[Code] RØD Port Scan - Perl

[rodweb]

RØD Port Scan

Ae, esse é meu primeiro programa em perl usando sockets, um scaner de portas simples e lento igual os outros, ele tem a opção de quando salvar o .txt mostrar os possíveis serviços ou possíveis trojans rodando... deu trabalho editar essa parte, peguei a lista do programa "Portas Abertas" do WS, espero que ele naum se importe :P ...tbm faltava eu traduzir os nomes dos serviços, mais não sei inglês e fiquei com preguiça de ficar indo no Google :P

Bom, pra vcs verem como usar façam o seguinte:

Linux: ./scan.pl -h
Windows: perl scan.pl -h

Testem ou estudem aew!

scan.pl

Code Select Expand

#!/usr/bin/perl -w
#Programa: RØD Port Scan
#Versão: 1.0 beta
#SO's: Linux e Windows.
#Descrição: Escaneia um range de portas e mostra os possíveis serviços e trojans rodando.
#Coded By: Ø Rodrigo Ø - [Insanity Sharkers]

use IO::Socket;
$i=1;
$ver="v. 1.0";
system("clear");

#Lista de Serviços utilizados...
%servicos=(1=>"TCP Port Service Multiplexer",2=>"Management Utility",3=>"Compression Process",5=>"Remote Job Entry",
7=>"Echo",9=>"Discard",11=>"Active Users",13=>"Daytime",15=>"Netstat",21=>"FTP - File Transfer Protocol",
22=>"SSH Remote Login Protocol",23=>"Telnet",24=>"Qualquer sistema de e-mail privado",
25=>"SMTP - Simple Mail Transfer Protocol",26=>"AltaVista Firewall97",27=>"AltaVista Firewall97",
28=>"AltaVista Firewall97",29=>"AltaVista Firewall97",31=>"MSG Authentication",33=>"DSP - Display Support Protocol",
35=>"Any private printer server",37=>"Time",38=>"Route Access Protocol",39=>"Resource Location Protocol",41=>"Graphics",
42=>"Host Name Server",43=>"Nicname",44=>"MPM FLAGS Protocol",45=>"Message Processing Module",46=>"MPM",47=>"NI FTP",
48=>"Digital Audit Daemon",49=>"Login Host Protocol",50=>"Remote Mail Checking Protocol",51=>"IMP Logical Address",
52=>"XNS Time Protocol",53=>"DNS - Domain Name Server",54=>"XNS Clearinghouse",55=>"ISI Graphics Language",
56=>"XNS Authentication",57=>"Any private terminal access",58=>"XNS Mail",59=>"Any private file service",61=>"NI MAIL",
62=>"ACA Services",63=>"whois++",64=>"Communications Integrator",65=>"TACACS-Database Service",66=>"Oracle SQL*NET",
67=>"Bootstrap Protocol Server",68=>"Bootstrap Protocol Server",69=>"Trivial File Transfer",70=>"Gopher",
71=>"Remote Job Service",72=>"Remote Job Service",73=>"Remote Job Service",74=>"Remote Job Service",
75=>"Any private dial out service",76=>"Distributed External Object Store",77=>"Any private RJE service  netrjs",
78=>"Vettcp",79=>"Finger",80=>"HTTP World Wide Web",81=>"HOSTS2 Name Server",82=>"XFER Utility",83=>"MIT ML Device",
84=>"Common Trace Facility",85=>"MIT ML Device",86=>"Micro Focus Cobol",87=>"Any private terminal link  ttylink",
88=>"Kerberos",89=>"SU MIT Telnet Gateway",90=>"DNSIX Securit Attribute Token Map",91=>"MIT Dover Spooler",
92=>"Network Printing Protocol",93=>"Device Control Protocol",94=>"Tivoli Object Dispatcher",95=>"BSD supdupd(8)",
96=>"DIXIE Protocol Specification",97=>"Swift Remote Virtural File Protocol",98=>"Linuxconf",99=>"TAC News",
100=>"[unauthorized use]",101=>"NIC Host Name Server",102=>"ISO Transport Service Access Point",
103=>"Genesis Point-to-Point Trans Net",104=>"ACR-NEMA Digital Imag. & Comm. 300",105=>"Mailbox Name Nameserver",106=>"3COM-TSMUX",
107=>"Remote Telnet",108=>"SNA Gateway Access Server",109=>"POP2 - Post Office Protocol 2",110=>"POP3 - Post Office Protocol 3",
111=>"portmapper  rpcbind",112=>"McIDAS Data Transmission Protocol",113=>"ident Authentication Service",114=>"Audio News Multicast",
115=>"Simple File Transfer Protocol",116=>"ANSA REX Notify",117=>"UUCP Path Service",118=>"SQL Services",
119=>"Network News Transfer Protocol",120=>"CFDPTKT",121=>"Encore Expedited Remote Pro.Call",122=>"SMAKYNET",,123=>"Network Time Protocol",
124=>"ANSA REX Trader",125=>"Locus PC-Interface Net Map Ser",126=>"NXEdit",127=>"Locus PC-Interface Conn Server",
128=>"GSS X License Verification",129=>"Password Generator Protocol",130=>"cisco FNATIVE",131=>"cisco TNATIVE",
132=>"cisco SYSMAINT",133=>"Statistics Service",134=>"INGRES-NET Service",135=>"RPC Endpoint Mapper",136=>"PROFILER Naming Server",
137=>"NetBIOS name service",138=>"NetBIOS datagram service",139=>"NetBIOS Session",143=>"IMAP4 - Internet Message Access Protocol 4",
147=>"ISO-IP",150=>"SQL-NET",220=>"IMAP3 - Interactive Mail Access Protocol v3",389=>"LDAP",443=>"SSL - Secure Socket Layer",
