端口掃描器實(shí)現(xiàn)

作者簽名 日期 導(dǎo)師簽名 日期 院長(zhǎng)簽名 日期 作者簽名 導(dǎo)師簽名 日期目引 端口掃描概 端口掃描有關(guān)知 端口的基本概 常見(jiàn)端口介 端口掃描器功效介 慣用端口掃描技 TCPconnect()掃 TCPSYN掃 TCPFIN掃 IP段掃 TCP反向ident掃 FTP返回攻 實(shí)驗(yàn)流程和運(yùn)行流 實(shí)現(xiàn)流 程序中重要的函 主流程 總 提出問(wèn) 解決問(wèn) 心得體 致 參考文 （安陽(yáng)師范學(xué) 人文管理學(xué) 河 安 摘要：TCPconnectTCP/IPc++VC6.0核心詞：端口掃描器；IP理解客戶機(jī)-服務(wù)器與端口掃描之間的工作原理，完畢對(duì)目的主機(jī)端口掃描功效的實(shí)現(xiàn)，對(duì)于畢業(yè)設(shè)計(jì)建設(shè)，首先應(yīng)考慮選擇一種實(shí)驗(yàn)平臺(tái)，考慮到windows操作系統(tǒng)在pc機(jī)上的壟斷地位，再加上microsoft提供的辦公軟件、數(shù)據(jù)軟件的通用性，使得現(xiàn)有的信息系統(tǒng)大都建立在windows大多數(shù)是針對(duì)windows操作系統(tǒng)[1]windowsTCP/IP端口建立連接并的不同，端口分為兩種，一種是tcp端口，一種是udp端口。計(jì)算機(jī)之間互相通信的時(shí)候，種方式大多采用tcp合同；一種是發(fā)送后來(lái)就不管了，不去確認(rèn)信息與否達(dá)成，這種方式大多采用udptcp端口和udp16bit0102321FTP25SMTP80HTTP135RPC102465535，這些端標(biāo)語(yǔ)普統(tǒng)提出訪問(wèn)網(wǎng)絡(luò)的申請(qǐng)，那么系統(tǒng)就能夠從這些端標(biāo)語(yǔ)中分派一種供該程序使用。例如8080TCP/IPIP地址和端口作為套接字，它代表TCP連接的一種連接端，普通稱為Socket。具體來(lái)說(shuō)，就是用IP這個(gè)大樓有好多入口（端口，進(jìn)到不同的入口中就能夠找到不同的公司（進(jìn)程）。如果要和遠(yuǎn)程主機(jī)AATCPconnect()TCPSYNTCPSYNSYNRSTSYNTCPSYNSYN大優(yōu)點(diǎn)就是速度，在Internet上，如果不存在防火墻，SYN掃描每秒鐘能夠掃描數(shù)千個(gè)端口，但是SYNTCPFINTCPRST否都會(huì)直接返回RST數(shù)據(jù)包，無(wú)法對(duì)端口狀態(tài)進(jìn)行判斷。IPTCP反向identFTP通信連接。然后請(qǐng)求這個(gè)server-PI激活一種有效的server-DTP(數(shù)據(jù)傳輸進(jìn)程)來(lái)給圖 源程序編譯頁(yè)輸入想要掃描的網(wǎng)段，然后將輸入的網(wǎng)段轉(zhuǎn)化為可排序的ip//功效 輸入一種IP段,輸出該IP段內(nèi)的端口開(kāi)放狀況信intScanIp(conststring&start_Ip,conststring&endIp,multimap<unsignedlong,string>&ouputMap){intscanNum=g_vec_IpToScan.size();g_runThreadNumscanNum;cout<<" 共有"<<scanNum<<"個(gè)IP"<<//對(duì)每個(gè)IPfor(inti=0;i<scanNum;{}return}//保存IPmultimap<unsignedlong,string>//線程函數(shù),掃描每一種DWORDWINAPIThreadFunc(LPVOID{//獲取需要掃描的//char*pStrIp=unsignedlongulScanIp*(unsignedlong*)th_para;intindex=0; SOCKETlink_sock; shortselect_ret; shortport; while(index<PORTSNUM){portg_portsTOscan[index];//創(chuàng)立數(shù)據(jù)流套接字link_sock=socket(AF_INET,SOCK_STREAM,0);if(link_sock==INVALID_SOCKET)//coutlink_socksocket失敗:錯(cuò)誤號(hào)為:"<<GetLastError()<<endl;//cout<<"***尚有_"<<"_個(gè)掃描線程進(jìn)行中**"<<endl;return-1;}voidCleanProc()//{while(1){if(g_runThreadNum==0){}}}int{cout 掃描到"<<g_map_ScanResult.size()"<<multimap<unsignedlong,string>::iteratoriter=g_map_ScanResult.begin();ofstreamout("out.txt");cout g_map_ScanResult.size()"<<for(;iter!=g_map_ScanResult.end();{ <<iter->second<<endl;cout<<iter->second<<}intmain();主函數(shù)InitProc();初始化UserInput();輸入ScanIp(g_startIp,g_endIp,g_map_ScanResult);開(kāi)始掃描 OutPutScanInfo();DWORDWINAPIThreadFunc(LPVOIDth_para); unsignedlongInvertIp(unsignedlongsrcIp);將ip&vec_ip);將全部ip排序放在一種數(shù)組內(nèi)ip

