• 管理员
    了解作者
  • LINUX
    开发工具
  • 0B
    文件大小
  • zip
    文件格式
  • 0
    收藏次数
  • 10 积分
    下载积分
  • 1439
    下载次数
  • 2001-01-07 00:00
    上传日期
linux下的端口扫描器
linuxscanners.zip
  • ftp-scan.c
    2.8KB
  • www.pudn.com.txt
    218B
  • reflscan.c
    9.3KB
  • tcpprobe.c
    1.5KB
  • pscan.c
    13.9KB
  • ident-scan.c
    3.9KB
内容介绍
/* * pscan.c * * TCP/UDP/NIS/RPC scanner.. * o scans TCP ports and prints the services running * o scans UDP ports and prints the services running (remote hosts only) * o dumps portmappers listing of RPC services * o prints available NIS maps * * UDP port scanning is kinda flakey.. but it works.. with the exception * of on your own host (netstat -a for christs sake).. anyway.. here * it is.. * * - pluvius@dhp.com * * tested on SunOS 4.1.3_U1 and Linux 1.1.85 * Also tested on OSF/1, courtesy of IETF. * compile: cc -o pscan -s pscan.c * * NOTE: when you do a NIS listing.. it MUST be the domain name that * you pass as the remote host.. otherwise this will not work. * * H* mods: use a normally refused TCP port to determine UDP RTT delay. * Much faster, and prevents the target from logging opened connections. * May behave oddly if some TCP ports are dropped by a filter, and doesn't * work on solaris cuz ICMP is *not* delivered to connected-UDP sockets. * See udp_scan.c in Satan for more info, and a solaris version that works * but needs root. * * If only one port arg given, just hit that port and report state. * * Added settable connect() timeout for tcp scan, with appropriate errors. * Useful for determining what TCP ports are being filtered out -- scan a * known machine behind a packet filter, and anything that wasn't refused * or open is being dropped. Ping first to get an idea of the right * timeout to use; otherwise defaults to 3 sec. * * --> * connect time outs is broke on linux.. ripped it out. <p. * also yanked the --wait command thingy * * * TODO: fix domainname shit, maybe rip code from satan yp_chk * */ #include <stdio.h> #include <unistd.h> #include <netdb.h> #include <sys/socket.h> #include <sys/types.h> #include <netinet/in.h> #include <rpc/rpc.h> #include <rpc/xdr.h> #include <rpc/pmap_prot.h> #include <rpc/pmap_clnt.h> #include <rpcsvc/yp_prot.h> #include <rpcsvc/ypclnt.h> #include <errno.h> #include <signal.h> #include <setjmp.h> /* xxx: these are sometimes defined by .h files as below for getopt. I'll fix it later... */ extern int errno; #ifndef BSD4_4 extern char *sys_errlist[]; #endif #ifndef INADDR_NONE #define INADDR_NONE 0xffffffff #endif #ifdef __GNU_LIBRARY__ /* this is part of the GNU C lib */ #include <getopt.h> #else extern int optind; extern char *optarg; #endif #define DEFAULT_LOW_PORT 1 #define DEFAULT_HIGH_PORT 10240 #define RTT_PORT 3 /* for UDP-RTT hack */ #define MAJOR_VERSION 1 #define MINOR_VERSION 4 static char sccsid[] = "@(#) pscan.c 1.4 (pluvius+hobbit) 04/15/95"; typedef enum { false, true } my_bool; my_bool Single = false; /* use booleans for all if-ed vars */ typedef enum { s_none, s_tcp, s_udp, s_rpc, s_nis } scan_t; #ifdef __GNU_LIBRARY__ static struct option long_options[] = { {"tcp", 0, 0, 0}, {"udp", 0, 0, 0}, {"rpc", 0, 0, 0}, {"nis", 0, 0, 0}, {"help", 0, 0, 0}, {"version", 0, 0, 0}, {0,0,0,0} }; #endif struct { char *alias; char *mapname; my_bool inuse; } yp_maps[] = { {"passwd", "passwd.byname", false}, {"group", "group.byname", false}, {"networks", "networks.byaddr", false}, {"hosts", "hosts.byaddr", false}, {"protocols", "protocols.bynumber", false}, {"services", "services.byname", false}, {"aliases", "mail.aliases", false}, {"ethers", "ethers.byname", false}, {NULL, NULL, false} }; scan_t scan_type; char remote_host[200]; char remote_ip[20]; char remote_domain[128]; int low_port; int high_port; void print_version(s) { fprintf(stderr,"%s version %d.