exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

scanutil.c

scanutil.c
Posted Apr 25, 2001
Authored by Tornado

Scanutil v1.1 Scans a list of IP addresses and ports for a string. Useful for checking lists of IP's for certain versions of daemons.

tags | tool, scanner
systems | unix
SHA-256 | 909a63cbba75c1813cc85a6fc61738a5900de3158aaaaac235bb384e8771103a
Download | Favorite | View

scanutil.c

Change Mirror Download
/* Scanutil 1.1 by ToRNadO
 * 
 * It search a port in a IP list.
 * It is possible to add a string to compare it with what we receibe from that
 * port. This is useful for example to search a version of ftp, imap, smtp.. etc
 * 
 * Usage:
 * 
 *   ./Scanutil <ip.list> <port> <string> [port] [string] ....
 * 
 * Example:
 * 
 * ./Scanutil ips.list 21 wu-2.4     <--- For versions 2.4 of wu-ftp
 * ./Scanutil ip.list 25 8.7 80 null <--- For versions 8.7 of smtp and port 80
 * ./Scanutil ip.list 21 wu-2.4 80 null 25 8.7 <--- Easy, isn't it? :)
 *
 * With the string "null" it won't search any string in that port
 * 
 * You also can add to the ip.list:
 *
 * 195.55.0.0      <----- It scans 195.55.*
 * 195.55.4.0 195.55.7.0  <----- It scans from 195.55.4.* to 195.55.7.*
 *
 * If send.txt is present then it will send all data to the port after connect
 * It's useful if you want to find a version of a webserver (for example)
 *
 * Ex :
 *   Send.txt:
 *    GET index.hhh
 * 
 *  ./Scanutil ip.list 80 IIS
 *
 * For compile :
 * 
 *   cc scanutil.c -o scanutil
 *
 *    or
 * 
 *  cc scanutil.c -o scanutil -DNORMAL  // If you dont want the bar progress
 *
 */
 

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <signal.h>

#define MAX_LENGHT 1024

struct sockaddr_in ser[65];
int acabo[65], sock[65],i,numip[4],numip2[4],limite;
int ciclo=0;
int puertog,puerto[100];
int conectado[65];
int tope;
#ifndef NORMAL
int p=1;
#endif
char ip[60];
FILE *fp;
struct timeval timee[65];
struct timezone timezon;

    
que_hago()
{
int k,z;
char ip2[40];
empieza:
if (puertog>tope)
{
puertog=1;
if (ciclo==0)
{
fgets (ip,47,fp);
if (feof(fp)!=0)
goto salta;
sscanf (ip, "%d.%d.%d.%d", &numip[4],&numip[3],&numip[2],&numip[1]);
bzero ((char *) ip2, sizeof (ip2));
sscanf (ip, "%s %s", &ip, &ip2);

if (strlen(ip2)>2)
{
sscanf (ip2, "%i.%i.%i.%i", &numip2[4], &numip2[3], &numip2[2], &numip2[1]);
for (z=3; z>0; z--)
{
if (numip[z]!=numip2[z])
{

ciclo=z;
limite=numip2[z];
goto yata;
}
}
}
for (z=3;z>0;z--)
{
if (numip[z]>255)
numip[z]=0;
if (numip[z]==0)
{
ciclo=z;
limite=255;
break;
}
}

}
yata:


if (ciclo!=0)
{
if (numip[ciclo]>limite)
{
ciclo=0;
goto empieza;
}
for (z=1;z<ciclo;z++)
{
if (numip[z]>253)
{
numip[z+1]++;
numip[z]=0;
}
}

numip[1]++;

sprintf (ip, "%i.%i.%i.%i", numip[4], numip[3], numip[2], numip[1]);
}
}
salta:
sprintf (ip, "%i.%i.%i.%i", numip[4], numip[3], numip[2], numip[1]);
if ((feof(fp)!=0) && ciclo==0)
{
puertog=0;
acabo[i]=1;

