Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Hacking Techniques :: soupscan.c

Soup Port Scanner




/* 20 Second Soup Scanner
 * Ambient Empire
 * by aempirei
 * inspired by bind's `propecia.c'
 * slower but cleaner
 */

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/wait.h>
#include <unistd.h>
#include <signal.h>
#include <stdlib.h>
#include <stdio.h>
#include <netdb.h>

#define SA struct sockaddr
#define SIN_LEN sizeof(struct sockaddr_in)
#define IPV4_ADDRLEN 16

void ShowHelp(char *, char *);

/* confine the shared forked code for niceness */
int ConnectCheck(struct sockaddr_in, int, int);

/* this be wrapper functions pulled from other ambient empire code */
const char *ipv4_ntop(int, const void *, char *, size_t);
const char *ipv4_showname(int , const void *, char *, size_t);

int main(int argc, char *argv[]) {
   int i, status,
       DestPort = 139,
       Children = 128,
       Timeout = 7,
       Resolve = 0;
   char DestIP[15];
   char *NetworkID;
   char c;

   struct sockaddr_in DestAddress;

   if(argc < 2) ShowHelp(argv[0], "ERROR: invalid number of arguments");
   
   NetworkID = argv[1];
   sprintf(DestIP, "%s.255", NetworkID);
   if(!inet_aton(DestIP, &DestAddress.sin_addr))
      ShowHelp(argv[0], "ERROR: invalid network ID");

   opterr = 0;
   while((c = getopt(argc, argv, "Rp:c:t:")) != -1) {
      switch(c) {
         case 'R': Resolve = -1; break;
         case 'p': DestPort = atoi(optarg); break;
         case 'c': Children = atoi(optarg); break;
         case 't': Timeout = atoi(optarg); break;
         case '?': ShowHelp(argv[0], "ERROR: unrecognized option"); break;
      }
   }

   if(DestPort < 1) ShowHelp(argv[0], "ERROR: invalid target port");
   if(Children < 1) ShowHelp(argv[0], "ERROR: invalid number of children");
   if(Timeout < 1) ShowHelp(argv[0], "ERROR: invalid timeout");

   fprintf(stderr, "Scanning %s.*:%i -- %i children -- %i second timeout\n\n",
                    NetworkID, DestPort, Children, Timeout);

   DestAddress.sin_family = AF_INET;
   DestAddress.sin_port = htons(DestPort);

   for(i = 0; i < Children; i++) {

      sprintf(DestIP, "%s.%d", NetworkID, i);
      inet_aton(DestIP, &DestAddress.sin_addr);
      if(!fork()) ConnectCheck(DestAddress, Timeout, Resolve);
   }

   for(i = Children + 1; i < 256; i++) {
      wait(&status); /* wait till a child dies to make another */
      
      sprintf(DestIP, "%s.%d", NetworkID, i);
      inet_aton(DestIP, &DestAddress.sin_addr);
      if(!fork()) ConnectCheck(DestAddress, Timeout, Resolve);
   }

   for(;;) {
      if((waitpid(-1, &status, WNOHANG) == -1) && (errno == ECHILD))
            exit(EXIT_SUCCESS);
   }
}

int ConnectCheck(struct sockaddr_in DestAddr, int Timeout, int Resolve) {
   int result;
   int SocketFD;
   char Hostname[60];
   
   if((SocketFD = socket(AF_INET, SOCK_STREAM, 0)) < 0) exit (EXIT_FAILURE);
	   
   alarm(Timeout);
   
   result = connect(SocketFD, (SA *)&DestAddr, SIN_LEN);

   if (!result) {
      if(Resolve) printf("%s\n", ipv4_showname(AF_INET,
                                               &DestAddr.sin_addr.s_addr,
                                               Hostname, 59));
      else printf("%s\n", ipv4_ntop(AF_INET,
                          &DestAddr.sin_addr.s_addr,
                          Hostname, 59));
      close(SocketFD);
  }

   exit(EXIT_SUCCESS);
}

const char *
ipv4_ntop(int family, const void *addrptr, char *strptr, size_t len) {
   const u_char *p = (const u_char *)addrptr;

   if(family == AF_INET) {
      char temp[IPV4_ADDRLEN];

      snprintf(temp, sizeof(temp), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
      if(strlen(temp) >= len) {
         errno = ENOSPC;
         return(NULL);
      }
      strcpy(strptr, temp);
      return(strptr);
   }
   errno = EAFNOSUPPORT;
   return(NULL);
}

const char *
ipv4_showname(int family, const void *addrptr, char *strptr, size_t len) {
   struct hostent *hentry;
   
   size_t aflen;

   if(family == AF_INET) aflen = 4;
   else {
      errno = EAFNOSUPPORT;
      return(NULL);
   }
   
   if((hentry = gethostbyaddr(addrptr, aflen, family)) != NULL) {
      if(strlen(hentry->h_name) < len) {
         strcpy(strptr, hentry->h_name);
         return(strptr);
      }
   }

   return(ipv4_ntop(family, addrptr, strptr, len));
}

void ShowHelp(char *argv0, char *ErrMsg) {
   printf("%s\n\n", ErrMsg);
   printf("Usage: %s <X.X.X> [-p <port>] "
                            "[-c <children>] "
                            "[-t <timeout>] [-R]\n", argv0);
   printf(" <X.X.X>        \tclass c network ID\n");
   printf(" [-p <port>]    \ttarget tcp/ip port number\n");
   printf(" [-c <children>]\tmaximum simultaneous children\n");
   printf(" [-t <timeout>] \tseconds before connection timeout\n");
   printf(" [-R]           \tresolve IPs to hostnames\n");
      
   exit (EXIT_FAILURE);
}



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH