Portscanner

[chain]

 

>;; Portscanner v1.0 w/ IPv6 Support; Everything works so far ;);; Syntax:; /portscan [hostname/ip];; Update:; - fixed hostnames with multiple IP adresses, using a random IP from the list now; -------------; Dialog; -------------dialog ps {title "Portscanner"size -1 -1 180 175option dbuicon $windir(system32\shell32.dll), 22list 1, 5 65 170 100, size vsbar hsbaredit "", 2, 24 4 150 10text "Scan", 3, 5 5 16 8edit "", 4, 30 25 35 10, limit 5text "Start", 5, 8 25 16 8text "End", 6, 8 35 16 8box "Portrange", 7, 5 15 65 33edit "", 8, 30 35 35 10, limit 5box "Settings", 9, 75 15 100 33combo 10, 80 25 35 50, size dropcombo 11, 80 35 35 50, size dropcheck "T&imes", 20, 130 25 30 10check "&Verbose", 21, 130 35 30 10button "?", 17, 117 25 10 10, centerbutton "?", 18, 117 35 10 10, centerbutton "?", 22, 162 25 10 10, centerbutton "?", 24, 162 35 10 10, centerbutton "&Scan", 12, 4 50 33 12,defaultbutton "&Reset", 13, 39 50 33 12button "&Clear", 14, 74 50 33 12button "S&ave", 16, 109 50 33 12button "C&lose", 15, 144 50 33 12, canceltext "", 19, 5 167 170 8}; -------------; Dialog Events; -------------on *:dialog:ps:init:0:{var %x = 10while (%x < 10001) { did -a $dname 10 %x $+ ms | inc %x 10 }%x = 0while (%x < 100) { inc %x | did -a $dname 11 %x }reset}on *:dialog:ps:sclick:*:{if ($did = 12) { execute }if ($did = 13) { reset }if ($did = 14) { reset -l }if ($did = 15) { .sockclose ps_* | .timerpScan off | unset %currentPort }if ($did = 16) { save }if ($did = 17) { _help ms }if ($did = 18) { _help sc }if ($did = 22) { _help ti }if ($did = 24) { _help vb }}; -------------; Aliases; -------------alias portscan {if (!$dialog(ps)) { dialog -dm ps ps }else { dialog -v ps }if (!$busy) { if ($1) { did -fra ps 2 $1 } }elseif ($1) { _help bs }}alias -l execute {did -ra ps 2 $gettok($did(ps,2),1,32)did -b ps 12var %resolve = $nslookup($did(ps,2)).goif ($did(ps,2)) {if ($isip($did(ps,2)) || $busy || %resolve) {if ($did(ps,4) <= $did(ps,8) && $did(ps,4) isnum 1-65535 && $did(ps,8) isnum 1-65535) {if ($did(ps,12).text == &Scan) {set %currentPort $did(ps,4) | sockclose ps_* | did -b ps 2,4,8,10,11,13,20,21did -ra ps 12 &Stop | status | add 0 Scan started $iif($did(ps,21).state,using verbose)if (%resolve) { add 0 Resolved: $v1 }if ($numtok(%resolve,44) > 1) { %resolve = $gettok(%resolve,$r(1,$numtok(%resolve,44)),44) | add 0 Using first IP: %resolve }.timerpScan -imo 0 $left($did(ps,10).seltext,-2) port.scanner.loop}else {did -ra ps 12 &Scanif (%currentPort < $did(ps,8)) {if ($input(Apply port %currentPort as new start port?,yau,Just Pause?)) {did -ra ps 4 %currentPort | add 0 Scan paused at port $calc(%currentPort -1) }else { add 0 Scan stopped at port $calc(%currentPort -1) }}status | did -e ps 2,4,8,10,11,13,20,21 | unset %currentPort}}else { _help no }}else { _help ip }}else { _help ho }did -e ps 12}alias -l save {var %path = $$sfile(portscan- $+ $did(ps,2) $+ - $+ $replace($date $+ - $+ $time,/,-,:,-) $+ .log,Save log file,Save)savebuf -o ps 1 $shortfn($nofile(%path)) $+ \ $+ $nopath(%path)}alias port.scanner.loop {var %count = $sock(ps_*,0)var %x = %countwhile (%x) {var %port = $gettok($sock(ps_*,%x),2,95)if ($sock(ps_*,%x).mark) {if ($calc($ticks - $ifmatch) > 300000) { sockclose $sock(ps_*,%x) | add %port Internal timeout limit of 5 minutes reached. }}dec %x}if (%currentPort < $calc($did(ps,8) +1)) {if ((%count < $did(ps,11).seltext) && ($did(ps,12) != &Scan)) {sockopen ps_ $+ %currentPort $did(ps,2) %currentPortinc %currentPort}}%count = $sock(ps_*,0)if (!%count) {.timerpScan offif ($did(ps,12) != &Scan) { execute }}status $iif(%currentPort,$v1,0) %count}alias -l status {did -ra ps 19 Next Port: $iif($1 isnum 0-65535,$1,0) Open Ports: $iif($2,$2,0)}alias -l isip {var %re = /^\s*((?=.*::.*)(::)?([0-9A-F]{1,4}(:(?=[0-9A-F])|(?!\2)(?!\5)(::)|\z)){0,7}|((?=.*::.*)(::)?([0-9A-F]{1,4}(:(?=[0-9A-F])|(?!\7)(?!\10)(::))){0,5}|([0-9A-F]{1,4}:){6})((25[0-5]|(2[0-4]|1[0-9]|[1-9]?)[0-9])(\.(?=.)