diff --git a/modules/auxiliary/scanner/portscan/tcp.rb b/modules/auxiliary/scanner/portscan/tcp.rb new file mode 100644 index 0000000000..45b20bf117 --- /dev/null +++ b/modules/auxiliary/scanner/portscan/tcp.rb @@ -0,0 +1,87 @@ +## +# $Id: sweep_udp.rb 5523 2008-06-06 04:29:19Z hdm $ +## + +## +# This file is part of the Metasploit Framework and may be subject to +# redistribution and commercial restrictions. Please see the Metasploit +# Framework web site for more information on licensing and terms of use. +# http://metasploit.com/projects/Framework/ +## + + +require 'msf/core' + +module Msf + +class Auxiliary::Scanner::Portscan::TCP < Msf::Auxiliary + + include Exploit::Remote::Tcp + + include Auxiliary::Report + include Auxiliary::Scanner + + + def initialize + super( + 'Name' => 'TCP Port Scanner', + 'Version' => '$Revision: 5523 $', + 'Description' => 'Enumerate open TCP services', + 'Author' => 'hdm', + 'License' => MSF_LICENSE + ) + + register_options( + [ + OptPort.new('PORTSTART', [true, 'The starting port number', 1]), + OptPort.new('PORTSTOP', [true, 'The stopping port number', 10000]), + OptInt.new('TIMEOUT', [true, "The socket connect timeout in milliseconds", 1000]), + ], self.class) + + deregister_options('RPORT') + + end + + + def run_host(ip) + + port_start = datastore['PORTSTART'].to_i + port_stop = datastore['PORTSTOP'].to_i + timeout = datastore['TIMEOUT'].to_i + + if(port_stop < port_start) + tmp = port_start + port_start = port_stop + port_stop = tmp + end + + port_start.upto(port_stop) do |port| + + begin + s = connect(false, + { + 'RPORT' => port, + 'RHOST' => ip, + 'ConnectTimeout' => (timeout / 1000.0) + } + ) + print_status(" TCP OPEN #{ip}:#{port}") + s.close + rescue ::Interrupt + raise $! + rescue ::Errno::EINVAL + raise $! + rescue ::Rex::HostUnreachable + break + rescue ::SocketError + rescue ::Rex::ConnectionRefused, ::Rex::ConnectionTimeout + rescue ::Exception => e + print_status("Unknown error: #{e.class} #{e.to_s}") + end + end + end + + + +end +end