portscan.pl

#!/usr/bin/perl -w
#This could really stand to be improved, but it works for basic purposes
#right now of identifying open ports on the given host.
#The big improvement would be a hash containing basic jibberish to
#send to given ports (eg 22, 21, 25, 80, 110) to see if they're
#running standard services.

use IO::Socket;
use Getopt::Std;
use strict;

my %args;
my $socket;
my $host = "127.0.0.1";
my $lowport = 0;
my $highport = 65535;
my $wait = 10;
my $outfile;
my $jibberish = "\n";
my $usage = <<EOT;

portscan.pl : scan a range of ports on a given host and report active ports
	-h : this help
	-t : the target hostname or IP address (defaults to 127.0.0.1)
	-m : minimum port number (defaults to 1)
	-M : maximum port number (defaults to 65535)
	-w : timeout time (wait this long to drop attempt - defaults to 
		10 seconds)
	-f : write results to specified logfile instead of stdout
	-v : be particularly verbose
	-j : specify the jibberish to send to the ports found to elicit
		a response
EOT

getopts("ht:m:M:w:vf:j:", \%args);

if ( defined $args{h} ) {
	print $usage;
	exit;
}
if ( defined $args{t} ) {
	$host = $args{t};
}
if ( defined $args{m} ) {
	$lowport = $args{m};
}
if ( defined $args{M} ) {
	$highport = $args{M};
}
if ( defined $args{w} ) {
	$wait = $args{w};
}
if ( defined $args{j} ) {
	$jibberish = $args{j};
}
if ( !$host ) {
	print $usage;
	exit;
}
if ( defined $args{f} ) {
	open($outfile, ">$args{f}") 
		or die "Couldn't open output file $args{f}";
}

foreach ( $lowport ... $highport ) {
	my $response = "";
	if ( $args{v} ) { 
		$response .= "trying $host port $_\n";
	}
	$socket = IO::Socket::INET->new(PeerAddr => $host,
					PeerPort => $_,
					Proto => "tcp",
					Type => SOCK_STREAM,
					Timeout => $wait)
		or next;
	$response .= "Got socket on $host port $_\n";
	if ( $socket && $args{v} ) {
		# got a connection, let's throw some jibberish at it and 
		# see what happens!
		print $socket $jibberish;
		my $response .= <$socket>;
		close($socket);
	}
	if ( $outfile ) {
		print $outfile $response;
	}
	else {
		print $response;
	}
}

if ( $outfile ) {
	close($outfile);
}
Import old code, circa 2005 2026-05-18 12:43:29 -04:00			`#!/usr/bin/perl -w`
			`#This could really stand to be improved, but it works for basic purposes`
			`#right now of identifying open ports on the given host.`
			`#The big improvement would be a hash containing basic jibberish to`
			`#send to given ports (eg 22, 21, 25, 80, 110) to see if they're`
			`#running standard services.`

			`use IO::Socket;`
			`use Getopt::Std;`
			`use strict;`

			`my %args;`
			`my $socket;`
			`my $host = "127.0.0.1";`
			`my $lowport = 0;`
			`my $highport = 65535;`
			`my $wait = 10;`
			`my $outfile;`
			`my $jibberish = "\n";`
			`my $usage = <<EOT;`

			`portscan.pl : scan a range of ports on a given host and report active ports`
			`-h : this help`
			`-t : the target hostname or IP address (defaults to 127.0.0.1)`
			`-m : minimum port number (defaults to 1)`
			`-M : maximum port number (defaults to 65535)`
			`-w : timeout time (wait this long to drop attempt - defaults to`
			`10 seconds)`
			`-f : write results to specified logfile instead of stdout`
			`-v : be particularly verbose`
			`-j : specify the jibberish to send to the ports found to elicit`
			`a response`
			`EOT`

			`getopts("ht:m:M:w:vf:j:", \%args);`

			`if ( defined $args{h} ) {`
			`print $usage;`
			`exit;`
			`}`
			`if ( defined $args{t} ) {`
			`$host = $args{t};`
			`}`
			`if ( defined $args{m} ) {`
			`$lowport = $args{m};`
			`}`
			`if ( defined $args{M} ) {`
			`$highport = $args{M};`
			`}`
			`if ( defined $args{w} ) {`
			`$wait = $args{w};`
			`}`
			`if ( defined $args{j} ) {`
			`$jibberish = $args{j};`
			`}`
			`if ( !$host ) {`
			`print $usage;`
			`exit;`
			`}`
			`if ( defined $args{f} ) {`
			`open($outfile, ">$args{f}")`
			`or die "Couldn't open output file $args{f}";`
			`}`

			`foreach ( $lowport ... $highport ) {`
			`my $response = "";`
			`if ( $args{v} ) {`
			`$response .= "trying $host port $_\n";`
			`}`
			`$socket = IO::Socket::INET->new(PeerAddr => $host,`
			`PeerPort => $_,`
			`Proto => "tcp",`
			`Type => SOCK_STREAM,`
			`Timeout => $wait)`
			`or next;`
			`$response .= "Got socket on $host port $_\n";`
			`if ( $socket && $args{v} ) {`
			`# got a connection, let's throw some jibberish at it and`
			`# see what happens!`
			`print $socket $jibberish;`
			`my $response .= <$socket>;`
			`close($socket);`
			`}`
			`if ( $outfile ) {`
			`print $outfile $response;`
			`}`
			`else {`
			`print $response;`
			`}`
			`}`

			`if ( $outfile ) {`
			`close($outfile);`
			`}`