Multithreading port scanner

[dacid]

I want to code a multithreading tcp port scanner.. and i would really appreciate any information, source code & examples... on both subjects (multithreading and port scanner).

Thx in advance!

[Ghirai]

I'm assuming you want to write a CONNECT scanner.

There are numerous ways to store the ips/ports, sync the threads, etc.

The basic idea is that you spawn x threads, that try to connect to the specified ip:port (via connect()). Then based on how you sync everything, store the result (1/0 or whatever) to possibly an array, variable, etc.
Then you have a variable, which tells you how many threads are running; each thread that terminates must decrease the value, etc. You need to implement some sort of locking.
Next, in your main thread, you loop and wait for the above var to reach 0 (meaning that all worker threads are done), possibly showing info meanwhile.

The interesting part is how you do the locking, how do the threads get the info they need (ip/port), how do they return the result, etc. :)

[redskull]

If writing port-surfing apps isn't against the forum rules, it probably should be. :tdown

[Mark Jones]

Why bother... there's tons of these things already pre-made out there.

[MichaelW]

There's tons of a lot of things, but that doesn't mean that they should be allowed here.

[Mark Jones]

In case that wasn't clear, I meant "why bother writing one when a hundred already exist." I never said they should be allowed, anywhere.

[MichaelW]

Sorry Mark, I interpreted your comment entirely from the context, when I should have know better.

[Draakie]

Dependant on your point-of-view a port scanner is a security tool or a hacking tool.
The Caine and Abel theory. It all falls to "motive" or "intent".  Just finding a port open
on a host computer - still would require a major effort to exploit any weakness presented
by the service resident. Today's up-to-date patched systems present an incermountable
obstacle for the "would be" hacker. Social Engineering has much more threat value......
That we don't talk about security related topics in this forum is quite understandable. I suggest
the OP, clean of malicous intent, visit security related forums for the information required, else
"bugger off" as there are enough criminals and saboteurs in this world.

Draakie

[dacid]

A port scanner is a world-accepted security tool ...

PortQry Command Line Port Scanner Version 2.0
"Download PortQryV2.exe, a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. Portqry.exe runs on Windows 2000-based computers."

http://www.microsoft.com/downloads/details.aspx?FamilyID=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en


Hey, best you dont write a packer because malware writers can use it.. or a mail client because terrorist can use it to communicate. Or best we close Internet because some people use it to trade illegal porn...

If you want to secure your system you need some apps that the "bad guys" use too... there is a thing called "penetration testing":

http://en.wikipedia.org/wiki/Penetration_testing

Dont get mad on censoring things... this is not the way. He who wants to destroy things will find a way to do it and he who whants to learn or even to do good things must have the information!

[Ghirai]

Portscanners are useful to admins and security people - those that keep your boxes safe from the bad guys.

Now, i think that a threaded connect scanner is a good way of learning the basics of threads, is totally harmless, and it shouldn't be the point of this debate.

[hutch--]

While there are certainly valid and sensible uses for port scanners, they are also subject to abuse and can be used for malicious purposes. On that basis we normally do not let grey areas survive in this forum, this posting is no exception. The advice to go to a well run security forum is the right advice, ask Ghirai and he may be able to point you to one.

I am locking this thead due to the risk of its subject being used for illegal purpose, even though I have no reason to think the poster had that intent.