端口掃描器

1.設置Python環境變量

右擊此電腦==> 高級系統設置==> 高級==環境變量

新建變量

 

變量名字隨意，變量值是python的安裝目錄

2.複製下面代碼，保存並放到Python安裝目錄下

import optparse                                            
from socket import *
from threading import *

screenLock = Semaphore(value=1)
def connScan(tgtHost,tgtPort):
    try:
        connSkt = socket(AF_INET, SOCK_STREAM)
        connSkt.connect((tgtHost, tgtPort))
        connSkt.send('ViolentPython\r\n')
        results = connSkt.recv(100)
        screenLock.acquire()
        print '[+]%d/tcp open'% tgtPort
        print '[+] '+ str(results)
    except:
        screenLock.acquire()
        print '[-]%d/tcp closed'% tgtPort
    finally:
        screenLock.release()
        connSkt.close()
def portScan(tgtHost, tgtPorts):
    try:
        tgtIP = gethostbyname(tgtHost)
    except:
        print "[-] Cannot resolve '%s': Unknown host" %tgtHost
        return
    try:
        tgtName = gethostbyaddr(tgtIP)
        print '\n[+] Scan Results for:' +tgtName[0]
    except:
        print '\n[+] Scan Results for:' +tgtIP
    setdefaulttimeout(1)
    for tgtPort in tgtPorts:
         t = Thread(target=connScan,args=(tgtHost, int(tgtPort)))
         t.start()
def main():
    parser = optparse.OptionParser("usege %prog "+"-H <target host> -p <target port>")
    parser.add_option('-H', dest='tgtHost', type='string', help='specify target host')
    parser.add_option('-p', dest='tgtPort', type='string', help='specify target port[s] separated by comma')

    (options, args) = parser.parse_args()
    tgtHost = options.tgtHost
    print options.tgtPort

    tgtPorts = str(options.tgtPort).split(',')
    print tgtPorts
    if (tgtHost == None) | (tgtPorts[0] == None):
        print parser.usage
        exit(0)
    portScan(tgtHost,tgtPorts)
    
if __name__=='__main__':
       main()

可以看到下面我放到python的安裝目錄下並重命名爲：端口掃描

3.開啓Linux，安裝vsftpd（21端口）並開啓服務，關閉防火牆，查看ip（虛擬機要開啓橋接模式）

爲了更容易看懂，打開一個Linux虛擬機並開啓21端口，然後使用腳本掃描21端口是否開啓。

1）查看IP地址

[root@localhost ~]# ifconfig ens33   
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.23  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::7992:920f:d01f:6485  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:a8:ad:3c  txqueuelen 1000  (Ethernet)
        RX packets 13301  bytes 14835141 (14.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4672  bytes 354057 (345.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  //IP地址爲192.168.0.23
[root@localhost ~]# ping www.baidu.com
PING www.a.shifen.com (182.61.200.7) 56(84) bytes of data.
64 bytes from 182.61.200.7 (182.61.200.7): icmp_seq=1 ttl=52 time=18.3 ms
64 bytes from 182.61.200.7 (182.61.200.7): icmp_seq=2 ttl=52 time=15.7 ms
  //可以ping同外網
  //如果ping不通外網的話，那肯定是沒有開啓橋接模式

2）開啓21端口

[root@localhost ~]# yum -y install vsftpd
[root@localhost ~]# systemctl start vsftpd
[root@localhost ~]# netstat -anput |grep 21
tcp6       0      0 :::21                   :::*                    LISTEN      3700/vsftpd         

4.驗證掃描端口

打開cmd，切換到python的安裝目錄下。
 

執行命令驗證

-H是指定主機

-p指定端口

可以看到掃描到的21端口是開着的，80端口是沒有開的