Thread: My TCP Port Scanner in C

  1. #1
    Registered User
    Join Date
    Jun 2008

    Talking My TCP Port Scanner in C

    This is a simple port scanner coded in c. It uses a simple socket and a for loop. The port scanner uses TCP Connect to check whether the port is opened or closed.

    This is for beginners who are trying to grasp simple sockets in C.

    By the way this is for linux platform you can easily compile this on win32 using cygwin.

    /* A TCP port scanner created by billy*/
    #include <stdio.h>
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <netdb.h>
    #include <stdlib.h>
    #include <errno.h>
    /* Main programs starts*/
    int main(int argc, char **argv)
       int   sd;         //socket descriptor
       int    port;         //port number
       int   start;         //start port
       int    end;         //end port
       int    rval;         //socket descriptor for connect   
       char    responce[1024];      //to receive data
       char   *message="shell";       //data to send
       struct hostent *hostaddr;   //To be used for IPaddress
       struct sockaddr_in servaddr;   //socket structure
       if (argc < 4 )
          printf("------Created By\n");
          printf("Usage: ./tscan <IPaddress> <Start Port> <End Port>\n");
          return (EINVAL);
       start = atoi(argv[2]);
       end   = atoi(argv[3]);
       for (port=start; port<=end; port++)
             //portno is ascii to int second argument     
       sd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); //created the tcp socket
       if (sd == -1)
         return (errno);
       memset( &servaddr, 0, sizeof(servaddr));
       servaddr.sin_family = AF_INET;
       servaddr.sin_port = htons(port); //set the portno
       hostaddr = gethostbyname( argv[1] ); //get the ip 1st argument
       memcpy(&servaddr.sin_addr, hostaddr->h_addr, hostaddr->h_length);
       //below connects to the specified ip in hostaddr
       rval = connect(sd, (struct sockaddr *) &servaddr, sizeof(servaddr));
       if (rval == -1)
       printf("Port %d is closed\n", port);
       printf("Port %d is open\n",port);
       close(sd);         //socket descriptor

  2. #2
    Frequently Quite Prolix dwks's Avatar
    Join Date
    Apr 2005
    Some thoughts:
    • Why do you have close(sd) inside both the if and else blocks at the end of your program?
    • Your indentation could be better.
    • I don't like atoi() due to its lack of error checking, instead preferring strtol() or sscanf(), but that's just me.
    • "responce" is spelled "response".

    BTW, there is a network programming forum, where this should perhaps have been posted.

    Seek and ye shall find. quaere et invenies.

    "Simplicity does not precede complexity, but follows it." -- Alan Perlis
    "Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
    "The only real mistake is the one from which we learn nothing." -- John Powell

    Other boards: DaniWeb, TPS
    Unofficial Wiki FAQ:

    My website:
    Projects: codeform, xuni, atlantis, nort, etc.

  3. #3
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Moved to Networking/Device Communication forum.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  4. #4
    FOSS Enthusiast
    Join Date
    Jun 2008
    What if theres a daemon running an UDP connection?

    and you shouldn't put the socket() into the for loop, because each time another port is opened, and it's more needless overhead

    oh and before I forget, control reaches end of non-void function
    you should add an return(0); to the end

    aside from those, I think your example might suit well for someone who's new to socket programming
    It's quite simple, and short, which makes it clear.
    But, like dwks already said, make over your identation for better readability.
    Someone who's new might not recognise, where the loops/nestings start and end

    If you're planning on expanding the portscanner, you could add a parser for /etc/services, to look if a port needs to be probed for TCP, UDP or both.

  5. #5
    Registered User
    Join Date
    Apr 2007
    Sydney, Australia
    To make an effective port scanner you would need to make use of multiple threads. In each thread it creates a socket, sets it to NON-blocking mode, calls the connect function (which should return straight away because of non-blocking) and then use the select function with a timeval of about 10 seconds to check wether it connected or not.

  6. #6
    Registered User
    Join Date
    Jun 2008
    Is it possible that all ports (1000-16000) are closed on

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. A more advanced port scanner
    By fssp in forum C Programming
    Replies: 6
    Last Post: 03-23-2009, 01:14 AM
  2. FTP program
    By jakemott in forum Linux Programming
    Replies: 14
    Last Post: 10-06-2008, 01:58 PM
  3. brace-enclosed error
    By jdc18 in forum C++ Programming
    Replies: 53
    Last Post: 05-03-2007, 05:49 PM
  4. Port Scanner
    By Stabbsy in forum Networking/Device Communication
    Replies: 11
    Last Post: 11-28-2006, 09:45 AM
  5. Basic port scanner code .. pls help ???
    By intruder in forum C Programming
    Replies: 18
    Last Post: 03-13-2003, 08:47 AM