445=>"Microsoft-ds (Server Message Block)",465=>"SMTPs - secure SMTP",500=>"LSASS - Local Security Authority Service",
587=>"(SMTP email) submission",995=>"POP3s - secure POP3",1024=>"DCOM",1032=>"ICQ",1035=>"MX-XR RPC",1080=>"SOCKS",1100=>"ICQ Lite",
1144=>"MSN Messenger",1155=>"Network File Access",1214=>"KaZaA",1403=>"prm-nm-np - Prospero Resource Manager",
1407=>"DBSA License Manager",1408=>"sophia-lm - Sophia License Manager",1421=>"Gandalf License Manager",1473=>"OpenMath",1474=>"Telefinder",
1475=>"Taligent License Manager",1628=>"LonTalk normal",1638=>"CableNet Info Protocol",1644=>"Satellite-data Acquisition System 4",
1731=>"MS ICCP",1755=>"MS NetShow",1793=>"rsc-robot",1795=>"dpi-proxy",1863=>"MSN Messenger(messages)",
1900=>"UPnP - Universal Plug and Plug",,2001=>"glimpseserver",2064=>"Distributed.Net RC5/DES",2234=>"SoulSeek",
2300=>"Microsoft DirectX gaming (DirectPlay) 7",2302=>"Microsoft DirectX gaming (DirectPlay) 8",
2400=>"Microsoft DirectX gaming (DirectPlay) 7 and 8",2427=>"MSN Messenger",2445=>"DTN1",2587=>"MASC",2593=>"MNS Mail Notice Service",
2602=>"discp server",2605=>"NSC POSA",2607=>"Dell Connection",2608=>"Wag Service",2609=>"System Monitor",2610=>"VersaTek",
2645=>"Novell IPX CMD",2675=>"TTC ETAP",3050=>"Borland Interbase database",3128=>"squid",3205=>"iSNS",3260=>"iSCSI default port",
3372=>"MSDTC - Microsoft Distributed Transaction Coordinator",3389=>"Windows Remote Desktop Protocol (RDP)",3410=>"NetworkLens SSL Event",
3498=>"DASHPAS user port",3689=>"Apple iTunes music sharing (DAAP)",4000=>"Mirabilis ICQ",4020=>"GlobalChat",4500=>"Microsoft IPsec NAT-T",
4747=>"PGPfone",4748=>"PlayLink",4899=>"RADMIN",5000=>"SSDP - Simple Service Discovery Protocol Yahoo Messenger - Voice Chat",
5001=>"Yahoo Messenger - Voice Chat",5050=>"Yahoo Messenger - messages",5060=>"SIP",5190=>"AOL / AOL ICQ",5191=>"AOL",5192=>"AOL",
5193=>"AOL",5222=>"iChat local traffic",5269=>"iChat local traffic",5353=>"Multicast DNS",5354=>"Dialpad.com",5500=>"HotLine",
5501=>"HotLine",5502=>"HotLine",5503=>"HotLine",5534=>"SoulSeek",5554=>"SGI ESP HTTP",5555=>"InfoSeek Personal Agent",5631=>"pcAnywhere",
5760=>"eShare Chat Server",5761=>"eShare Web Tour",5764=>"eShare Admin Server",5800=>"VNC",5900=>"VNC",
6073=>"Microsoft DirectX gaming (DirectPlay) 8",6346=>"Shareaza",6347=>"GNUtella",6498=>"Netscape Conference",
6502=>"Netscape Conference",6665=>"common IRC",6666=>"common IRC",6667=>"common IRC",6668=>"common IRC",6669=>"common IRC",
6801=>"Net2Phone CommCenter",6891=>"MSN Messenger",6892=>"MSN Messenger",6893=>"MSN Messenger",6894=>"MSN Messenger",6895=>"MSN Messenger",
6896=>"Net2Phone CommCenter",6897=>"MSN Messenger",6898=>"MSN Messenger",6899=>"MSN Messenger",6900=>"MSN Messenger",6901=>"MSN Messenger",
6970=>"QuickTime 4 Server",6969=>"BitTorrent",6881=>"BitTorrent",6882=>"BitTorrent",6883=>"BitTorrent",6884=>"BitTorrent",6885=>"BitTorrent",
6886=>"BitTorrent",6887=>"BitTorrent",6888=>"BitTorrent",6889=>"BitTorrent",7000=>"VDOlive",7175=>"Dialpad.com",7070=>"RealAudio & Video",
7648=>"CU-SeeMe, Enhanced CUSM",7649=>"CU-SeeMe, Enhanced CUSM",8000=>"common HTTP (alternative)",8001=>"common HTTP (alternative)",
8009=>"Apache JServ Protocol v13 (ajp13)",8010=>"Wingate 3.0",8080=>"common HTTP (alternative)",8081=>"common HTTP (alternative)",
8082=>"common HTTP (alternative)",8680=>"Dialpad.com",8890=>"Dialpad.com",9000=>"Dialpad.com",9450=>"Dialpad.com",9460=>"Dialpad.com",
9100=>"PDL datastream",9898=>"MonkeyCom",9943=>"iVisit",9945=>"iVisit",9992=>"The Palace (chat environment)",
9993=>"The Palace (chat environment)",9994=>"The Palace (chat environment)",9995=>"The Palace (chat environment)",
9996=>"The Palace (chat environment)",9997=>"The Palace (chat environment)",9998=>"common Palace",10000=>"NDMP",10080=>"Amanda",
10090=>"PlayLink",11999=>"Yahoo Games",12345=>"Italk",16384=>"RTP",14237=>"Palm Computing Network Hotsync",
14238=>"Palm Computing Network Hotsync",18888=>"Liquid Audio",21300=>"FreeTel",21301=>"FreeTel",21302=>"FreeTel",21303=>"FreeTel",
22555=>"VocalTec Internet Conference",26000=>"Quake",28800=>"MSN Gaming Zone",29100=>"MSN Gaming Zone",30000=>"GnomeMeeting",
30001=>"GnomeMeeting",30002=>"GnomeMeeting",30003=>"GnomeMeeting",30004=>"GnomeMeeting",30005=>"GnomeMeeting",30006=>"GnomeMeeting",
30007=>"GnomeMeeting",30008=>"GnomeMeeting",30009=>"GnomeMeeting",30010=>"GnomeMeeting",32767=>"RTP",39213=>"Sygate Manager",
47624=>"Microsoft DirectX gaming (DirectPlay) 7",56768=>"iVisit");