|\z)){4}|([0-9A-F]{1,4}:){7}[0-9A-F]{1,4})\s*$/iif ($len($1)) {if ($regex($1,%re) && $regml(1) == $1) { return $true }return $iif($longip($longip($1)) == $1,$true,$false)}return $false}alias -l busy {if ($did(ps,12).text == &Stop) { return $true }return $false}alias -l _help {if ($1 = vb) noop $input(It shows all connection tries. $crlf $crlf $+ Produces high CPU load. Use it only with timers of 100ms or above.,adiou,Help)if ($1 = ms) noop $input(Time in milliseconds between each socket will be opened. $crlf $crlf $+ (Up to 10 Seconds.),adiou,Help)if ($1 = sc) noop $input(Maximum amount of open connections at once.,adiou,Help)if ($1 = bs) noop $input(Sorry $+ $chr(44) but the portscanner seems to be busy.,adwou,Error)if ($1 = no) noop $input(Please check the portrange.,adwou,Error)if ($1 = ho) noop $input(Please check the hostname.,adwou,Error)if ($1 = ip) noop $input(Please use only IPv4/IPv6 masks that can be resolved.,adwou,Error)if ($1 = ti) noop $input(Adds a timestamp to the output.,adiou,Help)}alias -l reset {if ($1 != -l) {did -c ps 10 2did -c ps 11 20did -f ps 2did -ra ps 4 1did -ra ps 8 65535did -c ps 20did -u ps 21add 0 Portscan ready..sockclose ps_*.timerpScan offunset %currentPortstatus}else {did -r ps 1add 0 List cleared.}}alias -l add {if ($dialog(ps)) {did -a ps 1 $iif($did(ps,20).state,$time) $base($1,10,10,5) $+ $iif($prot($1),/ $+ $v1) : $+ $2-did -c ps 1 $did(ps,1).linesdid -z ps 1}}alias -l prot {return $gettok($read($windir(system32\drivers\etc\services),nw,* $1 $+ /tcp*),1,32)}alias -l windir {.comopen windir WScript.Shellif ($comerr) { !return }var %a = $com(windir,ExpandEnvironmentStrings,3,bstr,% $+ windir%)%a = $com(windir).result.comclose windirreturn %a $+ \ $+ $iif($1,$1-)}; -------------; Socket Events; -------------on *:sockopen:ps_*:{if ($dialog(ps)) {var %port = $gettok($sockname,2,95)if ($sock($sockname).status == active) { add %port Connected | sockmark $sockname $ticks }elseif ($did(ps,21).state) { add %port $sock($sockname).status }}}on *:sockread:ps_*:{var %tempvar %port = $gettok($sockname,2,95)if (!$sockerr) {:nsockread %tempif (!$sockbr) returnif (!%temp) %temp = -add %port %tempgoto n}else { add %port Error: $sock($sockname).wsmsg }}on *:sockclose:ps_*: {var %port = $gettok($sockname,2,95)add %port Host closed connection.}; ------------; NSLookup COM; ------------;; Syntax: $nslookup(<target>[,server]).[da|si|go|od|vncs|rand];; [Server] must be an IP Adress;; Property .si uses one of the public nameserver from ScrubIt; Property .go uses one of the public nameserver from google; Property .od uses one of the public nameserver from OpenDNS; Property .da uses one of the public nameserver from dnsadvantage; Property .vnsc uses one of the public nameservers from vnsc-pri.sys.gtei.net; Property .rand uses a random server of the public nameservers in this list;; It can't resolve netbios names (well it can, maybe you have a win 2008 dns server with a GlobalNames zone ;));alias nslookup {var %id = $md5($ticks),%match,%tmp,%out.comopen %id wscript.shellif ($comerr) { return }var %google = $gettok(8.8.4.4 8.8.8.8,$r(1,2),32)var %OpenDNS = $gettok(208.67.222.222 208.67.220.220,$r(1,2),32)var %ScrubIt = $gettok(67.138.54.100 207.225.209.66,$r(1,2),32)var %dnsadvantage = $gettok(156.154.70.1 156.154.71.1,$r(1,2),32)var %vncs = $gettok(4.2.2.1 4.2.2.2 4.2.2.3 4.2.2.4 4.2.2.5 4.2.2.6,$rand(1,6),32)var %ns = $gettok(%OpenDNS %google %ScrubIt %dnsadvantage %vncs,$findtok(od go si da vncs,$prop,1,32),32)if ($prop == rand) { %ns = $gettok(%OpenDNS %google %ScrubIt %dnsadvantage %vncs,$r(1,5),32) }.comclose %id $com(%id,run,1,bstr*,% $+ comspec% /c nslookup $1 $iif(%ns,%ns,$iif($isip($2),$2)) > $mircdir\ $+ %id,uint,0,bool,true)if ($isip($1)) {noop $read(%id,n,3)while ($read(%id,$calc($readn +1))) {%match = $remove($ifmatch,$chr(44))while ($gettok(%match,1,32)) {var %tmp = $remove($ifmatch,$chr(32))if (!$istok(Address: Name: name =,%tmp,32)) {if (!$isip(%tmp)) { %out = $addtok(%out,%tmp,44) }}%match = $deltok(%match,1,32)}}}else {var %x = $read(%id,n,3)if ($gettok(%x,1,32) != ***) {while ($read(%id,$calc($readn +1))) {%match = $remove($ifmatch,$chr(44))while ($gettok(%match,1,32)) {var %tmp = $remove($ifmatch,$chr(32))if ($isip(%tmp)) { %out = $addtok(%out,%tmp,44) }%match = $deltok(%match,1,32)}}}}.remove %idreturn %out}