Thread: Basic port scanner code .. pls help ???

  1. #1
    Registered User intruder's Avatar
    Join Date
    Nov 2002
    Posts
    48

    Basic port scanner code .. pls help ???

    Hello friends i have written a basic port scanner with options like :

    1) The program will prompt for 3 command line arguments viz :
    ip/hostname
    start_port <mandatory>
    end_port <optional>

    out of this the end_port is optional if the user provides the
    end port than it will scan till that port or else if the end port
    is not provided then the scan will go from start_port till 65535.

    2) The program open a log file named scanresults.txt at c:\
    which contains all the scan results in it so user can check it after
    the run.

    3) The program shows only those ports, on the screen, which are open it will not display closed ports but they are logged into the file.

    after the program run is complete user can check for the file at
    c:\scanresults.txt


    /****** problem ******/

    But the real problem is that suppose when i am running the application as

    c:\>port 111.111.111.111 138 139
    where 138 is the start port and 139 is the end port
    then it is showing both the ports closed.

    but in turn if i am running the same application as
    c:\>port 111.111.111.111 139 140
    where 139 is the start port and 140 is the end port
    then it is showing me port 139 open and 140 closed.

    inshort if it encounters first port as closed it shows all the following ports closed
    but it is not true vice versa.
    i have gone through the code many a times but i can't figure it out what is the
    problem..

    anybody pls go through the code and pls tell me why its happening like this..

    i will be very grateful .. thanks millions ..
    /************************************************** ******/

    the code is as follows :

    ******************** CODE ******************
    #include <stdio.h>
    #include <winsock.h>
    FILE *fp;
    char file_to_open [60];
    int sock;
    int count = 0;
    int start_port;
    int end_port = 0;
    WSADATA wsaData;
    struct hostent *host;
    struct sockaddr_in dest;

    void OpenFiles()
    {
    sprintf(file_to_open , "/scanresults.txt");
    fp = fopen( file_to_open , "w" );
    if( fp == NULL )
    {
    printf("File Open Error\n");
    exit(1);
    }
    fprintf(fp,"\n************************************ ******************************" );
    fprintf(fp,"\n ROOTSCAN LOG");
    fprintf(fp,"\n************************************ ******************************\n" );
    }

    void CloseFiles()
    {
    fclose( fp );
    }

    int main(int argc, char *argv[])
    {
    if(argc < 3)
    {
    printf("\n\tUsage: %s <host/ip> <start_port> [end_port]\n", argv[0]);
    exit(-1);
    }

    OpenFiles();

    //windows specific code here
    WSAStartup(MAKEWORD(1, 1), &wsaData);
    //end here
    start_port = atoi(argv[2]);

    if( argc > 3)
    end_port = atoi( argv[3] );
    else
    end_port = 65535;

    if((host = gethostbyname(argv[1])) == NULL)
    {
    printf("Couldn't resolve %s\n", argv[1]);
    exit(-1);
    }

    for(count = start_port; count <= end_port; count++)
    {
    if((sock = socket(AF_INET, SOCK_STREAM, 0)) == 0)
    {
    printf("Couldn't make socket!\n");
    exit(-1);
    }

    dest.sin_family = AF_INET;
    dest.sin_port = htons(count);
    dest.sin_addr = *((struct in_addr *)host->h_addr);

    if(connect(sock, (struct sockaddr *)&dest, sizeof(struct sockaddr)) == -1)
    {
    fprintf( fp ,"Port %5d Closed\n",count);
    shutdown(sock, 2);//use this instead of close.
    //windows...
    WSACleanup();
    //endsleep(1);
    }
    else
    {
    printf("Port %d \t Open\n", count);
    fprintf( fp ,"Port %5d Open\n", count);
    shutdown(sock, 2);//use this instead of close.
    //windows...
    WSACleanup();
    //end
    }
    }//for loop end
    CloseFiles();
    return(0);
    }



    pls help waiting...

  2. #2
    fou
    Guest
    Hi,
    1. Please put your code in code tags.

    2. Why do you call WSACleanup in the middle of your code? This call indicates that the app is finished with winsock and subsequent calls to winsock functions will fail. As you call WSACleanup after the first connection all subsequent connection requests will fail giving the results you indicate.

    3. To reiterate: Put WSACleanup at the end of your code.

    4. Instead of commenting out windows specific code you can do the following:
    Code:
    #ifdef _WIN32
      WSACleanup();
    #endif
    5. Otherwise the code looks good.

    Have Fun!

  3. #3
    Registered User intruder's Avatar
    Join Date
    Nov 2002
    Posts
    48
    hey fou many many thanks friend i have done the changes and now its working fine..

    thanks once again . but now the only problem is it is taking lots of time to run.. i don't know why... thinking.. if there is any way to reduce the time.. ??

  4. #4
    Evil Member
    Join Date
    Jan 2002
    Posts
    638
    The host, does it return an ICMP_PORT_UNREACHABLE packet or just time out?

    If the latter you might look into threading to allow you to wait on many timeouts concurrently.

  5. #5
    fou
    Guest
    I agree with what Imperito said but here is another slight problem.
    Quotes from msdn:

    1. The shutdown function does not close the socket. Any resources attached to the socket will not be freed until closesocket is invoked.

    2. An application should always have a matching call to closesocket for each successful call to socket to return any socket resources to the system.

    3. An application should not rely on being able to reuse a socket after it has been shut down. In particular, a Windows Sockets provider is not required to support the use of connect on a socket that has been shut down.
    In affect if your program creates 65000 sockets the resources(memory, etc) for all of them are kept until your program closes. You could put closesocket calls in where the WSACleanup calls were in the original program.

    I believe that the non-windows version of closesocket is simply close(socket descriptor).

