diff options
Diffstat (limited to 'tmap')
-rw-r--r-- | tmap | 65 |
1 files changed, 65 insertions, 0 deletions
@@ -0,0 +1,65 @@ +#!/usr/bin/python +from socket import * +import socks +import argparse + +## This function tries to open a connection on a specific port +def connScan(host, port, wait, notor): + ## If notor is set to True, it doesn't use the socks proxy + if notor: + sckt = socket(AF_INET, SOCK_STREAM) + else: + sckt = socks.socksocket() + sckt.settimeout(wait) + ## Try to connect, print to stdout on success + try: + sckt.connect((host, port)) + print("[+] port {} on {} is open".format(port, host)) + sckt.close() + except: + pass + + +## This function goes throgh all ports and calls connScan for each one +def portScan(host, ports, wait, notor): + for p in ports: + connScan(host, p, wait, notor) + +def main(): + ## Define and parse the arguments + parser = argparse.ArgumentParser(description="Simple port scanner that works over Tor") + parser.add_argument("-H", "--hosts", metavar="HOSTS", dest="tgtHost", help="IPv4 address to scan", required=True) + parser.add_argument("-p", "--ports", metavar="PORTS", dest="tgtPort", help="ports to scan", default="80") + parser.add_argument("-t", "--timeout", metavar="TIMEOUT", dest="sockTimeout", type=int, help="seconds to wait before connection timeout for each port", default=3) + parser.add_argument("--clearnet", dest="clearnet", help="don't use Tor for scanning", action="store_true") + parser.add_argument("--torport", metavar="TORPORT", dest="torPort", type=int, help="port for Tor proxy", default="9050") + + args = parser.parse_args() + + ## Set Tor as default Tor proxy for the scanner + socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1", args.torPort) + + ## Load specified ports into PORTS list + if "-" not in args.tgtPort: + PORTS = map(int, args.tgtPort.split(",")) + else: + PORTS = map(int, args.tgtPort.split("-")) + if len(PORTS) != 2: + parser.print_help() + exit() + PORTS = range(PORTS[0],PORTS[1]) + + ## Load other variables + HOSTS = args.tgtHost.split(",") + WAIT_TIME = args.sockTimeout + CLEARNET = False + + if args.clearnet: + CLEARNET=True + + ## Scan each host in HOSTS list + for h in HOSTS: + portScan(h, PORTS, WAIT_TIME, CLEARNET) + +if __name__ == "__main__": + main() |