How to Code a Port scanner in Python

 

port scanner python

 Overview

In this post, we will going to learn how to code a easy to use port scanner in Python. In my view, python is one of the most powerful scripting language. There are many ways of doing this but we will going to learn it by using it's built in module Socket.

 

 

Sockets

The socket module in Python provides access to the BSD socket interface.

We will use socket class which handle functions and data channel to perform network task. For instance, translating server domain name to ip address. Source


We use sockets for any kind of communication through computer over the internet.For almost 99% of socket programs, we use INET sockets. 

The web browser’s that you use opens a socket and connects to the web server. Any network communication goes through a socket. For more info on Socket Module, please refer:  official documentation.

Socket functions


Lets take a look at some of the socket functions, to get a basic understanding before we start with our port scanner program.

sock = socket.socket (socket_family, socket_type)
Syntax for creating a socket

sock = socket.socket (socket.AF_INET, socket.SOCK_STREAM)
Creates a stream socket

AF_INET
Socket Family (here Address Family version 4 or IPv4)

SOCK_STREAM
Socket type TCP connections

SOCK_DGRAM
Socket type UDP connections

gethostbyname("host")
Translate a host name to IPv4 address format

socket.gethostbyname_ex("host")
Translate a host name to IPv4 address format, extended interface

socket.getfqdn("8.8.8.8")
Get the fqdn (fully qualified domain name)

socket.gethostname()
Returns the hostname of the machine..

socket.error
Exception handling

 

Making a program using Python Sockets

How to make a simple port scanner program in Python

This small port scanner program will try to connect on every port you define for a particular host.

The first thing we must do is import the socket library and other libraries that we need.

Open up an text editor, copy & paste the code below.

Save the file as: "portscanner.py" and exit the editor

 

CODE: 

#!/usr/bin/env python
import socket
import subprocess
import sys
from datetime import datetime

# Clear the screen
subprocess.call('clear', shell=True)

# Ask for input
remoteServer    = raw_input("Enter a remote host to scan: ")
remoteServerIP  = socket.gethostbyname(remoteServer)

# Print a nice banner with information on which host we are about to scan
print "-" * 60
print "Please wait, scanning remote host", remoteServerIP
print "-" * 60

# Check what time the scan started
t1 = datetime.now()

# Using the range function to specify ports (here it will scans all ports between 1 and 1024)

# We also put in some error handling for catching errors

try:
    for port in range(1,1025):  
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        result = sock.connect_ex((remoteServerIP, port))
        if result == 0:
            print "Port {}: \t Open".format(port)
        sock.close()

except KeyboardInterrupt:
    print "You pressed Ctrl+C"
    sys.exit()

except socket.gaierror:
    print 'Hostname could not be resolved. Exiting'
    sys.exit()

except socket.error:
    print "Couldn't connect to server"
    sys.exit()

# Checking the time again
t2 = datetime.now()

# Calculates the difference of time, to see how long it took to run the script
total =  t2 - t1

# Printing the information to screen
print 'Scanning Completed in: ', total
Sample output
Let's run the program and see how an output can look like

$ python portscanner.py

Enter a remote host to scan: www.your_host_example.com
------------------------------------------------------------
Please wait, scanning remote host xxxx.xxxx.xxxx.xxxx
------------------------------------------------------------

Port 21:   Open
Port 22:    Open
Port 23:    Open
Port 80:    Open
Port 110:   Open
Port 111:   Open
Port 143:   Open
Port 443:   Open
Port 465:   Open
Port 587:   Open
Port 993:   Open
Port 995:   Open

Scanning Completed in:  0:06:34.705170
 
Disclaimer: 
This program is for education purpose only. We do not take any responsibility 
if it is used for offensive purpose.