Simple Port Scanner with Golang

Use Go‘s net package: net.Dial(network, address string)

package main

import (

	"fmt"

	"net"

)

func main() {

	_, err := net.Dial("tcp", "scanme.nmap.org:80")

	if err == nil {

		fmt.Println("Connection successful")

	}

Nonconcurrent Scanning

Scan TCP ports range from 1 to  2014 slowly.

package main

import (

	"fmt"

	"net"

)

func main() {

	for i := 1; i <=1024; i ++ {

		address := fmt.Sprintf("scame.nmap.org:%d", i)

		conn, err := net.Dial("tcp", address)

		if err != nil {

			// port is closed or filtered.

			continue

		}

		conn.Close()

		fmt.Printf("%d open\n", i)

	}

}

 Concurrent scanning

Harness the power of goroutines to scan multiple ports concurrently.

package main

import (

	"fmt"

	"net"

)

func main() {

	for i := 1; i <= 1024; i++ {

		go func(j int) {

			address := fmt.Sprintf("scanme.nmap.org:%d", j)

			conn, err := net.Dial("tcp", address)

			if err != nil {

				return

			}

			conn.Close()

			fmt.Printf("%d open\n", j)

		}(i)

	}

}

But it is too fast to wait for the connection to take place, so you may not get accurate results for ports whose packets were still in-flight.

Method 1:

Synchronized Scanning Using WaitGroup

Use WaitGroup from the sync package to control concurrency in a thread-safe way.

package main

import (

	"fmt"

	"net"

	"sync"

)

func main() {

	var wg sync.WaitGroup

	for i := 1; i <= 1024; i++ {

		wg.Add(1)

		go func(j int) {

			defer wg.Done()

			address := fmt.Sprintf("10.0.0.24:%d", j)

			conn, err := net.Dial("tcp", address)

			if err != nil {

				return

			}

			conn.Close()

			fmt.Printf("%d open\n", j)

		}(i)

	}

	wg.Wait()

}

This program is better, but still incorrect.

 Port Scanning Using a Worker Pool

To avoid inconsistencies, use a pool of goroutines to manage the concurrent work being performed.

package main

import (

	"fmt"

	"sync"

)

func worker(ports chan int, wg *sync.WaitGroup) {

	for p := range ports {

		fmt.Println(p)

		wg.Done()

	}

}

func main() {

	ports := make(chan int, 100)

	var wg sync.WaitGroup

	for i := 0; i < cap(ports); i++ {

		go worker(ports, &wg)

	}

	for i := 1; i <= 1024; i++ {

		wg.Add(1)

		ports <- i

	}

	wg.Wait()

	close(ports)

}

The numbers printed to the screen in no particular order.

Method 2: 

Multichannel Communication

Remove the dependency of a WaitGroup

package main

import (

	"fmt"

	"net"

	"sort"

)

func worker(ports, results chan int) {

	for p:= range ports {

		address := fmt.Sprintf("10.0.0.24:%d", p)

		conn, err := net.Dial("tcp", address)

		if err != nil {

			results <-0

			continue

		}

		conn.Close()

		results <- p

	}

}

func main() {

	ports := make(chan int, 100)

	results := make(chan int)

	var openports []int

	for i := 0; i < cap(ports); i++ {

		go worker(ports, results)

	}

	go func() {

		for i := 1; i <= 1024; i++ {

			ports <- i

		}

	}()

	for i := 0; i < 1024; i++ {

		port := <-results

		if port != 0 {

			openports = append(openports, port)

		}

	}

	close(ports)

	close(results)

	sort.Ints(openports)

	for _, port := range openports {

		fmt.Printf("%d open\n", port)

	}

}

A highly efficient port scanner.

You can modify the program to allow users to provide the number of workers as an option.

Go Pentester - TCP Scanner的更多相关文章

  1. Go Pentester - TCP Proxy

    Building a TCP Proxy Using io.Reader and io.Writer Essentially all input/output(I/O). package main i ...

  2. Metasploit辅助模块

    msf > show auxiliary Auxiliary ========= Name                                                  Di ...

  3. allVncClients

    VNC Viewer Free Edition 37  RealVNC Ltd.  15,367  Freeware  1021.58 KB VNC is client and server remo ...