shutdown (sock[i],0);
close (sock[i]);
goto fin;
}


ser[i].sin_addr.s_addr=inet_addr(ip);
ser[i].sin_port=htons(puerto[puertog]);
shutdown (sock[i],0);
close(sock[i]);
sock[i]=socket (AF_INET, SOCK_STREAM,0);
fcntl (sock[i], F_SETFL, O_NONBLOCK);
gettimeofday ((struct timeval *) &timee[i], (struct timezone *) &timezon);
connect (sock[i], (struct sockaddr *) &ser[i], sizeof (ser[i]));
conectado[i]=0;
#ifndef NORMAL
switch (p)
{
case 1:
fprintf (stderr, "\33[1;70H  [\\]  ");
p=p+1;
break;
case 2:
fprintf (stderr, "\33[1;70H  [|]  ");
p=p+1;
break;
case 3:
fprintf (stderr, "\33[1;70H  [/]  ");
p=p+1;
break;
case 4:
fprintf (stderr, "\33[1;70H  [-]  ");
p=1;
break;
}
fprintf (stderr, "\33[25;1H");
fflush (stdout);
#endif
fin:
puertog++;

}



main (int argc, char *argv[])
{
struct timeval timeout;
struct timeval temporal;
struct in_addr in;
char ip2[20];
char a[]="GET /index.htl";
char a2[MAX_LENGHT];
char *dir;
char recib[1024];
char string[1024];
char puerchar[1024];
int lL = 40;
int j,k,z,strin;
int acabo2[65];
FILE *fp3;
fd_set fdvar;
fd_set fdvar2;
struct stat fiche;
timeout.tv_sec=0;
timeout.tv_usec=200;
timezon.tz_minuteswest=0;
timezon.tz_dsttime=0;
bzero ((char *) recib, sizeof (recib));
bzero ((char *) a2, sizeof(a2));
if (argc==4)
strin=1;
if (argc <4)
 
{
printf ("\nUsage: %s <file> <port> <string> [port] [string] ....\n", argv[0]);
printf ("\n    file    <----    file with the list of IPs to scan\n");
printf ("    port    <----    port for scan\n");
printf ("    string  <----    string to compare with what we receibe from the port\n");
printf ("          (if you dont want any string, type: null)\n\n");
printf ("  Ex: %s ip.list 25 8.8.8 80 null 21 wu-2.4\n\n", argv[0]);
exit(0);
}
k=0;

for (i=2;i<=argc;i++)
{
if ((i*2)==argc)
goto largo;
}
printf ("Error in the number of arguments. Each port need a string (or a null)\n");
exit(0);
largo:
for (i=2;i<argc;i=i+2)
{
k=k+1;
puerto[k]=atoi(argv[i]);
if (puerto[k]==0)
{
printf ("Error in port: %s\n", argv[i]);
exit(0);
}


}
tope=k;
j=1;
for (i=0;i<63;i++)
{
acabo[i]=0;
acabo2[i]=0;
conectado[i]=0;
}
signal (SIGPIPE, SIG_IGN);
puertog=0;

for (i=0;i<63;i++)
{
bzero ((char *) &ser[i], sizeof (ser[i]));
ser[i].sin_family=AF_INET;
ser[i].sin_port=htons (puerto[puertog]);
}
fp=fopen (argv[1], "r");
if (fp<(FILE *) 1)
{
printf ("Error opening the file\n");
exit(0);
}
fp3 = fopen ( "send.txt", "r");

if (fp3 > (FILE *) 0)
{
stat ("send.txt", &fiche );
printf ("send.txt present. Sending send.txt to ports after connect\n");
if (fiche.st_size < 1024)
read ( 4, &a2, fiche.st_size );
else 
{
printf ("File too long, please edit MAX_LENGHT\n");
exit (0);
}
}
else
{
printf ("send.txt not present. Sending no string when connect\n");
sprintf (a2, "a");
}


fgets (ip, 47, fp);
while (1)
{
puertog++;
sscanf (ip, "%i.%i.%i.%i", &numip[4],&numip[3],&numip[2],&numip[1]);

if (ciclo==0)
{
bzero ((char *) ip2, sizeof(ip2));
sscanf (ip, "%s %s", ip, ip2);

if (strlen(ip2)>2)
{
sscanf (ip2, "%i.%i.%i.%i", &numip2[4], &numip2[3], &numip2[2], &numip2[1]);
for (i=3; i>0; i--)
{
if (numip[i]!=numip2[i])
{
ciclo=i;
limite=numip2[i];
goto yata;
}
}
}
for (i=3;i>0;i--)
{

