#include #include "libsockets.h" #include "libkeef.h" // for strmatch(), etc. #if defined (UNIX) #include // for signal() #include // for SIGBUS, etc. #include #else if defined(WIN32) // Windows #include // for closesocket() #include // for _getcwd() #include // for getpid() #define sleep(SECS) Sleep(SECS*1000) #define close(SOCKET) closesocket(SOCKET) #define read(SOCKET,BUF,LEN) recv(SOCKET,BUF,LEN,/*flags=*/0) #define write(SOCKET,BUF,LEN) send(SOCKET,BUF,LEN,/*flags=*/0) #endif #include // for time(), strftime(), etc. /*global*/int g_fDebug = 0; #define ErrorLog printf #define DebugLog if (g_fDebug) printf #define MAXLEN_HOSTNAME 200 #ifndef PATH_SLASH #ifdef UNIX #define PATH_SLASH '/' #else #define PATH_SLASH '\\' #endif #endif #ifndef TXTNL #define TXTNL "\r\n" #endif #define MAXLEN_RESPONSE 100 //typedef struct //{ // int iPortNum; // char szResponse[MAXLEN_RESPONSE+1]; // int iProtocol; // void* pNext; //} //PORT; //----------------------------------------------------------------------------- static char *g_Synopsis[] = { //----------------------------------------------------------------------------- " ", "scan - scan a given range of sockets on a given machine", " ", "usage: scan [-v] [ []]", " ", "where:", " -v : verbosity for sockets debugging", " : can be a hostname or an IP address", " : should be >= 1", " : should be >= StartSocket", " ", "History:", " 17 Aug 99 : keef wrote", " ", "(c) Copyright 1999 Ridgeware, Inc.", " ", NULL }; //----------------------------------------------------------------------------- static void Exit (int iExitCode) //----------------------------------------------------------------------------- { #ifdef WIN32 WSACleanup(); #endif exit (iExitCode); } // Exit //----------------------------------------------------------------------------- static void SynopsisAndExit () //----------------------------------------------------------------------------- { for (int ii=0; g_Synopsis[ii]; ++ii) { printf ("%s\n", g_Synopsis[ii]); } Exit(0); } // SynopsisAndExit //------------------------------------------------------------------------------ main (int argc, char* argv[]) //------------------------------------------------------------------------------ { char* pszHostname = NULL; char* pszStartPort = NULL; char* pszEndPort = NULL; char** pArgArray[] = {&pszHostname, &pszStartPort, &pszEndPort, NULL}; int iThisArg = 0; int iMaxArgs = 3; BOOL fHTML = FALSE; int iStartPort = 1; int iEndPort = 10000; for (int ii=1; ii= iMaxArgs) { printf ("scan: argument '%s' not understood.\n", argv[ii]); SynopsisAndExit(); } *(pArgArray[iThisArg]) = argv[ii]; ++iThisArg; } } // check required args: if (!pszHostname || !(*pszHostname)) SynopsisAndExit (); if (pszStartPort) iStartPort = atoi (pszStartPort); if (pszEndPort) iEndPort = atoi (pszEndPort); if ((iEndPort < iStartPort) || !iEndPort || !iStartPort) { ErrorLog ("scan: illegal port number range: %d -> %d\n", iStartPort, iEndPort); Exit (-1); } #ifdef WIN32 WORD wVersionRequested = MAKEWORD(1,1); WSADATA wsaData; if (WSAStartup (wVersionRequested, &wsaData)) { ErrorLog ("scan: could not find a compatible WINSOCK DLL\n"); Exit (-1); } #endif struct sockaddr_in AddrServer; int iLineNum = 0; int fdSocket; DebugLog ("Resolving hostname '%s' into an IP address...\n", pszHostname); if (!ValidateHost (&AddrServer, pszHostname)) { ErrorLog ("scan: could not resolve hostname '%s' into an IP address.\n", pszHostname); Exit (1); } char szResultsFile[200]; sprintf (szResultsFile, "data/scan:%s", pszHostname); FILE* fpResults = fopen (szResultsFile, "w"); if (fpResults) { fprintf (fpResults, "%s : looping through ports : %d -> %d\n", pszHostname, iStartPort, iEndPort); fclose (fpResults); } int iNumPorts = 0; char szResponse[MAXLEN_RESPONSE+2]; printf ("scan: looping through ports: %d -> %d\n", iStartPort, iEndPort); for (int iPortNum=iStartPort; iPortNum<=iEndPort; ++iPortNum) { DebugLog (":: attempting %d...\n", iPortNum); AddrServer.sin_port = htons(iPortNum); if ((fdSocket = socket (AF_INET, SOCK_STREAM, 0)) < 0) { ErrorLog ("scan: can't get a new stream socket descriptor.\n"); Exit (1); } //DWORD dwNonBlocking = 1; //if (ioctl (fdSocket, FIONBIO, &dwNonBlocking) < 0) // ErrorLog (":: warning (port %d) -- could not set socket to NON-BLOCKING mode.\n", iPortNum); if (connect (fdSocket, (struct sockaddr *) &AddrServer, sizeof(struct sockaddr_in)) >= 0) { ++iNumPorts; DebugLog (":: --> somebody picked up the phone!\n"); szResponse[0] = 0; ssize_t iLen = 0; char *pszBadProto = NULL; switch (iPortNum) { // case 79: pszBadProto = "finger"; // case 111: pszBadProto = "sunrpc"; // break; case 80: // http SocketWrite (fdSocket, "GET / HTTP/1.0\n\n"); break; default: SocketWrite (fdSocket, "FRED\n\n"); } if (pszBadProto) { DebugLog (":: --> skipping read (because we know %s hangs)\n", pszBadProto); strcpy (szResponse, "read skipped by keef ("); strcat (szResponse, pszBadProto); strcat (szResponse, " hangs on read)"); iLen = strlen(szResponse); } else { // store the response (if any): iLen = read (fdSocket, szResponse, MAXLEN_RESPONSE); szResponse[iLen] = 0; } DebugLog (":: --> %lu bytes of 'greeting' when they answered the phone\n", iLen); // condense response into a one liner: for (int ii=0; ii