Scribd
Upload
103 views

Python - How To Create A Port Scanner TCP SYN Using The Method (TCP SYN) - Stack Overflow

The document discusses how to modify a Python TCP port scanner script to perform TCP SYN scanning instead. Several responses provide suggestions on how to implement TCP SYN scanning using raw sockets and the Scapy packet manipulation library in Python. Key points include generating raw SYN packets, listening for SYN-ACK responses to determine open ports, and parsing the TCP header to get the origin port of responding applications. It is also noted that this could effectively function as a SYN DDoS tool by creating many half-opened TCP connections.

Uploaded by

Sup' Tan'
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
103 views

Python - How To Create A Port Scanner TCP SYN Using The Method (TCP SYN) - Stack Overflow

The document discusses how to modify a Python TCP port scanner script to perform TCP SYN scanning instead. Several responses provide suggestions on how to implement TCP SYN scanning using raw sockets and the Scapy packet manipulation library in Python. Key points include generating raw SYN packets, listening for SYN-ACK responses to determine open ports, and parsing the TCP header to get the origin port of responding applications. It is also noted that this could effectively function as a SYN DDoS tool by creating many half-opened TCP connections.

Uploaded by

Sup' Tan'
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

People who code: we want your input.

Take the Survey

How to Create a port scanner TCP SYN using the method (TCP SYN
)?
Asked
4 years, 9 months ago Active
4 years, 1 month ago Viewed
9k times

#####################################

# Portscan TCP #

-1 # #

#####################################

# -*- coding: utf-8 -*-

#!/usr/bin/python3

import socket

ip = input("Digite o IP ou endereco: ")

ports = []

count = 0

while count < 10:

ports.append(int(input("Digite a porta: ")))

count += 1

for port in ports:

client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

client.settimeout(0.05)

code = client.connect_ex((ip, port)) #conecta e traz a msg de erro

#Like connect(address), but return an error indicator instead of raising an exception


for errors

if code == 0: #0 = Success

print (str(port) + " -> Porta aberta")

else:

print (str(port) + " -> Porta fechada")

print ("Scan Finalizado")

The python script above is a TCP Scanning. How can I change it into a TCP SYN scanning ?
How to Create a port scanner TCP SYN using the method (TCP SYN ) ?

python python-3.x

Share Improve this question Follow asked Aug 18 '16 at 18:06


Paul Sigonoso
525 1 5 17

2 Um, that's a bit different than just trying to connect. You will have to come with an approach of your
own and ask a precise question!
– Marcus Müller
Aug 18 '16 at 18:09

2 Answers Active Oldest Votes

As @Upsampled mentioned you might use raw sockets (https://en wikipedia org/) as you only
As @Upsampled mentioned, you might use raw sockets (https://en.wikipedia.org/) as you only
need a subset of TCP protocol (send SYN and recieve RST-ACK or SYN-ACK
).

7 As coding something like http://www.binarytides.com/raw-socket-programming-in-python-


linux/
could be a good excersice, I would also suggest to consider
https://github.com/secdev/scapy

Scapy is a powerful Python-based interactive packet manipulation


program and
library.

Here's the code sample that already implements a simple port scanner
http://pastebin.com/YCR3vp9B and a detailed article on what it does:
http://null-
byte.wonderhowto.com/how-to/build-stealth-port-scanner-with-scapy-and-python-0164779/

The code is a little bit ugly but it works — I've checked it from my local Ubuntu PC against my
VPS. Here's the most important code snippet (slightly adjusted to conform to PEP8):

# Generate Port Number

srcport = RandShort()

# Send SYNC and receive RST-ACK or SYN-ACK

SYNACKpkt = sr1(IP(dst=target) /

TCP(sport=srcport, dport=port, flags="S"))

# Extract flags of received packet

pktflags = SYNACKpkt.getlayer(TCP).flags

if pktflags == SYNACK:

# port is open

pass

else:

# port is not open

# ...

pass

Share Improve this answer Follow edited Aug 23 '16 at 6:59 answered Aug 23 '16 at 6:53
ffeast
8,830 23 34

First, you will have to generate your own SYN packets using RAW sockets. You can find an
example here
5
Second, you will need to listen for SYN-ACKs from the scanned host in order to determine
which ports actually try to start the TCP Handshake (SYN,SYN-ACK,ACK). You should be able
+25 to detect and parse the TCP header from the applications that respond. From that header you
can determine the origin port and thus figure out a listening application was there.

Also if you implement this, you also basically made a SYN DDOS utility because you will be
creating a ton of half-opened tcp connections.

Share Improve this answer Follow answered Aug 23 '16 at 1:46


Liam Kelly
2,826 1 14 25

You might also like