Simple Port Scanner with Golang

Use Go‘s net package: net.Dial(network, address string)

package main

import (

	"fmt"

	"net"

)

func main() {

	_, err := net.Dial("tcp", "scanme.nmap.org:80")

	if err == nil {

		fmt.Println("Connection successful")

	}

Nonconcurrent Scanning

Scan TCP ports range from 1 to  2014 slowly.

package main

import (

	"fmt"

	"net"

)

func main() {

	for i := 1; i <=1024; i ++ {

		address := fmt.Sprintf("scame.nmap.org:%d", i)

		conn, err := net.Dial("tcp", address)

		if err != nil {

			// port is closed or filtered.

			continue

		}

		conn.Close()

		fmt.Printf("%d open\n", i)

	}

}

 Concurrent scanning

Harness the power of goroutines to scan multiple ports concurrently.

package main

import (

	"fmt"

	"net"

)

func main() {

	for i := 1; i <= 1024; i++ {

		go func(j int) {

			address := fmt.Sprintf("scanme.nmap.org:%d", j)

			conn, err := net.Dial("tcp", address)

			if err != nil {

				return

			}

			conn.Close()

			fmt.Printf("%d open\n", j)

		}(i)

	}

}

But it is too fast to wait for the connection to take place, so you may not get accurate results for ports whose packets were still in-flight.

Method 1:

Synchronized Scanning Using WaitGroup

Use WaitGroup from the sync package to control concurrency in a thread-safe way.

package main

import (

	"fmt"

	"net"

	"sync"

)

func main() {

	var wg sync.WaitGroup

	for i := 1; i <= 1024; i++ {

		wg.Add(1)

		go func(j int) {

			defer wg.Done()

			address := fmt.Sprintf("10.0.0.24:%d", j)

			conn, err := net.Dial("tcp", address)

			if err != nil {

				return

			}

			conn.Close()

			fmt.Printf("%d open\n", j)

		}(i)

	}

	wg.Wait()

}

This program is better, but still incorrect.

 Port Scanning Using a Worker Pool

To avoid inconsistencies, use a pool of goroutines to manage the concurrent work being performed.

package main

import (

	"fmt"

	"sync"

)

func worker(ports chan int, wg *sync.WaitGroup) {

	for p := range ports {

		fmt.Println(p)

		wg.Done()

	}

}

func main() {

	ports := make(chan int, 100)

	var wg sync.WaitGroup

	for i := 0; i < cap(ports); i++ {

		go worker(ports, &wg)

	}

	for i := 1; i <= 1024; i++ {

		wg.Add(1)

		ports <- i

	}

	wg.Wait()

	close(ports)

}

The numbers printed to the screen in no particular order.

Method 2: 

Multichannel Communication

Remove the dependency of a WaitGroup

package main

import (

	"fmt"

	"net"

	"sort"

)

func worker(ports, results chan int) {

	for p:= range ports {

		address := fmt.Sprintf("10.0.0.24:%d", p)

		conn, err := net.Dial("tcp", address)

		if err != nil {

			results <-0

			continue

		}

		conn.Close()

		results <- p

	}

}

func main() {

	ports := make(chan int, 100)

	results := make(chan int)

	var openports []int

	for i := 0; i < cap(ports); i++ {

		go worker(ports, results)

	}

	go func() {

		for i := 1; i <= 1024; i++ {

			ports <- i

		}

	}()

	for i := 0; i < 1024; i++ {

		port := <-results

		if port != 0 {

			openports = append(openports, port)

		}

	}

	close(ports)

	close(results)

	sort.Ints(openports)

	for _, port := range openports {

		fmt.Printf("%d open\n", port)

	}

}

A highly efficient port scanner.

You can modify the program to allow users to provide the number of workers as an option.

Go Pentester - TCP Scanner的更多相关文章

  1. Go Pentester - TCP Proxy

    Building a TCP Proxy Using io.Reader and io.Writer Essentially all input/output(I/O). package main i ...

  2. Metasploit辅助模块

    msf > show auxiliary Auxiliary ========= Name                                                  Di ...

  3. allVncClients

    VNC Viewer Free Edition 37  RealVNC Ltd.  15,367  Freeware  1021.58 KB VNC is client and server remo ...