#Lista de trojans utilizados...
%trojans=(1=>"Sockets des Troie",15=>"B2",20=>"Senna Spy FTP server",21=>"Back Construction",22=>"Adore SSHD",
23=>"ADM worm",110=>"ProAgent",135=>"Blaster Worm",222=>"Optix",370=>"Optix",666=>"BeastTrojan",831=>"Optix",
1025=>"KiLo",1026=>"MoSucker",1037=>"MoSucker",1080=>"MyDoom.B, MyDoom.F, MyDoom.G, MyDoom.H",
2003=>"NinjaSpy Trojan 2003, NinjaSpy Trojan Fix",2004=>"NinjaSpy Trojan 2003, NinjaSpy TrojanFix",2283=>"Dumaru.Y",
2535=>"Beagle.W, Beagle.X, other Beagle/Bagle variants",2745=>"Beagle.C through Beagle.K",3127=>"MyDoom.A",
3128=>"MyDoom.B",3410=>"Optix and variants",4288=>"MoSucker",5110=>"ProRAT",5112=>"ProRAT",5151=>"Optix",
5152=>"Institution",5554=>"Sasser through Sasser.C, Sasser.F",5888=>"C.I.A",6888=>"C.I.A",7499=>"Latinus XP",
7500=>"Latinus XP",8866=>"Beagle.B",9713=>"C.I.A",9800=>"C.I.A",9898=>"Dabber.A and Dabber.B",10000=>"Dumaru.Y",
10080=>"MyDoom.B",12345=>"NetBus",16484=>"MoSucker",17300=>"Kuang2",22311=>"ProRAT",27374=>"SubSeven",
42024=>"WinFire Trojan",42025=>"WinFire Trojan",51100=>"ProRAT",58343=>"ProRAT",65506=>"PhatBot, Agobot, Gaobot");

