port scan with asp.net

• Download source code - 306.1 Kb

Introduction

this is an old fashion to learn which port is open or not on the target. I check around for nice and fast portscanner but could not find and off course this one not like nmap just connects the port and if its connected tells its open.

by the way http finger is the part of this web app. which checks if 80. port is open on the target and writes the output I guess after user saw the output who will understand which OS runs on the target.

Usage

You just need to give IP address or URL and starting port and ending port. after that watch the magic.

Some Performance Tricks

if I dont use the threads it tooks 10 times more then now. actually we dont need to use that database for port explanation but it looks better to see what has seen so far in that ports.

ASP.NET 2 and System.Net.Sockets is really powerfull and easy to use.

 
StartPort = Convert.ToInt32(numStart.Text);
EndPort = Convert.ToInt32(numEnd.Text);
ipAdres = txtIP.Text;
Thread[] pool = new Thread[(EndPort - StartPort) + 1];
int i = 0;

DateTime start = DateTime.Now;
// Loop through the ports between start port and end port
for (int CurrPort = StartPort; CurrPort <= EndPort; CurrPort++)
{
    Thread th = 
         new Thread(new System.Threading.ParameterizedThreadStart(portAc));
    //NOTE: better to leave to system.
    // th.Priority = ThreadPriority.AboveNormal;
    th.Start(CurrPort);
    pool[i] = th;
    i++;
}
#region thread pool
int k = --i;
int retryCount = 0;
for (; i >= 0; i--)
{
    if (pool[i].IsAlive)
    {
        i = k;
        retryCount++;
        continue;
    }
    if (retryCount == 1000)
    {
        break;
    }
}
#endregion

#region httpfinger
if (http)
{
    // Create a request for the URL.         
    WebRequest request = WebRequest.Create("http://" + txtIP.Text);
    // If required by the server, set the credentials.
    request.Credentials = CredentialCache.DefaultCredentials;
    // Get the response.
    try{
        HttpWebResponse response = (HttpWebResponse)request.GetResponse();

        string serverType = response.Headers["server"];
        if (serverType.Contains("IIS"))
        {
            lblServer.Text = "Windows System ";
            if (serverType.Contains("5."))
            {
                lblServer.Text += "XP/2000";
            }
            if (serverType.Contains("6."))
            {
                lblServer.Text += "2003";
            }
        }
        if (serverType.ToLower().Contains("apache"))
        {
            lblServer.Text += "probably linux";
        }
        lblServer.Text += "
" + serverType;
    }
    catch(Exception Err){
        //sometime which returns 404 and it makes a problem.
    }
}
#endregion

DateTime end = DateTime.Now;
TimeSpan sonuc = end - start;
lblzaman.Text = sonuc.TotalSeconds + " total secs";
   

that piece of code does the main job and offcourse we need to give that threads a function for port open and connection.

public void portAc(object portNoObj)
{
    int portNo = (int)portNoObj;
    TcpClient TcpScan = new TcpClient();
    try
    {
        // Try to connect
        TcpScan.Connect(ipAdres, portNo);

        if (!TcpScan.Connected) return;
        // If there's no exception, we can say the port is open
        log += "Port " + portNo + " open\r\n";

        //NOTE: We may include more finger tips to here
        switch (portNo)
        {
            case 80: http = true; break;
        }

        try
        {
            DataRow dr = dt.NewRow();
            dr[0] = "http://www.portsdb.org/bin/portsdb.cgi?portnumber=" + 
                     portNo + "&protocol=ANY&String=";
            dt.Rows.Add(dr);
        } // Ends Try
        catch (Exception Err)
        {
            throw Err;
        }
    }
    catch
    {
        // An exception occured, thus the port is probably closed
    }
}

    

The TcpClient class provides simple methods for connecting, sending, and receiving stream data over a network in synchronous blocking mode. But we just used its Connect function to see is that port open or not. You can try this portAc function with a for loop and see it yourself. If we did not use the threads how much time we can lost.

Is it legal

Yes for me and google I dunno what do u think about that. If you use it for security and see what is going on its not a big issue.

Conclusion

The code of scanner is really easy to understand. Just download the source and have fun. This application can not run under ASP.NET 1.x. You need to have ASP.NET 2.0.