圖 函數(shù)主流程圖 開(kāi)始界闡明:可掃描的IP段為-54圖 掃描界

圖 成果界Web80，因此只需輸入網(wǎng)址即可，不用輸入“:80”了。有些木馬程80Executor、RingZero135135RPC（RemoteProcedureCall，遠(yuǎn)程過(guò)程調(diào)用合DCOM（分布式組件對(duì)象模型）RPCDCOMHTTPRPCRPCTCP/IP的消息造成的。該漏洞會(huì)影響到RPCDCOM135。445445445（1)（2)(3)connect()函數(shù)去連接這個(gè)辦法更加可靠且易connect()函數(shù)的連接過(guò)程有些許掌握，更有助于軟件的開(kāi)發(fā)。在面對(duì)幾千甚數(shù)并運(yùn)行來(lái)找到一種適宜的最大線程數(shù)量，能夠?qū)⒎懂爮?00010000，再到ipsocketc++語(yǔ)言。在這次設(shè)計(jì)中在解決線程上碰到了很大麻煩，但是通過(guò)上網(wǎng)查找和課本，socket6.趙樹(shù)升,趙韶平.信息安全原理與實(shí)踐[M].李雷,端口掃描辦法的原理.實(shí)現(xiàn)和防御[J].電腦編程技巧和維護(hù),,(5):21-劉文濤,網(wǎng)絡(luò)安全編程技術(shù)與實(shí)例[M].鄒新國(guó).計(jì)算機(jī)信息與網(wǎng)絡(luò)安全技術(shù)[M].濟(jì)南市：黃河出版社,肖微,端口掃描技術(shù)的原理及原理[J].網(wǎng)絡(luò)安全技術(shù)與應(yīng)用,,(7):32-RealizeASimplePortLi(HumanisticManagementCollegeofAnyangNormalUniversity,Anyang,HenanAbstract:Thedesignedtoimprovecomputersecurityawarenessthroughresearchportscanner.UseTCPconnectscanningprinciple,designatedscanhostviaTCP/IPprotocolhandshakewiththetargethostporttoestablishafullconnection,ifthetargethostthroughtheportwithreply,itindicatesthattheportisopen.Theuseofmulti-threadingtechnologytoachieveaportscanonatargetIPforasetnumberofcomputerportscanningtechnologyistheactivedefenseofthisimportanttechnologytopolicyimplementation.Theportscannerusingc++languagedevelopment,inVC6.0compilerenvironmentthroughthetest.Keywords:portscanner;IPscanner;information#pragmacomment(lib,"ws2_32.lib")#pragmawarning(disable:4786)#include#include<strstream>#include<winsock2.h>#include<windows.h>#include<string>#include<vector>#include<map>#include<fstream>#include<time.h>//#include"IpScan.h"usingnamespace//全局變量//short144,161,162,443,445,1024,1080,1433,1434,1755,3306,4000,5010,5190,5631,5632,8000,8080constshortPORTSNUMsizeof(g_portsTOscan)sizeof(short);////vector<unsignedlong>g_vec_IpToScan;stringg_startIp;string//啟動(dòng)的線程數(shù),1IP1個(gè)線程longg_runThreadNum;//socket // //socket模式設(shè)立,儲(chǔ)存socket信息constshortTIMEOUT=1; //socketHANDLEg_PortMutex;HANDLEHANDLE //IPmultimap<unsignedlong,string>//------------------------------------------------------------------------------------------------------------------//線程函數(shù),DWORDWINAPIThreadFunc(LPVOID{////char*pStrIp=unsignedlongulScanIp=*(unsignedintindex=0; SOCKETlink_sock; //SOCKET描述shortselect_ret; //select異步返回值shortport; while(index<{port=//link_sock=socket(AF_INET,SOCK_STREAM,0);if(link_sock==INVALID_SOCKET){//coutlink_socksocket失敗:錯(cuò)誤號(hào)為GetLastError()endl;//cout"***尚有_"<<g_runThreadNum"_個(gè)掃描線程進(jìn)行中**"<<return-} FD_SET(link_sock,&set_flag);用于在文獻(xiàn)描述符集合中增加一種新的文獻(xiàn)描述符 