# Port Scanners for Networked Systems
By Heidi Nguyen

## Method

    - Create a simple Python-based port scanner using the socket library. 
    - Create a script that iterates through a range of IP addresses, and, for each IP address, will identify the active ports available for that IP address. At least ports corresponding to telnet, ftp SSH, smtp, http, imap, and https services should be scanned and identified.


In [2]:
# !/usr/bin/env python
# coding: utf-8

#libraries
from PIL import Image
import sys, os, random, struct, hashlib, time
import socket
import subprocess

# Clear the screen
subprocess.call('clear', shell=True)

# This small port scanner program will try to connect on every port you define for a particular host.
def portScan(targetServerIP, targetPortsList):
    try:
        # Print a banner with information of the Server we are about to scan
        # translates numerical IP to name
        targetName = socket.gethostbyaddr(targetServerIP)
        print "-" * 60
        print "Remote server info ", targetName
        print "Please wait, scanning remote server IP", targetServerIP
        print "-" * 60
    except:
        print "[-] Cannot resolve '%s': Unknown host" %targetServerIP
        return
    
    # start scanning
    # start timing
    start = time.time()
    try:
        for port in targetPortsList:  # range(1,1025)
            # creates instance of socket for TCP
            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            # takes in IP address and port
            # Like connect(address), but return an error indicator instead of
            # raising an exception for errors returned by the C-level connect() call
            # (other problems, such as “host not found,” can still raise exceptions).
            # The error indicator is 0 if the operation succeeded, otherwise the value of the errno variable.
            # This is useful to support, for example, asynchronous connects.
            result = sock.connect_ex((targetServerIP, port))
            # if error indicator is 0, the operation succeeded.
            if result == 0:
                print "Port {}: Open".format(port)
            sock.close()
    
    except KeyboardInterrupt:
        print "You pressed Ctrl+C"
        sys.exit()
    
    except socket.error:
        print "Couldn't connect to server"
        sys.exit()
    
    # Print the timing information:
    print 'It took', time.time()-start, 'seconds.'

# calling functions
if __name__ == '__main__':
    # Set wd
    path = os.chdir("/Users/heidinguyen/Downloads/")
    targetPortsList = range(1,1025)
    # Loop through a sequencial list of IP Addresses
    for x in range(164, 167):
        targetServerIP = '129.119.70.' + str(x) #  www.smu.edu IP 129.119.70.166
        # call portScan()
        portScan(targetServerIP, targetPortsList)


 ------------------------------------------------------------
Remote server info  ('sdars16.systems.smu.edu', ['164.70.119.129.in-addr.arpa'], ['129.119.70.164'])
Please wait, scanning remote server IP 129.119.70.164
------------------------------------------------------------
Port 80: Open
Port 443: Open
It took 2987.30513191 seconds.
------------------------------------------------------------
Remote server info  ('sdars17.systems.smu.edu', ['165.70.119.129.in-addr.arpa'], ['129.119.70.165'])
Please wait, scanning remote server IP 129.119.70.165
------------------------------------------------------------
Port 80: Open
It took 3047.65452099 seconds.
------------------------------------------------------------
Remote server info  ('sdars18.systems.smu.edu', ['166.70.119.129.in-addr.arpa'], ['129.119.70.166'])
Please wait, scanning remote server IP 129.119.70.166
------------------------------------------------------------
Port 80: Open
Port 443: Open
It took 2945.58005214 seconds.


Reference: 

    1. http://www.pythonforbeginners.com/code-snippets-source-code/port-scanner-in-python
    2. https://codingsec.net/2016/11/crack-password-zip-files-using-python/
    3. https://github.com/shadow-box/Violent-Python-Examples/blob/master/Chapter-2/1-portScan.py
    4. https://en.wikipedia.org/wiki/Banner_grabbing

