Tuesday, September 7, 2010

Sockets Practice: sscan.c

sscan.c is another piece of learning code, this time implementing a syn port scanner using raw sockets and libpcap.

This was also a lesson in patience as it took a 6+ hour debugging session to track down a missing htons() causing invalid TCP checksums--I started drinking at hour 3.

dennis@ipa:~/projects/sockets/sscan$ gcc -Wall -o sscan sscan.c -lpcap
dennis@ipa:~/projects/sockets/sscan$ sudo sscan lo0 127.0.0.1
Password:
22 is open
25 is open
111 is open
587 is open
2049 is open
dennis@ipa:~/projects/sockets/sscan$ sudo sscan iwn0 192.168.0.1
Password:
80 is open
dennis@ipa:~/projects/sockets/sscan$

tcpdump snippet, open port:

18:20:35.455203 127.0.0.1.59341 > 127.0.0.1.22: S [tcp sum ok] 2370039654:2370039654(0) win 65535 (ttl 255, id 44629, len 40)

18:20:35.455227 127.0.0.1.22 > 127.0.0.1.59341: S [tcp sum ok] 189400764:189400764(0) ack 2370039655 win 16384 (DF) (ttl 64, id 7376, len 44)

18:20:35.455238 127.0.0.1.59341 > 127.0.0.1.22: R [tcp sum ok] 2370039655:2370039655(0) win 0 (DF) (ttl 64, id 48987, len 40)

Closed port:

18:20:35.955556 127.0.0.1.30223 > 127.0.0.1.23: S [tcp sum ok] 1512395315:1512395315(0) win 65535 (ttl 255, id 19412, len 40)

18:20:35.955573 127.0.0.1.23 > 127.0.0.1.30223: R [tcp sum ok] 0:0(0) ack 1512395316 win 0 (DF) (ttl 64, id 49789, len 40)
Posted by at
Labels:

1 comment:

Subscribe to: Post Comments (Atom)