  4. metasploit快速入门

    今天没上班,在小黑屋里看了一个一百多页的书<metasploit新手指南>,在此将笔记分享给大家.欢迎大家批评指正,共同学习进步.     metasploit新手指南 笔记 kali 0 ...

  5. 辅助模块应用(auxiliary/scanner/portscan/tcp)

    实验步骤 创建msf所需的数据库 之前我们开启msf时下面总会出现一个红色的小减号,原来是因为没有和数据库键连接,于是首先我们要手动建立一个数据库... 使用命令来实现: service postgr ...

  6. Python3实现TCP端口扫描

    在渗透测试的初步阶段通常我们都需要对攻击目标进行信息搜集,而端口扫描就是信息搜集中至关重要的一个步骤.通过端口扫描我们可以了解到目标主机都开放了哪些服务,甚至能根据服务猜测可能存在某些漏洞. TCP端 ...

  7. Python3实现TCP端口扫描器

    本文来自 高海峰对 玄魂工作室 的投稿 作者:高海峰 QQ:543589796 在渗透测试的初步阶段通常我们都需要对攻击目标进行信息搜集,而端口扫描就是信息搜集中至关重要的一个步骤.通过端口扫描我们可 ...

  8. TCP/UDP端口列表

    http://zh.wikipedia.org/wiki/TCP/UDP%E7%AB%AF%E5%8F%A3%E5%88%97%E8%A1%A8 TCP/UDP端口列表     本条目可通过翻译外语维 ...

  9. [JAVA] 基于TCP的起重机运行模拟器

    1.客户端 package ClientMain; import java.io.DataInputStream; import java.io.DataOutputStream; import ja ...

随机推荐

  1. mysql面试题总结

    Mysql中的myisam与innodb的区别? InnoDB存储引擎的四大特性? 什么是事务? 数据库事务的四大特性? 不考虑事务的隔离性,会发生几种问题? MySQL数据库提供的四种隔离级别? 有 ...

  2. 13.实战交付一套dubbo微服务到k8s集群(6)之交付dubbo服务的消费者集群到K8S

    构建dubbo-demo-consumer,可以使用和dubbo-demo-service的流水线来构建 1.登录jenkins构建dubbo-demo-consumer  2.填写构建dubbo-d ...

  3. Java WebService _CXF、Xfire、AXIS2、AXIS1_四种发布方式(优缺点对比)

    xis,axis2,Xfire以及cxf对比 http://ws.apache.org/axis/ http://axis.apache.org/axis2/java/core/ http://xfi ...

  4. vue指令,实例成员,父子组件传参

    v-once指令 """ v-once:单独使用,限制的标签内容一旦赋值,便不可被动更改(如果是输入框,可以主动修改) """ <di ...

  5. Openvas简介

    Openvas是Nessus的一个开源分支,用于管理目标系统的漏洞. Openvas初始化:openvas-setup,会自动进行初始化配置.Openvas工作原理图如下: OpenVASManage ...

  6. Linux下9种优秀的代码比对工具推荐

    大家好,我是良许. 在我们编写代码的时候,我们经常需要知道两个文件之间,或者同一个文件不同版本之间有什么差异性.在 Windows 下有个很强大的工具叫作 BeyondCompare ,那在 Linu ...

  7. 啊湫----今天做项目遇到的redis缓存问题---解决方案

    演示缓存问题 在进行 前端某个功能更新时   传递的参数 问题 导致 缓存储存 覆盖  只缓存到  传递参数的  值 更新完毕后 进行 存储到redis当中  只存入了 当前这个不可以属性和一个id  ...

  8. No configuration file found and no output filename configured via Cli option.报错

    webpack手动配置webpack.config.js文件,打包时出现的报错,可以试试这种解决方案 报错如下: No configuration file found and no output f ...

  9. SpringBoot--使用redis实现分布式限流

    1.引入依赖 <!-- 默认就内嵌了Tomcat 容器,如需要更换容器也极其简单--> <dependency> <groupId>org.springframew ...

  10. LeetCode57. 插入区间

    对于新插入的区间newInterval,原区间列表intervals可以分为三个部分: 左边与newInterval不重合的区间,这些区间直接加入结果数组中: 中间与newInterval重合的区间, ...