Skip to content

Instantly share code, notes, and snippets.

@reginaldojunior

reginaldojunior/syscan-example-1.py

Created February 25, 2024 14:13
Show Gist options
  • Save reginaldojunior/5e7c286c3594bf9b10dd0411b6faf633 to your computer and use it in GitHub Desktop.
Save reginaldojunior/5e7c286c3594bf9b10dd0411b6faf633 to your computer and use it in GitHub Desktop.
Download ZIP
syscan-example-1.py
Raw
syscan-example-1.py
from typing import Collection, List
from random import randint, shuffle
from scapy.layers.inet import IP, TCP
from scapy.sendrecv import sr
SEQ_MAX = 2**32-1 # valor limite de bits no ipv4
LIMIT_PORT = 49151 # valor limite de portas definidos pela organização IANA
SYN_FLAG = "S"
SYN_ACK_FLAG = SYN_FLAG + "A"
DEFAULT_TIMEOUT = 3
def port_scan(address: str, ports: Collection[int], **kwargs) -> List[int]:
kwargs.setdefault("timeout", DEFAULT_TIMEOUT)
syns = []
ip_layer = IP(dst=address)
for port in ports:
packet = ip_layer / TCP(sport=LIMIT_PORT, dport=port, seq=randint(0, SEQ_MAX), flags=SYN_FLAG)
syns.append(packet)
answered, _ = sr(syns, verbose=False, **kwargs) # retorno respondidos e não respondidos, mas iremos usar somente o primeiro retorno por fins praticos
ports_open = []
for stimulus, response in answered:
if response[TCP].flags.flagrepr() == SYN_ACK_FLAG:
ports_open.append(stimulus[TCP].dport)
return sorted(ports_open)
print(port_scan('45.33.32.156', (80, 8080, 22, 21)))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment