Port -p 1,100 or -p 100", type=str, default="1,1000")
parser.add_argument("-F", help="Activate FastScan", dest="F",action='store_true')
parser.add_argument("-S", help="Activate Spoofing -S 10 or -S 100 ...", type=int, default=0)
parser.add_argument("-t", help="Set Timeout", type=float, default=1)
parser.add_argument("-flag", help="Set Flag S,SA,R,F... ", type=str, default="S")
parser.add_argument("-msg", help="Raw Load", type=str, default="")
parser.add_argument("-dlen", help="Receive length", type=int, default=200)
parser.parse_args()
args = parser.parse_args()
if geteuid() != 0 and (args.flag != "S" or args.S > 0) :
print(f"{'\033[33m'}[-] Run as root required")
exit(0)
if len(args.p.split(",")) == 2:
sp = int(args.p.split(",")[0])
ep = int(args.p.split(",")[1])
else:
sp = 1
ep = int(args.p.split(",")[0])
if args.ip == None:
print(f"{'\033[33m'}[-] python3 scan.py -h")
elif args.F == 0 and args.flag == "S":
portScan(args.ip,sp,ep,args.S,args.t,args.dlen,args.flag,args.msg).scan()
elif args.F == 1 and args.flag == "S":
portScan(args.ip,sp,ep,args.S,args.t,args.dlen,args.flag,args.msg).Fscan()
elif args.F == 0 and args.flag != "S":
portScan(args.ip,sp,ep,args.S,args.t,args.dlen,args.flag,args.msg).Cscan()
elif args.F == 1 and args.flag !="S":
portScan(args.ip,sp,ep,args.S,args.t,args.dlen,args.flag,args.msg).Fscan()
else:
print(f"{'\033[33m'}[-] python3 scan.py -h")
try:
main()
except Exception as e:
print(f"[-] {'\033[33m'} {e}")