# Port Scanning Project Breakdown

This Python script performs a port scanning operation across the entire range of TCP ports (1 to 65535) on a target host. Below is a step-by-step breakdown of the main components of the project, along with the relevant code.

The following are the steps I took to build out this project:
<br>Step 1: Import required modules
<br>Step 2: Command-Line Argument Handling
<br>Step 3: Hostname Resolution
<br>Step 4: Scan Banner and Timing
<br>Step 5: Multithreading
<br>Step 6: scan_port Function
<br>Step 7: Thread Joining
<br>Step 8: Error and Interrupt Handling
<br>Step 9: Completion Message

## 1. Project Setup

In [11]:
import sys
import socket
from datetime import datetime
import threading

## 2. Command-Line Argument Handling

The script expects exactly one argument: the target hostname or IP address. If the user provides an invalid number of arguments, it prints usage information and exits.

In [12]:
if len(sys.argv) == 2:
    target = sys.argv[1]
else:
    print("Invalid number of arguments.")
    print("Usage: python.exe scanner.py <target>")
    sys.exit(1)

Invalid number of arguments.
Usage: python.exe scanner.py <target>


SystemExit: 1

## 3. Hostname Resolution

It uses socket.gethostbyname(target) to resolve the given hostname into an IP address. If the resolution fails (i.e., socket.gaierror), the script prints an error and exits.

In [None]:
# Input local host of target = "127.0.0.1 as user input not possible in this notebook."

try:
    target_ip = socket.gethostbyname("127.0.0.1")
except socket.gaierror:
    print(f"Error: Unable to resolve hostname {target}")
    sys.exit(1)

## 4. Scan Banner and Timing

Before starting the scan, the code prints a banner with the target IP address and the current time. This is purely informational and helps track when the scan began.

In [None]:
print("-" * 50)
print(f"Scanning target {target_ip}")
print(f"Time started: {datetime.now()}")
print("-" * 50)

## 5. Multithreading

The script creates a thread for each port in the range 1 to 65535. Each thread runs the scan_port(target_ip, port) function, allowing ports to be probed concurrently. This significantly speeds up the scan compared to a single-threaded approach.

In [None]:
threads = []
for port in range(1, 65536):
    thread = threading.Thread(target=scan_port, args=(target_ip, port))
    threads.append(thread)
    thread.start()

for thread in threads:
    thread.join()


## 6. scan_port Function

The scan_port function creates a TCP socket and attempts to connect to the target IP on a specific port using socket.connect_ex. If connect_ex returns 0, the connection succeeded, indicating that the port is open. The function prints a message if the port is open and closes the socket. It also handles any socket errors or unexpected exceptions.

In [None]:
def scan_port(target, port):
    try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.settimeout(1)
        result = s.connect_ex((target, port))
        if result == 0:
            print(f"Port {port} is open")
        s.close()
    except socket.error as e:
        print(f"Socket error on port {port}: {e}")
    except Exception as e:
        print(f"Unexpected error on port {port}: {e}")

## 7. Thread Joining

After starting all threads, the script waits for each to finish by calling thread.join(). This ensures the program doesn't exit prematurely before all port checks are complete.

In [None]:
for thread in threads:
    thread.join()

## 8. Error and Interrupt Handling

If the user interrupts the process with KeyboardInterrupt (Ctrl+C), the script will cleanly stop and exit. The script also handles serious socket errors, printing an error message before exiting.

In [None]:
except KeyboardInterrupt:
    print("\nExiting program.")
    sys.exit(0)

except socket.error as e:
    print(f"Socket error: {e}")
    sys.exit(1)

## 9. Completion Message

Once all threads have finished, the script prints "Scan completed!" to indicate that the entire port range has been probed.

In [None]:
print("\nScan completed!")

## What I Learned
How to handle command-line arguments and validate them in Python.

The basics of resolving domain names to IP addresses with socket.gethostbyname.

The fundamentals of socket programming and how connect_ex can be used to check port availability.

The power of multithreading to speed up tasks that involve many independent I/O operations.

The importance of good error-handling practices for unexpected situations (network errors, user interrupts, etc.).

## Full Code
Here is the full code that implements the entire port scanner:

In [None]:
import sys
import socket
from datetime import datetime
import threading

# Function to scan a given port
def scan_port(target, port):
    try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.settimeout(1)
        result = s.connect_ex((target, port))
        if result == 0:
            print(f"Port {port} is open")
        s.close()
    except socket.error as e:
        print(f"Socket error on port {port}: {e}")
    except Exception as e:
        print(f"Unexpected error on port {port}: {e}")

def main():
    if len(sys.argv) == 2:
        target = sys.argv[1]
    else:
        print("Invalid number of arguments.")
        print("Usage: python.exe scanner.py <target>")
        sys.exit(1)
    try:
        target_ip = socket.gethostbyname(target)
    except socket.gaierror:
        print(f"Error: Unable to resolve hostname {target}")
        sys.exit(1)

    # Banner
    print("-" * 50)
    print(f"Scanning target {target_ip}")
    print(f"Time started: {datetime.now()}")
    print("-" * 50)

    try:
        # Multithreading to scan ports concurrently
        threads = []
        for port in range(1, 65536):
            thread = threading.Thread(target=scan_port, args=(target_ip, port))
            threads.append(thread)
            thread.start()

        for thread in threads:
            thread.join()

    except KeyboardInterrupt:
        print("\nExiting program.")
        sys.exit(0)

    except socket.error as e:
        print(f"Socket error: {e}")
        sys.exit(1)

    print("\nScan completed!")

if __name__ == "__main__":
    main()