User Tools

Site Tools


java:portscanner

I used to run a website where we needed to do large amounts of port scans. At first PHP handled it, but it was too slow, and also we didn't want to do port scans from that server. We set up a VPS, and I found some java example of an “Echo server” which I modified to make port scans. We did millions of port scans pr. day with this code, so it absolutely works. I'm a bit lazy at times + I'm no java-guy, so It's not pretty, it's not super fancy and brilliant, but it works, which to me is the most important thing.

Basically PHP opened a socket and wrote <pass>:<ip>:<port> and got “OPEN” or “CLOSED” back.

NOTE: There is not special reason for it to be Java vs. C/C++/???-language. I just wanted to play around with Java.

portscanner.java
/*
Client ID must be reset sometime or it will run out of bound!
*/
import java.net.*;
import java.io.*;
 
public class EchoServer {
// Just some initializations.. Don't fuck! ;P
	ServerSocket m_ServerSocket;
	int openscans = 0;
	int closedscans = 0;
 
// What port to bind to?
	int srvport = 12111;
 
	public EchoServer() {
		try {
// Create the server socket.
			m_ServerSocket = new ServerSocket();
			m_ServerSocket.setReuseAddress(true);
			m_ServerSocket.bind(new InetSocketAddress("10.0.0.6", srvport), 200);
		} catch(IOException ioe) {
			System.out.println("Could not create server socket at port " + srvport + ". Quitting.");
			System.exit(-1);
		}
 
		System.out.println("Listening for clients on port " + srvport + "...");
 
// Successfully created Server Socket. Now wait for connections.
		int id = 0;
		while(true) {
			try {
 
// Accept incoming connections.
				Socket clientSocket = m_ServerSocket.accept();
 
// accept() will block until a client connects to the server.
// If execution reaches this point, then it means that a client
// socket has been accepted.
 
// For each client, we will start a service thread to
// service the client requests. This is to demonstrate a
// multithreaded server, although not required for such a
// trivial application. Starting a thread also lets our
// EchoServer accept multiple connections simultaneously.
 
// Start a service thread
				ClientServiceThread cliThread = new ClientServiceThread(clientSocket, id++);
				cliThread.start();
			} catch(IOException ioe) {
				System.out.println("Exception encountered on accept. Ignoring. Stack Trace :");
				ioe.printStackTrace();
			}
		}
	}
 
	public static void main (String[] args) {
		new EchoServer();
	}
 
	class ClientServiceThread extends Thread {
		Socket m_clientSocket;
		int m_clientID = -1;
		boolean m_bRunThread = true;
 
		ClientServiceThread(Socket s, int clientID) {
			m_clientSocket = s;
			m_clientID = clientID;
		}
 
		public void run() {
// Obtain the input stream and the output stream for the socket                    
// A good practice is to encapsulate them with a BufferedReader                    
// and a PrintWriter as shown below.                                               
 
			BufferedReader in = null;
			PrintWriter out = null;
 
// Print out details of this connection
			System.out.println("Accepted Client : ID - " + m_clientID + " : Address - " +
				m_clientSocket.getInetAddress().getHostName());
 
			try {
				in = new BufferedReader(new InputStreamReader(m_clientSocket.getInputStream()));
				out = new PrintWriter(new OutputStreamWriter(m_clientSocket.getOutputStream()));
 
// At this point, we can read for input and reply with appropriate output.      
// Run in a loop until m_bRunThread is set to false
				while(m_bRunThread) {
 
// read incoming stream
					String clientCommand = in.readLine();
//					System.out.println("Client Says: " + clientCommand);                        
 
// Split the string
// String structure: <pass>:<ip>:<port>
					String [] inputvars = null;
					inputvars = clientCommand.split(":");
 
					String ip = inputvars[2];
					String pxrt = inputvars[3];
					int port = Integer.parseInt(pxrt);
 
					if(ip.length() >= 7 && port > 0) {
						try {
// Open a socket without any parameters. It hasn't been binded or connected
							Socket sock = new Socket();
 
// Bind to a local ephemeral port
							sock.bind(null);
 
// Connect to ip specified port 80 with a timeout of 3500 milliseconds
							sock.connect(new InetSocketAddress(ip,port), 3500);
							out.println("OPEN");
							openscans++;
							sock.close();
						} catch (IOException ex) {
// The remote host is not listening on this port
							out.println("CLOSED");
							closedscans++;
						}
					} else if(ip.length() == 5) {
						out.println("--- Statistics ---\n Clients: "+ m_clientID + "\n Open: " + openscans + "\n Closed: " + closedscans);
					} else {
						out.println("UNAUTHORIZED");
					}
					out.flush();
// Special command. Quit this thread
					m_bRunThread = false;
					System.out.print("                                                   OK - Stopping client thread for client : " + m_clientID);
				}
			} catch(Exception e) {
				e.printStackTrace();
			} finally {
// Clean up
				try {
					in.close();
					out.close();
					m_clientSocket.close();
//					clientSocket.close();
					System.out.println("...Stopped");
				} catch(IOException ioe) {
					ioe.printStackTrace();
				}
			}
		}
	}
}
java/portscanner.txt · Last modified: 2015/08/15 22:56 (external edit)