#Apresentação...
print "
     +============[RØD Port Scan]==============+
     |---------------------------------$ver--|
     |                                         |
     | Scanner de Portas. [Serviços & Trojans] |
     |                                         |
     | Coded By Ø Rodrigo Ø                    |
     +-----------------------------------------+\n\n";
sleep 3;
system("clear");

 #Help do scaner...
 if (@ARGV[0] eq "-h" || @ARGV[0] eq "-H"){
 system("clear");
 print "
     +=============[Sobre & Ajuda]=============+
     |---[Sobre]-------------------------------|
     | Coder: Ø Rodrigo Ø                      |
     | SO's: Linux e Windows                   |
     | Grupo: [Insanity Sharkers]              |
     | Linguagem: Perl                         |
     +-----------------------------------------+
     +---[Ajuda]-----------------------$ver--+
     |Modo de uso:                             |
     |nome <host> <p_inicial> <p_final> <tipo> |
     |-----------------------------------------|
     |Parâmetro:   || Descrição:               |
     |-----------------------------------------|
     | nome        >> Nome do scaner.          |
     |<host>       >> Host onde irá escanear.  |
     |<p_inicial>  >> Porta incial do range.   |
     |<p_final>    >> Porta final do range.    |
     |<tipo>   \\/  >> Padrão [-s]              |
     |-s -> Irá escanear e mostrar os possíveis|
     |serviços rodando.                        |
     |-t -> Irá escanear e mostrar os possíveis|
     |trojans rodando.                         |
     +-----------------------------------------+
     +---[Como ajudar?]------------------------+
     |Para dúvidas, críticas ou sugestões...   |
     |GTalk e Msn: rodrigo.rodweb2005\@gmail.com|
     +-----------------------------------------+\n";
<STDIN>;
system("clear");
#Greetz...
print "
     +---[Agradecimentos]----------------------+
     |[Google]      - [Sem comentários.. :^) ] |
     |[Sthealt]     - [Exemplo de Socket]      |
     |[Rei]         - [Alvo de testes xD]      |
     +-----------------------------------------+\n\n";
<STDIN>;
exit;
}

