Login Register





[C] Test for open ports globally filter_list
Author
Message
[C] Test for open ports globally #1
This came up in a discord chat, and I wrote up a sample program to check nearly all of the IPv4 range for machines that respond on port 22 within 250ms. I figured that I'd share it here for you guys.
It is crude, but should be a good starting point for anyone wanting to do something similar.

https://pastebin.com/kBJ5b8P2

Code (in case the pastebin link disappears in the future)
Spoiler:
Code:
#include <unistd.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <errno.h>
#include <fcntl.h>
typedef union
{
        uint32_t ip_32;
        uint8_t ip[4];
} u_ip_addr;
int is_valid(u_ip_addr *addr)
{
        const int portno = 22;
        char *addr_hostname;
        int sockfd, is_connected, opt;
        struct sockaddr_in serv_addr;
        struct hostent *server;
        fd_set wait_set;
        struct timeval *timeout;

        is_connected = 0;
        timeout = malloc(sizeof(struct timeval));
        timeout->tv_sec = 0;
        timeout->tv_usec = 250000;
        addr_hostname = malloc(17);
        sprintf(addr_hostname, "%u.%u.%u.%u", addr->ip[3], addr->ip[2], addr->ip[1], addr->ip[0]);
        if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0)
                goto done;
        opt = fcntl(sockfd, F_GETFL, NULL);
        fcntl(sockfd, F_SETFL, opt | O_NONBLOCK);
        if ((server = gethostbyname(addr_hostname)) == NULL)
                goto done;
        bzero((char *) &serv_addr, sizeof(serv_addr));
        serv_addr.sin_family = AF_INET;
        bcopy((char *)server->h_addr, (char *)&serv_addr.sin_addr.s_addr, server->h_length);
        serv_addr.sin_port = htons(portno);
        if ((is_connected = connect(sockfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr))) < 0)
        {
                if (errno == EINPROGRESS)
                {
                        printf("\r                                    \rTesting %s", addr_hostname);
                        fflush(stdout);
                        FD_ZERO(&wait_set);
                        FD_SET(sockfd, &wait_set);
                        is_connected = select(sockfd + 1, NULL, &wait_set, NULL, timeout);
                }
        }
        else
                is_connected = 1;
        close(sockfd);
done:
        free(addr_hostname);
        free(timeout);
        if (is_connected)
                printf("\r                                            \r");
        return !is_connected;
}
int main()
{
        u_ip_addr *addr;
        uint8_t first, last;
        addr = malloc(sizeof(u_ip_addr));
        for (addr->ip_32 = 0; addr->ip_32 < UINT32_MAX; ++addr->ip_32)
        {
                first = addr->ip[3];
                last = addr->ip[0];
                if ((first == 0 || first == 10 || first == 127) ||
                    (first == 169 || first == 172 || first == 192) ||
                    first == 185)
                        continue;
                if ((last == 0 || last == 1 || last == 254) ||
                    last == 255)
                        continue;
                if (addr->ip[2] == 0 || addr->ip[1] == 0)
                        continue;
                if (!is_valid(addr))
                {
                        printf("%u.%u.%u.%u\n", first, addr->ip[2], addr->ip[1], last);
                        break;
                }
        }
        free(addr);
        return 0;
}

Based on my calculations, this would take about a month to sweep through it. Multithreading could be an option, but you'd need to modify the timeout code.
Hope you enjoy.

Reply

RE: [C] Test for open ports globally #2
Thanks man for sharing; it will be useful for some of us for sure.
Die  But Don't Lie
“Oh Abu Dharr! Don’t look at the smallness of the sin but look at the one you disobeyed.” Prophet Muhammad (pbuh)
[Image: p_237m2jx1.png]
Click for Free VPN

Reply







Users browsing this thread: 1 Guest(s)