  4. metasploit快速入门

    今天没上班,在小黑屋里看了一个一百多页的书<metasploit新手指南>,在此将笔记分享给大家.欢迎大家批评指正,共同学习进步.     metasploit新手指南 笔记 kali 0 ...

  5. 辅助模块应用(auxiliary/scanner/portscan/tcp)

    实验步骤 创建msf所需的数据库 之前我们开启msf时下面总会出现一个红色的小减号,原来是因为没有和数据库键连接,于是首先我们要手动建立一个数据库... 使用命令来实现: service postgr ...

  6. Python3实现TCP端口扫描

    在渗透测试的初步阶段通常我们都需要对攻击目标进行信息搜集,而端口扫描就是信息搜集中至关重要的一个步骤.通过端口扫描我们可以了解到目标主机都开放了哪些服务,甚至能根据服务猜测可能存在某些漏洞. TCP端 ...

  7. Python3实现TCP端口扫描器

    本文来自 高海峰对 玄魂工作室 的投稿 作者:高海峰 QQ:543589796 在渗透测试的初步阶段通常我们都需要对攻击目标进行信息搜集,而端口扫描就是信息搜集中至关重要的一个步骤.通过端口扫描我们可 ...

  8. TCP/UDP端口列表

    http://zh.wikipedia.org/wiki/TCP/UDP%E7%AB%AF%E5%8F%A3%E5%88%97%E8%A1%A8 TCP/UDP端口列表     本条目可通过翻译外语维 ...

  9. [JAVA] 基于TCP的起重机运行模拟器

    1.客户端 package ClientMain; import java.io.DataInputStream; import java.io.DataOutputStream; import ja ...

随机推荐

  1. Bestcoder Round8

    4989Summary 既然用C++了就偷懒直接用STL大法了 #include<iostream> #include<algorithm> #include<vecto ...

  2. 阿里面试官最喜欢问的21个HashMap面试题

    1.HashMap 的数据结构? A:哈希表结构(链表散列:数组+链表)实现,结合数组和链表的优点.当链表长度超过 8 时,链表转换为红黑树. transient Node<K,V>\[\ ...

  3. Python爬虫实战,完整的思路和步骤(附源码)

    前言 小的时候心中总有十万个为什么类似的问题,今天带大家爬取一个问答类的网站. 本堂课使用正则表达式对文本类的数据进行提取,正则表达式是数据提取的通用方法. 环境介绍: python 3.6 pych ...

  4. 黎活明8天快速掌握android视频教程--25_网络通信之资讯客户端

    1 该项目的主要功能是:后台通过xml或者json格式返回后台的视频资讯,然后Android客户端界面显示出来 首先后台新建立一个java web后台 采用mvc的框架 所以的servlet都放在se ...

  5. linux网络编程-posix条件变量(40)

    举一个列子来说明条件变量: 假设有两个线程同时访问全局变量n,初始化值是0, 一个线程进入临界区,进行互斥操作,线程当n大于0的时候才执行下面的操作,如果n不大于0,该线程就一直等待. 另外一个线程也 ...

  6. xutils工具上传日志文件

    首先下载xutils java包: 添加到项目的工程中: 第二在新建一个类继承application package logback.ecmapplication.cetcs.com.myapplic ...

  7. Springboot在包含有参构造方法的类中使用@Value注解取值

    我们在Springboot中经常使用@Value注解来获取配置文件中的值,像下面这样 @Component class A { @Value("${user.value}") pr ...

  8. activiti学习笔记二

    上一篇文章大概讲了下什么是流程引擎,为什么我们要用流程引擎,他的基本原理是啥,以及怎么进行基本的使用,这篇文章我们再讲下其他的一些使用. 删除流程部署 package activiti02; impo ...

  9. openstack Rocky 社区版部署1.3 安装OpenStack packages

    1 installing the Rocky release on all nodes. yum install centos-release-openstack-rocky 安装之后,会在/etc/ ...

  10. CString 十六进制转二进制

    int nValude = 0; CString strtemp("asdb");; sscanf(strtemp.GetBuffer(0),"%x",& ...