if (numip[i]>255) 
numip[i]=0;
if (numip[i]==0)
{
ciclo=i;
limite=254;
break;
}
}
}

if (ciclo!=0 && (puertog>tope))
{
puertog=1;
if (numip[ciclo]>(limite-1))
{
ciclo=0;
goto arriba;
}
numip[1]++;
sprintf (ip, "%i.%i.%i.%i", numip[4], numip[3], numip[2], numip[1]);
}

if (feof (fp)!=0)
break;
yata:

ser[j].sin_addr.s_addr= inet_addr(ip);
ser[j].sin_port=htons(puerto[puertog]);
sock[j]=socket (AF_INET, SOCK_STREAM, 0);
if (sock[j]<0)
break;
fcntl (sock[j], F_SETFL, O_NONBLOCK);
connect(sock[j], (struct sockaddr *) &ser[j], sizeof (ser[j]));
gettimeofday ((struct timeval *) &timee[j], (struct timezone *) &timezon);
j=j+1;
arriba:
if (feof (fp)!=0 || (j>59 && (puertog>=tope)))
break;
if (ciclo==0 && (puertog>(tope-1)))
{
fgets (ip, 47, fp);
puertog=0;
}
}
fuera:
while (1)
{
z=0;
FD_ZERO (&fdvar);
FD_ZERO (&fdvar2);
for (i=1;i<j;i++)
{
if (acabo[i]==0)
{
FD_SET (sock[i], &fdvar);
if (acabo2[i]==0)
FD_SET (sock[i], &fdvar2);
z=z+1;
}
}
if (z<1)
{
printf ("End of scan\n");
exit(0);
}


if (select (i+3, (fd_set *) &fdvar, (fd_set *) &fdvar2, (fd_set *) 0, (struct timeval *) &timeout)<1)
{
gettimeofday ((struct timeval *) &temporal, (struct timezone *) &timezon);

for (i=1;i<j;i++)
{
if (((temporal.tv_sec - timee[i].tv_sec) > 9) && (acabo[i]==0))
{
acabo2[i]=0;
que_hago();
break;
}

}
timeout.tv_sec=0;
timeout.tv_usec=200;

goto fin;
}
k=0;
for (i=1;i<j;i++)
{
k=FD_ISSET(sock[i], (fd_set *)&fdvar);
if (k==1)
break;
k=FD_ISSET(sock[i], (fd_set *)&fdvar2);
if (k==1)
break;

}
in.s_addr= ser[i].sin_addr.s_addr;
dir=(char *) inet_ntoa (in);
// sprintf (a2, "%s\r\n", a);
if (conectado[i]!= 1)
{
if (send (sock[i], (char *) a2, sizeof (a2),0)>=0)
{
conectado[i]=1;
}
}
if (conectado[i]==1)
{
k=ntohs(ser[i].sin_port);
sprintf (puerchar, "%i", k);

for (z=2;z<argc;z=z+2)
{
strcpy (string, argv[z]);
if (strcmp (puerchar, string)==0)
{
if (z<(argc+1))
{
strcpy (string, argv[z+1]);
if (strcasecmp (string, "null")==0)
{strin=0;}
else
{
strin=1;
}
}
goto arg;
}

}
arg:
if (strin==0)
printf ("%s  <---- Port %i open\n",dir, ntohs(ser[i].sin_port));

if (strin==1)
{

if (recv (sock[i], (char *) recib, sizeof (recib),0)<1)
{
acabo2[i]=1;
bzero ((char *) recib, sizeof (recib));
conectado[i]=0;
goto fin;
}
strcpy (string, argv[z+1]);
acabo2[i]=0;
if ((char *)strstr((char *) recib, (char *) string)!=(char *)0)
{
printf ("%s  <----- Port %i + string found\n", dir,ntohs(ser[i].sin_port));
}
bzero ((char *) recib, sizeof(recib));
goto fin;
}
}
timeout.tv_sec=0;
timeout.tv_usec=200;
que_hago();
fin:
}


}


Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    0 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close