summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--tmap65
1 files changed, 65 insertions, 0 deletions
diff --git a/tmap b/tmap
new file mode 100644
index 0000000..7d67e86
--- /dev/null
+++ b/tmap
@@ -0,0 +1,65 @@
+#!/usr/bin/python
+from socket import *
+import socks
+import argparse
+
+## This function tries to open a connection on a specific port
+def connScan(host, port, wait, notor):
+ ## If notor is set to True, it doesn't use the socks proxy
+ if notor:
+ sckt = socket(AF_INET, SOCK_STREAM)
+ else:
+ sckt = socks.socksocket()
+ sckt.settimeout(wait)
+ ## Try to connect, print to stdout on success
+ try:
+ sckt.connect((host, port))
+ print("[+] port {} on {} is open".format(port, host))
+ sckt.close()
+ except:
+ pass
+
+
+## This function goes throgh all ports and calls connScan for each one
+def portScan(host, ports, wait, notor):
+ for p in ports:
+ connScan(host, p, wait, notor)
+
+def main():
+ ## Define and parse the arguments
+ parser = argparse.ArgumentParser(description="Simple port scanner that works over Tor")
+ parser.add_argument("-H", "--hosts", metavar="HOSTS", dest="tgtHost", help="IPv4 address to scan", required=True)
+ parser.add_argument("-p", "--ports", metavar="PORTS", dest="tgtPort", help="ports to scan", default="80")
+ parser.add_argument("-t", "--timeout", metavar="TIMEOUT", dest="sockTimeout", type=int, help="seconds to wait before connection timeout for each port", default=3)
+ parser.add_argument("--clearnet", dest="clearnet", help="don't use Tor for scanning", action="store_true")
+ parser.add_argument("--torport", metavar="TORPORT", dest="torPort", type=int, help="port for Tor proxy", default="9050")
+
+ args = parser.parse_args()
+
+ ## Set Tor as default Tor proxy for the scanner
+ socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1", args.torPort)
+
+ ## Load specified ports into PORTS list
+ if "-" not in args.tgtPort:
+ PORTS = map(int, args.tgtPort.split(","))
+ else:
+ PORTS = map(int, args.tgtPort.split("-"))
+ if len(PORTS) != 2:
+ parser.print_help()
+ exit()
+ PORTS = range(PORTS[0],PORTS[1])
+
+ ## Load other variables
+ HOSTS = args.tgtHost.split(",")
+ WAIT_TIME = args.sockTimeout
+ CLEARNET = False
+
+ if args.clearnet:
+ CLEARNET=True
+
+ ## Scan each host in HOSTS list
+ for h in HOSTS:
+ portScan(h, PORTS, WAIT_TIME, CLEARNET)
+
+if __name__ == "__main__":
+ main()