Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- import scapy.all as scapy
- scapy.conf.verb=0
- import os
- import socket
- hostip= "192.168.2.1" #raw_input("Digite la direccion IP del destino: ")
- #print "El equipo al cual se hara el escaneo es: " + hostip
- port=input("Digite el puerto a revisar: ")
- ifname="wlan0" #raw_input("\nIngresar Interface por donde se realizara el ataque wlan0 o eth0: ")
- fin,fout = os.popen4("ip route list dev "+ifname +" | grep default | awk '{print $3}'")
- result = fout.read()
- gw_IP=result.strip()
- gwip=str(gw_IP)
- pkt_arp = scapy.ARP()
- myether = pkt_arp.hwsrc
- mi_IP = pkt_arp.psrc
- gwether=scapy.getmacbyip(str(gw_IP))
- hostether=scapy.getmacbyip(hostip)
- print "host ip: " +hostip
- print "mi ip:" +mi_IP
- print "###############[TCP CONNECT SCAN]#######################\n"
- paquete = (scapy.Ether(src=myether, dst=hostether)/scapy.IP(dst=hostip)/scapy.TCP(sport=scapy.RandShort(), dport=port))
- resp = scapy.srp1(paquete,timeout=1) #send and wait first replay
- if not resp or resp.getlayer(scapy.TCP).flags != 0x12:
- print str(port)+":Puerto Cerrado\n"
- else:
- print str(port)+":Puerto Abierto\n"
- #END TCP-SCAN
- print "###############[SYN CONNECT SCAN]#########################\n"
- paquete = (scapy.Ether(src=myether, dst=gwether)/scapy.IP(dst=hostip)/scapy.TCP(sport=scapy.RandShort(), dport=port, flags='S'))
- resp = scapy.srp1(paquete, timeout=3) #send and wait first replay
- if not resp:
- print str(port)+":Puerto Filtrado"
- else:
- if resp.getlayer(scapy.TCP).flags == 0x12 or resp.getlayer(scapy.TCP).flags == 2 :
- print str(port)+":Puerto Abierto\n"
- else:
- print str(port)+":Puerto Cerrado\n"
- #END-SYN SCAN
- print "###############[FIN CONNECT SCAN]#########################\n"
- paquete = (scapy.Ether(src=myether, dst=gwether)/scapy.IP(dst=hostip)/scapy.TCP(sport=scapy.RandShort(),dport=port, flags='F'))
- resp = scapy.srp1(paquete, timeout=3) #send and wait first replay
- if not resp:
- print str(port)+":Puerto Abierto | filtrado\n"
- else:
- if resp.getlayer(scapy.TCP).flags == 0x14 or resp.getlayer(scapy.TCP).flags == 4:
- print str(port)+":Puerto Cerrado\n"
- else:
- print str(port)+":Puerto Abierto | no filtrado\n"
- #END-FIN SCAN
- print "###############[XMAS TREE CONNECT SCAN]#######################\n"
- paquete = (scapy.Ether(src=myether, dst=gwether)/scapy.IP(dst=hostip)/scapy.TCP(sport=scapy.RandShort(),dport=port, flags='FPU'))
- resp = scapy.srp1(paquete, timeout=3) #send and wait first replay
- if not resp or resp.getlayer(scapy.TCP).flags != 0x14 or resp.getlayer(scapy.TCP).flags !=1:
- print str(port)+":Puerto Abierto|filtrado\n"
- else:
- print str(port)+":Puerto Cerrado\n"
- #resp.show(); #paquete from hostip
- #END-XMAS TREE
- print "###############[NULL CONNECT SCAN]#######################\n"
- paquete = (scapy.Ether(src=myether, dst=gwether)/scapy.IP(dst=hostip)/scapy.TCP(sport=scapy.RandShort(),dport=port, flags=0x00))
- resp = scapy.srp1(paquete, timeout=3) #send and wait first replay
- if not resp:
- print str(port)+":Puerto Abierto | filtrado\n"
- else:
- print str(port)+":Puerto Cerrado\n"
- #resp.show(); #paquete from hostip
- #END NULL-SCAN
- print "###############[UDP CONNECT SCAN]#######################\n"
- paquete = (scapy.Ether(src=myether, dst=gwether)/scapy.IP(dst=hostip)/scapy.UDP(sport=scapy.RandShort(),dport=port))
- resp = scapy.srp1(paquete, timeout=3) #send and wait first replay
- if not resp:
- print str(port)+":Puerto Abierto | filtrado\n"
- else:
- print str(port)+":Puerto Cerrado\n"
- #END UDP SCAN
- print "########### [ IDLE SCAN ] ################################\n"
- objetivoip="192.168.2.204"
- objetivoether=scapy.getmacbyip(objetivoip)
- print
- paquete = (scapy.Ether(dst=gwether)/scapy.IP(src=mi_IP, dst=gwip)/scapy.TCP(sport=scapy.RandShort(), dport=port, flags='SA'))
- resp = scapy.srp1(paquete) #send and wait first replay
- #resp.show(); #paquete from hostip
- a=resp.getlayer(scapy.IP).id
- print "ip id 1: " +str(a)
- #####################################################################
- paquete2 = (scapy.Ether(dst=objetivoether)/scapy.IP(src=gwip, dst=objetivoip)/scapy.TCP(sport=scapy.RandShort(),dport=port, flags='S'))
- resp2 = scapy.srp1(paquete, timeout=1) #send and wait first replay
- #####################################################################
- paquete = (scapy.Ether(dst=gwether)/scapy.IP(src=mi_IP, dst=gwip)/scapy.TCP(sport=scapy.RandShort(), dport=port, flags='SA'))
- resp = scapy.srp1(paquete) #send and wait first replay
- #resp.show(); #paquete from hostip
- b=resp.getlayer(scapy.IP).id
- #####################################################################
- print "ip id 2: " +str(b)
- c=b-a
- if c>=2:
- print "Puerto Abierto\n"
- else:
- print "Puerto Cerrado\n"
Add Comment
Please, Sign In to add comment