Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

pscanner.pl

by /dev/null (Chaplain)
on Oct 04, 2002 at 15:08 UTC ( #202756=sourcecode: print w/ replies, xml ) Need Help??

Category: Networking
Author/Contact Info
Description: Determines which TCP ports and services a host may be using by opening a TCP socket connection. Used for determining what services are running on a specific host. I used the RFC port number list to pull service names so you may have to download this list and modify unused lines with a (#) comment to match the regex. I am a Perl N00b so please be easy on me. Format for the rfc list looks like this:

# Keyword         Decimal    Description                     References
#                                   
#                          Jon Postel <postel@isi.edu>
tcpmux            1/tcp    TCP Port Service Multiplexer
tcpmux            1/udp    TCP Port Service Multiplexer
#                          Mark Lottor <MKL@nisc.sri.com>
compressnet       2/tcp    Management Utility
compressnet       2/udp    Management Utility
compressnet       3/tcp    Compression Process
compressnet       3/udp    Compression Process
Feel free to contact me if you'd like a copy.
#!/usr/bin/perl
use IO::Socket;

# ********************************************************************
# pscanner : portscan hosts using a tcp connection through
# IO::Socket module and prepackaged port-numbers RFC list 
#  
# Fri Oct  4 10:50:44 EDT 2002
# ********************************************************************


print "Enter the name of the server you would like to scan\n";
chomp( my $server = <STDIN> );
print "What port would you like to start at\? \(1-65000\)\n";
chomp( my $start = <STDIN> );

## Store portlist in @portlist
open( PORTLIST, "./port-numbers" ) or die "Unable to open portlist: $!
+";
my @portlist = <PORTLIST>;
close(PORTLIST);
chomp(@portlist);

foreach (@portlist) {
    next if $_ =~ /^\#/;
    @whatever = ( split ( /\s+/, ( split (/\//) )[0] ) );
    ( $service, $portnumber ) = ( @whatever[0], @whatever[1] );
    $servicelist{"$portnumber"} = "$service";
}

for ( $portnumber = $start ; $portnumber <= 65000 ; $portnumber++ ) {
    $sock = IO::Socket::INET->new(
        PeerAddr => $server,
        PeerPort => $portnumber,
        Proto    => 'tcp'
    );

    if ($sock) {
        print "Connected on port $portnumber $servicelist{$portnumber}
+\n";
    }
    else {

        #  print "$port failed\n";
    }
}    #  End for


=head1 NAME

pscanner - Scans host on TCP ports and pulls service type from RFC por
+t-numbers list

=head1 DESCRIPTION

Determines which TCP ports and services a host may be using by opening
a TCP socket connection.  Used for determining what services are runni
+ng on a 
specific host.

=head1 PREREQUISITE

IO::Socket module
Pre-packaged RFC port numbers list

=head1 COREQUISITE

None

=head1 README

Determines which TCP ports and services a host may be using by opening
a TCP socket connection.  Used for determining what services are runni
+ng on a 
specific host.

=pod OSNAMES

Unix, Linux, Win32


=pod SCRIPT CATEGORIES

Networking

=cut 

Comment on pscanner.pl
Download Code
•Re: pscanner.pl
by merlyn (Sage) on Oct 04, 2002 at 16:18 UTC
      It's called the learning process. Some people like to learn how things can be done without the use of prepackaged utilities. Oh yeah.. that's right, you're "Randal Schwartz", you already "KNOW IT ALL". Why don't you use your superior Perl knowledge for something more productive than flaming Perl newbies for their code.

      {sigh}
      /dev/null

      Update: I withdraw the above statement as I jumped to post while the emotions were running high, but I totally diagree with the warez scriptkiddie statement. This tool can be used by Administrators to track services on a client Once again, this tool was written to track services on a client.
        Addressing only your update:
        This tool can be used by Administrators to track services on a client.
        Yes. "can be". But there are already better tools to do that in a more efficient and effective way, when it's needed.

        It's as if you posted instructions about how to build a lock-picker tool with a paperclip and a Leatherman, and then claimed "hey, but a legitimate locksmith could use this!". No, a legitimate locksmith would use a professional set of tools. Only the wannabes use half-baked solutions.

        -- Randal L. Schwartz, Perl hacker

      I have nothing but respect for your opinion, but I would love to see a more detailed discussion as to why the parent node should be considered for deletion. Saying that the tool already exists is not a valid argument for censorship.
      ()-()
       \"/
        `                                                     
      
        Ok, repeating what I said in the CB...

        A "port scanner" is like a "ping scanner". Most admins I know see these as primarily hackerz toolz for the script kiddies to find the next box to crack.

        While I appreciate the effort of /dev/null, I don't want the Monastery to be seen as a place that harbors or supports warezkiddies and scriptkiddies.

        And that was my initial reaction to this post.

        Beyond that, I don't mind "reinvention of the wheel" if it is clear that the post is for comment only, and that the poster has clearly surveyed the area in which he or she is reinventing. I didn't see that happening here, although I could certainly be wrong. It looked like a tool written by someone who wasn't aware of existing cool tools already occupying the space. If the description had included "this duplicates one of the functions of nmap, but I just wanted to see if I could write it", I'd have no complaints (along that axis, but the warez comment still stands regardless).

        -- Randal L. Schwartz, Perl hacker

        I have no objection to the function of this code, but surely on this site the focus should be on the use of Perl.

        If the script provided additional functionality (e.g. using Spreadsheet::WriteExcel to present a report on all hosts on a network), or was presented for use in situations where nmap was not available (e.g. using Perl on a Psion netBook to check security on a wireless network), then it should be posted here.

        As it is, I do not see that value is being added.

        Update:
        Although on the other hand I may have refuted my own argument - without this node, I would not necessarily have thought about the two examples I gave.

        It's late...

        JJ

Re: pscanner.pl
by Mr. Muskrat (Abbot) on Oct 04, 2002 at 17:14 UTC

    merlyn,
    This is not warez. 'Warez' imlies illegally acquired software, i.e. "D00d, come check out my 1337 ftp site. It's got lots of warez like ISOs of all of the M$ software you can imagine." And as much as some people would like it be, port scanning is not illegal. At times, it can come in handy. It can also be used to "case" a server for possible weaknesses. Would a "script kiddie" use a perl port scanner? I doubt it. Nmap is much better suited for their usage. This looks like a legit attempt at learning.

    /dev/null,
    I commend you for having the guts to post this. I can't believe that you would try to get into a flamefest. This is not the kind of thing that I come here to read.

    IANA maintains a list of port numbers. It is possible to have a port number as high as 65535. So I am curious why you choose to go up to 65000. Also, you are only scanning for TCP ports. Why not go all out and scan for UDP ports as well?

    Update: I forgot to mention that I'm not voting on the flamefest posts. Just please! Please! Don't do it again!

      Mr. Muskrat,
      I am sorry for not killing the circle of flame but I had to stand up for what I thought was right. This script was not intended for hacking into a workstation. I wrote this script strictly for checking services running on a few of my clients. Thanks for the input.. i'll consider changing the script to check all portnumbers and UDP ports.

      /dev/null
        In that case I believe that, didactic as this effort may have been :-), you should really follow merlyn's (brashly expressed) suggestion to use nmap, a very versatile and solid tool for all manner of network examination tasks.

        Makeshifts last the longest.

      Script kiddies aside, NMAP is possibly the best scanner ever coded (other than Nessus which uses NMAP as part of it's design). Although this is interesting , to compare the two is ludicrous.

Back to Code Catacombs

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: sourcecode [id://202756]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (6)
As of 2014-12-25 07:18 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (159 votes), past polls