scan_addr.sin_family=AF_INET;scan_addr.sin_addr.s_addr=ulScanIp;scan_addr.sin_port=htons(port);unsignedlongsock_set= //設(shè)立套接字為非阻塞模式,0connect(link_sock,(structsockaddr*)&scan_addr,sizeof(scan_addr));//IP口select_retselect(0,NULL,&set_flag,NULL,&g_timeout);//if(select_ret==0||select_ret==-{}{strstreamstream_result;structin_addripaddr;ipaddr.s_addr=ulScanIp;char*pStrIp=stream_result<<"\t 主機(jī)地址為pStrIpt找到開(kāi)放的端口:"<<port<<'\0';string}}shutdown(link_sock0);//cout"****尚有_"<<g_runThreadNum"_個(gè)掃描線程進(jìn)行中****"<<return}//---------------------------------------------------------------------------------------------------------//IP轉(zhuǎn)化成能直接遞增和遞減的地址unsignedlongInvertIp(unsignedlongsrcIp){unsignedcharfirst;unsignedcharsecond;unsignedcharthird;unsignedcharfourth; (srcIp >> 24) & 0x00FF; (first<<24)|(second<<16)|(third<<8)|}//-----------------------------------------------------------------------------------------------//IPIPunsignedlongintGetIpToScan(conststring&StartIp,conststring&EndIp,vector<unsignedlong>{//IPunsignedlongulStartIp=inet_addr(StartIp.c_str());unsignedlongulEndIp=INADDR_NONE==INADDR_NONE==){cout<<" IP"endl;return-1;}//////////////IPIP段/////////////////////////////////////if(ulStartIp==ulEndIp&&ulStartIp!=0){return0;}if(ulStartIp==0&&ulEndIp=={return}if(ulStartIp=={return0;}if(ulEndIp=={return}//IP轉(zhuǎn)換成能夠遞增比較的類型ulStartIp=InvertIp(ulStartIp);ulEndIp=InvertIp(ulEndIp);//指定前后次序,ulEndIp較大unsignedlongmax_ip;if(ulStartIp>{max_ip=ulStartIp;ulStartIp=ulEndIp;ulEndIp=max_ip;}intipnums=ulEndIp-for(inti=0;i<={}return}

//IPunsignedlong型存到數(shù)組中供掃描//----------------------------------------------------------------------------------------------------------------//功效 輸入一種IP段,輸出該IP段內(nèi)的端口開(kāi)放狀況信intScanIp(conststring&start_Ip,conststring&endIp,multimap<unsignedlong,string>{//IPIP到全局?jǐn)?shù)組中去intscanNum=//g_runThreadNum=scanNum;cout<<" scanNum<<"IP要掃描"<<endl;//IPfor(inti=0;i<scanNum;{//要是不間隔時(shí)間的話,socket10093錯(cuò)誤}return}//------------------------------------------------------------------------------------------------------//int{cout g_map_ScanResult.size()<<""<<multimap<unsignedlong,string>::iteratoriter=ofstreamcout g_map_ScanResult.size()<<""<<for(;iter!=g_map_ScanResult.end();{}return}

<<iter->second<<endl;cout<<iter->second<<endl;//---------------------------------------------------------------------------------------------------void{ IP時(shí),IP. IP時(shí),IP. IP為cin>> IP為cin>>*********"<<}//-----------------------------------------------------------------------------------------------------------voidInitProc() //socket ws_result=if(ws_result!={cout"socketWSAStartu