求LINUX下的端口扫描程序
使用Socket API,接受IP 地址,输出该IP 地址对应的主机所支持的<端口号, 协议(TCP/UDP), 服务名[3]>
[解决办法]
开源的 nmap ...
[解决办法]
以前调试过一个,发个你看下吧。
其实道理不难,就是发送icmp包,跟ping类似,然后等待回应,若超时或者无响应则判断端口未开。
主机扫描的也类似。
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
#include<math.h>
#include<netdb.h>
#include<unistd.h>
#include<sys/time.h>
#include<sys/types.h>
#include<sys/socket.h>
#include<netinet/in_systm.h>
#include<netinet/in.h>
#include<netinet/ip.h>
#include<netinet/ip_icmp.h>
#include<arpa/inet.h>
#include <time.h>
/*#define CHKADDRESS( _saddr_)
{
u_char *p =(char *)&(_saddr_);
if( (p[0] == 10)
[解决办法]
(p[0] ==168 &&16<=p[1]&&p[1]<=31)
[解决办法]
(p[0] ==192 && p[1]==168)
{}
else
{
fprintf(stderr,"IP address error.\n");
exit(EXIT_FAILURE);
}
}*/
enum {CMD_NAME,DST_IP,START_PORT,LAST_PORT};
#define MAXBUFF 8192
int main(int argc,char *argv[])
{
clock_t start, finish;
struct icmp *icmp;
fd_set select_fd;
struct sockaddr_in send_sa;
int recv_sd;
int send_sd;
char buff[MAXBUFF];
int endport;
int startport;
int dstport;
struct timeval tv;
struct ip *ip;
int hlen,port;
int count;
if(argc!=4)
{
fprintf(stderr," usge:%s dst_ip start_port last_port\n",argv[CMD_NAME]);
exit(EXIT_FAILURE);
}
send_sa.sin_family = AF_INET;
send_sa.sin_addr.s_addr = inet_addr(argv[DST_IP]);
startport = atoi(argv[START_PORT]);
endport = atoi(argv[LAST_PORT]);
//CHKADDRESS(send_sa.sin_addr.s_addr);
if( (send_sd = socket(AF_INET,SOCK_DGRAM,0))<0)
{
perror(" socket (SOCK_DGRAM)");
exit(EXIT_FAILURE);
}
if( (recv_sd = socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0)
{
perror(" socket (SOCK_RAW)");
exit(EXIT_FAILURE);
}
for(dstport = startport;dstport<=endport;dstport++)
{
printf(" Scan port %d: %d times\r",dstport,count);
fflush(stdout);
send_sa.sin_port = htons (dstport);
sendto(send_sd,NULL,0,0,(void *) &send_sa,sizeof(send_sa));
tv.tv_sec=1;
tv.tv_usec=0;
count=0; //记录每次同一端口,ICMP包数量
start = clock();
while(1)
{
FD_ZERO(&select_fd);
FD_SET(recv_sd,&select_fd);
if(select (recv_sd+1,&select_fd,NULL,NULL,&tv)>0)
if(recvfrom(recv_sd,buff,MAXBUFF,0,NULL,NULL)!=56) //ICMP包,长度为56,IP+ICMP+IP+UDP
continue;
//intf("a new icmp ack\n");
if( ((finish=clock() )-start)>=2)
{
printf("2 sec no target icmp ack.\n");
struct servent *se_t;
se_t=getservbyport(htons (dstport)," udp");
printf("%5d %-20s\n",dstport,(se_t==NULL)?"unkown":se_t->s_name);
break;
}
ip=(struct ip *)buff;
hlen=ip->ip_hl<<2;
icmp=(struct icmp *)(buff+hlen);
port=ntohs(* (u_short *)(buff+20+8+20+2) );
if( (ip->ip_src.s_addr!=send_sa.sin_addr.s_addr)
[解决办法]
(icmp->icmp_type!=ICMP_UNREACH)
[解决办法]
(icmp->icmp_code!=ICMP_UNREACH_PORT)
[解决办法]
(port!=dstport))
{
if(count>10)
{
printf("port %d:icmp_type is %d;icmp_code is %d.\n",port,icmp->icmp_type,icmp->icmp_code);
break;
}
if(ip->ip_src.s_addr==send_sa.sin_addr.s_addr && port==dstport)
{
//printf(" %d times\r",count);
count++;
break;
}
//printf("Not target icmp packet.continue check port %d\n",dstport);
continue;
}
else
{
struct servent *se;
se=getservbyport(htons (dstport)," udp");
//if(se!=NULL)
printf("%5d %-20s\n",dstport,(se==NULL)?"unkown":se->s_name);
}
break;
}
}
return EXIT_SUCCESS;
}
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 4 [ ] DGRAM 5684 /dev/log
unix 2 [ ACC ] STREAM LISTENING 5895 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 6133 /tmp/.font-unix/fs7100
unix 2 [ ACC ] STREAM LISTENING 6106 /var/run/iiim/.iiimp-unix/9010
unix 2 [ ACC ] STREAM LISTENING 6169 /var/run/dbus/system_bus_socket
unix 2 [ ] DGRAM 6358 @/var/run/hal/hotplug_socket
unix 2 [ ] DGRAM 3840 @udevd
unix 2 [ ] DGRAM 14405
unix 3 [ ] STREAM CONNECTED 6357 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 6356
unix 3 [ ] STREAM CONNECTED 6177
unix 3 [ ] STREAM CONNECTED 6176
unix 2 [ ] DGRAM 6028
unix 3 [ ] STREAM CONNECTED 5795
unix 3 [ ] STREAM CONNECTED 5794
unix 2 [ ] DGRAM 5703
[root@RHEL4_U5 ~]#