%d\n",s,MAJOR_VERSION,MINOR_VERSION); exit(0); } void print_usage(s) { fprintf(stderr,"usage %s: <scan type> <host> [low port] [high port]\n",s); fprintf(stderr,"where scan type is one of:\n"); #ifdef __GNU_LIBRARY__ fprintf(stderr," --tcp, -t - TCP port scan\n"); fprintf(stderr," --udp, -u - UDP port scan\n"); fprintf(stderr," --rpc, -r - RPC service list\n"); fprintf(stderr," --nis, -n - NIS map listing\n"); fprintf(stderr," --version, -v - Print version information\n"); fprintf(stderr," --help, -h - Print usage information\n"); #else fprintf(stderr," -t - TCP port scan\n"); fprintf(stderr," -u - UDP port scan\n"); fprintf(stderr," -r - RPC service list\n"); fprintf(stderr," -n - NIS map listing\n"); fprintf(stderr," -v - Print version information\n"); fprintf(stderr," -h - Print usage information\n"); #endif fprintf(stderr,"\n"); exit(0); } /* XXX: document -d after it works, maybe make -u take an arg? */ void get_args(n,v) int n; char *v[]; { int c; int opt_ind; memset (remote_domain, 0, 8); scan_type = s_none; while (true) { #ifdef __GNU_LIBRARY__ c = getopt_long(n,v,"turnhvd:",long_options,&opt_ind); #else c = getopt(n,v,"turnhvd:"); #endif if (c == -1) break; switch(c) { #ifdef __GNU_LIBRARY__ case 0: opt_ind++; /* index's are one less than the scan type */ if (opt_ind == 5) print_usage(v[0]); if (opt_ind == 6) print_version(v[0]); scan_type = opt_ind; break; #endif case 't': scan_type = s_tcp; break; case 'u': scan_type = s_udp; break; case 'r': scan_type = s_rpc; break; case 'n': scan_type = s_nis; break; case 'd': strcpy (remote_domain, optarg); break; case 'v': print_version(v[0]); break; case 'h': case '?': print_usage(v[0]); break; } } low_port = DEFAULT_LOW_PORT; high_port = DEFAULT_HIGH_PORT; for (opt_ind = 0;optind < n;optind++) { switch(opt_ind++) { case 0: /* remote host */ strncpy(remote_host,v[optind],199); break; case 1: /* low port */ low_port = atoi(v[optind]); Single = true; break; case 2: /* high port */ high_port = atoi(v[optind]); Single = false; break; } } if (Single) high_port = low_port; if ((opt_ind == 0) || (scan_type == s_none)) { fprintf(stderr,"error: you must specify a scan type and a host\n"); print_usage(v[0]); } } void check_args() { struct hostent *host; host = gethostbyname(remote_host); if (host == NULL) { #if 0 /* this sscanf and related code crashes on sunos, beats the shit out of me why. In any case, punt -- just check the arg's validity with inet_addr and copy it directly. */ unsigned char a,b,c,d,n; char addr[5]; /* hmm.. perhaps it was a dotted quad entered.. */ n = sscanf(remote_host,"%u.%u.%u.%u",&a,&b,&c,&d); if (n != 4) { fprintf(stderr,"error: host '%s' not found\n",remote_host); exit(1); } addr[0] = a; addr[1] = b; addr[2] = c; addr[3] = d; host = gethostbyaddr(addr,4,AF_INET); #endif /* 0 */ /* ... we'll do it this way instead. */ unsigned long n; n = inet_addr(remote_host); if (n == INADDR_NONE) { fprintf(stderr,"error: host '%s' not found\n",remote_host); exit(1); } strcpy (remote_ip, remote_host); host = gethostbyaddr(remote_ip,4,AF_INET); if (host == NULL) { fprintf(stderr,"error: host '%s' not found\n",remote_host); exit(1); } } else { /* gethostbyname */ sprintf(remote_ip,"%u.%u.%u.%u",
评论
  • PUDN用户 2005-05-31 15:56:09
    r
相关推荐
  • 3DES加密算法源代码.rar
    DES加密源代码,用3DES加密算法。 加密强度高,到目前为止,还无人能够破解!
  • crc.zip
    CRC校验程序,使用了CRC-16和CRC-CCITT方法
  • rsa1.03.zip
    rsa算法实现,包含文档
  • fast-des3.0.tar.z
    des算法实现源码
  • des3_win32_vc.zip
    一个3des算法的库文件和使用库文件的例子
  • dcpcrypt.zip
    Delphi加密控件源码,包括对称钥匙加密控件和散列函数控件
  • rc.zip
    含有rc2、rc4、rc5、rc6算法的rc算法集合
  • oicqpass.zip
    读取OICQ用户保存在本地机器上的密码
  • elgamal.zip
    另一种公开密钥加密算法的Pascal实现和例子。实现了签名和确认