    In regards to quote no. 3 your program is correct. I just included it to warn against altering your program to reuse a single socket.

    Code:
    #ifdef _WIN32
      closesocket(sock);
    #else
      close(sock);
    #endif
    Have Fun!

  6. #6
    Registered User intruder's Avatar
    Join Date
    Nov 2002
    Posts
    48
    i will try doing that .. thanks lots .. friends..

    thanks.. once again

    in

  7. #7
    Registered User
    Join Date
    Jan 2003
    Posts
    3

    Dude, what are you doing?

    Hey.

    I don't mean to sound too rude, but that port-scanner is mine, down to the very last character.

    I posted the earliest versions on HDC BBS, and several individuals helped me develop it further, and to port it onto Windows. It is a good job we have good people around like that.

    Go to http://www.hackers.com/________.____...threadid=60775
    and you will see that it is me who it the author of Rootscan, and it is you who ripped it from me. That link will take you to the very place you first aquired the code.

    I expect a big apology from you, and I sure hope you feel ashamed and embarassed, you arrogant, ignorant, ripping piece of ****.

    I don't know what the hell you think you were doing, but I do know the only person you were thinking of was yourself. You could've got permission to modify. You could've asked to borrow code. We could've worked something about. But no, that wasn't atcually your intension. What you wanted was, was to take the code, take away the credits, then post it, maybe to get more respect, or even higher status on the board. Either way, you won't be getting any of that now. (And for the record, life isn't about that.)

    You aren't so cool now, huh? If you don't reply to this message with an apology, or you go try saying I am the one who ripped from YOU, or try to say it is some huge coincidence, you are a bigger coward, and more pig-headed, arrogant little **** than I thought. Just admit, you ripped it, you are implying that it is yours -- it isn't -- and you are just pure self-centered. You took away the credits, you claimed it as yours, and it is just as simple as that.

    You need to feel long and hard before looking at another piece of code again, or try to write some (I put big emphasis on TRY) code.

    So long.

  8. #8
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    39,660
    > and several individuals helped me develop it further
    And one of them is called intruder, or as he his known on your other board - InvisibleGhost.

    Well the writing style is the same - some of the posts have been copied verbatim, and the email address in the credits on the other board match the email address in intruder's profile here.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

  9. #9
    Just one more wrong move. -KEN-'s Avatar
    Join Date
    Aug 2001
    Posts
    3,227
    Can't....stop...laughing...

    Oh Salem...I love you

    Heh...that's kind've funny considering when I was reading this post the first thing that popped into my head was "Now watch this be one of the people who asked to use it, or even helped with it..."

  10. #10
    Registered User
    Join Date
    Jan 2003
    Posts
    3

    Talking Ooops

    Hi. InvisibleGhost? I'm REALLY REALLY sorry man, I really didn't know it was you, I thought it was some ripping kiddie. Okay, I didn't think to check, I just though that Eckz and InvisibleGhost would have the same name, but I was wrong.
    I'm sure Eckz and InvisibleGhost would've done the same if they though that some kiddie had ripped their code, I'm sorry Invisible. I suppose I should've checked at the "other" board first, but I didn't think about it before I posted, and I made me mad to think that someone not even involved with rootscan would ripp it, but now I know that it's you, I'm not mad, and I hope you're not too mad with me

    Thanks
    Shaun

  11. #11
    Registered User intruder's Avatar
    Join Date
    Nov 2002
    Posts
    48
    Hey shaun ..its ok man.. initially i thought that hey what happened to shaun .. i was just askign for some help here by posting the code.. then i read the other replies.. also..


    hey man shaun its ok .. we are friend forever u know..

    cheers..

    intruder

  12. #12
    mray
    Guest
    The reason it takes so long is the timeout for connect() .. You could do the following:

    setup timeout via alarm handlers(SIG_ALRM)

    use the select call to setup a timeout

    look into making it multithreaded

  13. #13
    Registered User intruder's Avatar
    Join Date
    Nov 2002
    Posts
    48
    hello mray thanks .. but i only know threads theoritically i have never implemented it before anytime.. and hence i don't konw how to do it.. if u can post a sample code of a thread.. then i will be thankful to u .. ..

    in

  14. #14
    Registered User
    Join Date
    Jan 2003
    Posts
    3
    Hi. I'm glad you're not mad, . I'll search for some thread stuff for windows, and post it as soon as I find it. Anyway, gotta get back to doing my GNVQ ICT.

    P.S. I know this has jack all to do with programming, but is anyone here doing a GNVQ in ICT? I'm sure whether they exist in any other country except for U.K.

    Thanks
    Shaun

  15. #15
    template<typename T> threahdead's Avatar
    Join Date
    Sep 2002
    Posts
    214
    hey shaun its me threadhead.

    why did you left irc so suddenly when i was still talking to you, i hope you
    are not mad at me.

    have you been into raw sockets for now?

    cya

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Visual Basic Code Help
    By Slinger137 in forum Windows Programming
    Replies: 9
    Last Post: 01-04-2009, 10:26 AM
  2. FTP program
    By jakemott in forum Linux Programming
    Replies: 14
    Last Post: 10-06-2008, 01:58 PM
  3. Newbie needing help with basic code!
    By TeZ258 in forum C++ Programming
    Replies: 4
    Last Post: 11-03-2007, 08:35 PM
  4. Binary Search Trees Part III
    By Prelude in forum A Brief History of Cprogramming.com
    Replies: 16
    Last Post: 10-02-2004, 03:00 PM
  5. Pls help me to do this project in C I need source code
    By sureshmenon74 in forum C Programming
    Replies: 4
    Last Post: 10-04-2001, 06:57 AM