 #Modo de uso...
 if (@ARGV < 3){
 system("clear");
 print "
Modo de uso: $0 <host> <porta inicial> <porta final> <tipo>

Exemplo: $0 www.site.com 1 100 -s

Irá escanear o site www.site.com com range de portas de 1 até 100
e quando salvar o .txt vai mostrar os possíveis serviços rodando.\n\n";
 exit;
 }

#Seta tudo...
$host=@ARGV[0];
$min=@ARGV[1];
$max=@ARGV[2];
$tipo=@ARGV[3];
$ini=$min;

 #Tira o "http://"
 if ($host =~ /^http:\/\//){
 $host =~ s/^http:\/\///g;
 }

 while($min <= $max){
  my $socket = new IO::Socket::INET (PeerAddr=>$host,PeerPort=>$min,Proto=>TCP,Timeout=>1);
  if (!$socket) {} else {
  close $socket;
  push(@abertas,$min);
  }
 system("clear");
 print "\nEscaneando o host: $host...\n\n";
 print "Escaneando porta $min de $max\n\n";
  foreach (@abertas){
  print "A porta $_ está aberta\n";
  }
 $min++;
 }

print "\n\nConcluído.\n\n";
<STDIN>;
system("clear");

#Pergunta se quer salvar as portas abertas...
print "
     +==============[Pergunta]==============+
     |Criar um .txt com as portas abertas?  |
     |                                      |
     |[S] Sim, salvar as portas abertas.    |
     |[N] Não, não salvar as portas abertas.|
     +--------------------------------------+\n";
print "      Digite a opção desejada: ";
chomp($salvar=<STDIN>);

 if ($salvar eq "S" || $salvar eq "s"){
 open(ARQ,">portas abertas.txt");
  if ($tipo eq "-t"){
  &trojans;
  } else {
  &servicos;
  }
 print ARQ "\nO $host foi escaneado por RØD Port Scan\n";
 close(ARQ);
 system("clear");
 print "\n\nO arquivo portas abertas.txt foi criado na pasta atual.\n\n"
 } else {
 system("clear");
 }

#Salva as portas abertas e mostra os possíveis serviços rodando...
sub servicos(){
print ARQ "
Portas abertas e Processos possíveis rodando nun range de $ini até $max:
----------------------------------------------------------------------\n\n";
 foreach $porta (@abertas){
 $servico=$servicos{$porta};
  if ($servico eq ""){
  $servico="Não disponível";
  }
 print ARQ "$porta [$servico]\n";
 }
}

#Salva as portas abertas e mostra os possíveis trojans rodando...
sub trojans(){
print ARQ "
Portas abertas e Trojans possíveis rodando nun range de $ini até $max:
--------------------------------------------------------------------\n\n";
 foreach $porta (@abertas){
 $trojan=$trojans{$porta};
  if ($trojan eq ""){
  $trojan="Não disponível";
  }
 print ARQ "$porta [$trojan]\n";
 }
}

(Obs) Para executar no Windows sem erro troque o system("clear"); por system("cls");.

Flws..

[Skayler]

Very Cool Guy!
I'm testing...
Parabéns!

[]'s


Skayler

[#phobia]

Parabéns pelo esforço e desempenho Ø Rodrigo Ø...

Continue, não pare! 

[Anonymous]

Vou testar,

Depois eu posto aqui o resultado, mais parece bem interessante...   

[Shady]

Bem legal :P

[Anonymous]

Bom, agora depois de testado, muito bom em rodrigo, parabens,

Belo code...  :-*

[rodweb]

vlw pessoal...

Bem legal :P

achei um txtzinho em pt-br xD

[slul]

vlw pessoal...

Bem legal :P

achei um txtzinho em pt-br xD

compartilhe ai pro pessoal aprender

[rodweb]

vlw pessoal...

Bem legal :) E falava que nao sabia usar sockets :P

tae -> http://www.darkers.com.br/smf/index.php ... 459.0.html

achei um txtzinho em pt-br xD

compartilhe ai pro pessoal aprender