Shulou(Shulou.com)05/31 Report--

This article introduces you to Python arbitrary network segment port information detection tool example analysis, the content is very detailed, interested friends can refer to, I hope to help you.

0x01 Knowledge points involved

Multithreading template: threading multithreading module, Queue module, timeout handling, exception handling.

IP address block conversion: scanning is a relatively large network segment IP Web port, we can not manually input IP address one by one, so we need IP address block and IP conversion.

HTTP network request library: requests module.

Regular expression: We need to get the banner information we want in the Response after the Request.

So our general idea:

First, convert the input IP segment into IP and put it into Queue in turn, then start multithreading, pass Queue into multithreaded class, and the core function in multithreaded class executes steps:

1. Take an IP and splice the URL into the format http://x.x.x.

2. Use the requests module to obtain page status information, title information, banner information (server banner information, here Web container and its version information)

3. Title information needs to be obtained in the page source code, and the re module is used to regularly match the content within the title tag.

4. Banner information needs to obtain server in header information in Response.

After adding our tool documentation and custom LOGO information, a complete tool is complete.

Let's see the finished picture:

Cool!

0x02 core code explanation

Since IP address block conversion and multithreading templates have been described in detail in the author's previous article, this article will not explain them, but will go directly to the core code area, that is, the work after taking out each IP.

while not self._ queue.empty(): ip = self._ queue.get(timeout=0.5) url = 'http://' + ip try: r = requests.Session().get(url=url, headers=header, timeout=5) content = r.text status = r.status_code title = re.search(r'(.*) ', content) if title: title = title.group(1).strip().strip("\r").strip("\n")[:30] else: title = "None" banner = 'Not Found' try: banner = r.headers['Server'][:20] except: pass sys.stdout.write("|%-16s %-6s %-26s %-30s\n" % (ip, status, banner, title)) except: pass

status is the status code of the http page. Children who simply understand the http protocol should know it.

Title is the title information of the requested page, which needs to be matched with a regular expression.

banner is the Server field in the Response header information.

The following is a Response packet for a Request request. It can be seen intuitively that the red box is what we want to get.

The output uses sys.write to resolve multithreaded output asymmetry and formats the output to align the fetched data.

0x03 Add Tool Module

Logo production using the Linux tool figlet, help documentation using Python built-in module argparse.

Two tools to explain the portal in detail: bbs.ichunqiu.com/thread-31231-1-1.html

Logo code and help documentation code:

logo_code = 'IF8gICBfIF8gICBfICAgICAgICAgX19fXyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF9fX18gICAgICAgICAgICAgICAgICAKfCB8IHwgfCB8X3wgfF8gXyBfXyB8IF9fICkgIF9fIF8gXyBfXyAgXyBfXyAgIF9fXyBfIF9fLyBfX198ICBfX18gX18gXyBfIF9fICAKfCB8X3wgfCBfX3wgX198ICdfIFx8ICBfIFwgLyBfYCB8ICdfIFx8ICdfIFwgLyBfIFwgJ19fXF9fXyBcIC8gX18vIF9gIHwgJ18gXCAKfCAgXyAgfCB8X3wgfF98IHxfKSB8IHxfKSB8IChffCB8IHwgfCB8IHwgfCB8ICBfXy8gfCAgIF9fXykgfCAoX3wgKF98IHwgfCB8IHwKfF98IHxffFxfX3xcX198IC5fXy98X19fXy8gXF9fLF98X3wgfF98X3wgfF98XF9fX3xffCAgfF9fX18vIFxfX19cX18sX3xffCB8X3wgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCg==' logo = base64.b64decode(logo_code) print logo parser = ArgumentParser() parser.add_argument("-i", dest="cidr_ip", default="192.168.1.1/16", help="The CIDR IP Like 192.168.1.1/24") parser.add_argument("-t", dest="thread_count", type=int, default=100, help="The Thread Number") args = parser.parse_args() parser.print_help() print '' print 'The Mission Started Successfully::' print ''

Output demonstration:

_ _ _ _ ____ ____| | | | |_| |_ _ __ | __ ) __ _ _ __ _ __ ___ _ __/ ___| ___ __ _ _ __| |_| | __| __| '_ \| _ \ / _` | '_ \| '_ \ / _ \ '__\___ \ / __/ _` | '_ \| _ | |_| |_| |_) | |_) | (_| | | | | | | | __/ | ___) | (_| (_| | | | ||_| |_|\__|\__| .__/|____/ \__,_|_| |_|_| |_|\___|_| |____/ \___\__,_|_| |_| usage: httpbannerscan.py [-h] [-i CIDR_IP] [-t THREAD_COUNT] optional arguments: -h, --help show this help message and exit -i CIDR_IP The CIDR IP Like 192.168.1.1/24 -t THREAD_COUNT The Thread Number

Done.

Example script run:

python httpbannerscan.py -t 100 -i 192.168.1.1/24

0x04 Subsequent improvements

It is well known that Web ports are not limited to port 80, and some other Web ports may not be as secure as port 80.

Therefore, when we use the requests module to make request requests, we can put some common Web ports into a list, first detect the openness of the port, and then grab the Response information, which is the fastest detection method.

Common Web ports:

80-90,8080-8090 Example analysis of Python arbitrary network segment port information detection tool is shared here, I hope the above content can be of some help to everyone, you can learn more knowledge. If you think the article is good, you can share it so that more people can see it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.