forked from joeavanzato/NetPeek
-
Notifications
You must be signed in to change notification settings - Fork 0
/
TCPScan.py
172 lines (158 loc) · 5.5 KB
/
TCPScan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
import socket
import argparse
import threading
import multiprocessing
import ftplib
import random
import time
import queue
import sys
import os
import port_Flooder
#from port_Flooder import flood_port
from multiprocessing import process
mailfront = ["Zofia", "Test", "Jack", "Alehandro", "Vladimir", "Boston", "Loquisha", "Mahogany", "Ferrari", "Michigan", "August", "Ireland", "Government", "Alerter"]
mailback = ["gmail.com", "yahoo.com", "hotmail.com", "gov.edu", "aol.com"]
global flood_time
global target_host
global target_Ports
global args_tmp
args_tmp = []
target_host = ""
target_Ports = ['80']
flood_time = 0
threads = []
#target_Ports.append(0)
parser = argparse.ArgumentParser(usage = '\n--Host (-H) [TARGET-HOST]\n--Ports for Scanning (-p) [TARGET-PORTS (ex. 21 125 80)]\n--Anonymous FTP Login Query (-a) (No Args)\n--UDP Flooding Enabled (-u 200) where 200 is time to spam\n')
parser.add_argument("-H", "--Host", help = 'Give Target Host!', required = True)
parser.add_argument("-p", "--ports", nargs = '+', help = 'Give Target Port!')
parser.add_argument("-a", "--Anon", action = 'store_true', help = 'Sets Anonymous FTP Query Mode')
parser.add_argument("-u", "--flood", nargs = 1, help = 'Flood Host with random UDP Datagrams')
args = parser.parse_args()
target_host = args.Host
if (type(args.ports) == int) or (type(args.ports) == list):
target_Ports = args.ports
else:
print("Ports value malformed")
print(parser.usage)
flood_time = args.flood
print(args) #Test
if ((target_Ports[0]) == 0) and ((args.Anon) == False) and ((flood_time) == 0): #Must use at least one of these
print("Missing Parameters! Must use -u with some ports")
print(parser.usage)
exit(0)
elif ((target_Ports[0]) == 0) and ((flood_time) == 0):
print("Must Select Ports for UDP Flooding with -p!")
print(parser.usage)
exit(0)
def flood_host(host, portlist, flood_time):
global args_tmp
global proclist
print("Flooding Host "+host) #Test
count = 0
portrange = len(portlist)
portlisttmp = []
proclist = []
for port in range(portrange):
portlisttmp.append(portlist[port])
for t in range(portrange):
port = portlisttmp[t]
count = count + 1
args_tmp = []
args_tmp.append(host)
args_tmp.append(port)
args_tmp.append(flood_time[0])
pname = "Process "+port
print("Creating port_Flooder for port "+str(port)+" with Process Name : "+pname)
print("Sent Arguments "+str(args_tmp))
pname = port_Flooder.port_Flooder(host, port, int(flood_time[0]))
proclist.append(pname)
#p = multiprocessing.process.BaseProcess(target = flood_port(host, port, flood_time))
#p.daemon = True
#proclist.append(p)
#p.start()
#p.close()
#for process in proclist:
#process.start()
#for process in proclist:
#process.join()
#for port in range(portrange):
#count = count + 1
#print(portlist[port])
#t = threading.Thread(target = flood_port(host, portlist[port], flood_time)).setDaemon(True)
#t.setDaemon(True)
#t.start()
#for t in threads:
#t.join()
def query_Login(host):
try:
tmpftp = ftplib.FTP(host)
tmpmail = random.choice(mailfront)+"@"+random.choice(mailback)
print(tmpmail)
tmpftp.login('anonymous', tmpmail)
print(str(host)+" Succeeded Connecting via FTP")
crawl(tmpftp)
tmpftp.quit()
except:
print(str(host)+" Failed Connecting Via FTP")
def crawl(connection):
backlist = []
list = []
try:
list = connection.dir()
except:
print("Failed Retrieiving Default Directory Contents")
pass
#for file in list:
# name = file.lower()
# if ('.php' or '.html' or '.htm' or '.asp') in name:
# print("Appending "+name)
# backlist.append(name)
return backlist
def Connect(target_host, target_port):
try:
current_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
current_socket.connect((target_host, target_port))
print("Socket Connected to "+target_host+" on Port "+str(target_port))
current_socket.send(b'Hello\r\n') #Payload
feedback = current_socket.recv(100)
print(str(feedback))
current_socket.close()
except socket.error:
print("Error Connecting on Port "+str(target_port))
def Port_Scan(target_host, target_Ports):
threads = []
try:
target_IP = gethostbyname(target_host)
except:
print("Error Resolving FQDN to IP!")
try:
target_Name = gethostbyaddr(target_IP)
print(target_Name)
except:
print("Error Resolving Host name from IP!")
lenport = len(target_Ports)
x = 0
for x in range(lenport):
curport = target_Ports[x]
print(curport)
x = x + 1
print("Scanning Port "+str(curport))
tconnect = threading.Thread(target = Connect(target_host, int(curport)))
tconnect.start()
def main():
print("")
if (args.flood != None):
flood_host(target_host, target_Ports, flood_time)
else:
pass
if (args.Anon == True):
query_Login(target_host)
else:
pass
if (((target_Ports) != 0) and (args.flood == None)):
Port_Scan(target_host, target_Ports)
else:
pass
print("All Done")
main()