Menu

Port Scan Attack

Help
2017-03-27
2017-03-27
  • Amit Khandelwal

    Amit Khandelwal - 2017-03-27

    Hi,
    I tried to extend port scan application , in order to display the port found open on the server side. I tried a lot but failed to do so. Below is the approach I used. The program never enters the handleincomingpacket method, why is it happening? Please help. If this is not he correct approach kindly suggest me one.

    // Decompiled by Jad v1.5.8e. Copyright 2001 Pavel Kouznetsov.
    // Jad home page: http://www.geocities.com/kpdus/jad.html
    // Decompiler options: packimports(3) 
    // Source File Name:   SimplePortScanner.java
    import de.dailab.nessi.core.api.annotations.Description;
    import de.dailab.nessi.core.api.annotations.IntegerField;
    import de.dailab.nessi.core.api.annotations.StringField;
    import de.dailab.nessi.core.api.events.Event;
    import de.dailab.nessi.core.api.events.TickedEvent;
    import de.dailab.nessi.ip.api.address.IPFactory;
    import de.dailab.nessi.ip.api.address.IPv4Address;
    import de.dailab.nessi.ip.api.layer.ILayerHandler;
    import de.dailab.nessi.ip.api.layer.ITransportLayer;
    import de.dailab.nessi.ip.api.protocols.Packet;
    import de.dailab.nessi.ip.api.protocols.ip.IPv4Header;
    import de.dailab.nessi.ip.api.protocols.udp.UDPHeader;
    import de.dailab.nessi.ip.handler.IPApplication;
    import de.dailab.nessi.ip.handler.PromiscuousModeApplication;
    import java.util.Random;
    
    public class Port_AK extends IPApplication
    {
    private int ClientPort=1500;
        public Port_AK()
        {
            startPort = 1;
            endPort = 1024;
            targetIp = "0.0.0.0";
            startTick = 10;
        }
    
        public void handleEvent(Event e)
        {
            Random ran = new Random(123L);
            for(int i = startPort; i < endPort; i++)
            {
                byte payload[] = new byte[28];
                ran.nextBytes(payload);
                getLayerHandler().getTransportLayer().sendUDPPacket(ClientPort, i, destinationIP, payload);
            }
    
            super.handleEvent(e);
        }
        public void handleIncomingPacket(Packet packet1)
        {
        System.out.println("Packet Came");
        IPv4Header ipHeader = packet.findHeader(IPv4Header.class);
            UDPHeader udpHeader = packet.findHeader(UDPHeader.class);
            if (ipHeader == null || udpHeader == null) {
            return;
        }
    
        System.out.print("The port replied back is ");
        System.out.println(udpHeader.getSourcePort());
        }
    
        public boolean start()
        {
        getLayerHandler().getTransportLayer().registerUDPPort(ClientPort, this);
            destinationIP = IPFactory.createIPv4Address(targetIp);
            TickedEvent e = new TickedEvent(this, startTick);
            getLayerHandler().addEvent(e);
            return super.start();
        }
    
        @IntegerField("Start Port")
        @Description("Start Port number")
        private int startPort;
        @IntegerField("End Port")
        @Description("End")
        private int endPort;
        @StringField("IP Address")
        private String targetIp;
        private int startTick;
        private IPv4Address destinationIP;
    }
    
     
  • Karsten Bsufka

    Karsten Bsufka - 2017-03-29

    The purpose of the "SimplePortScanner" application was only to generate the traffic for the scanner itself. In the example the return traffic was never really addressed, since that would be behaviour on the server side. So, you only will get a reply, if there is an UDP server application running on the destination IP, that replies to any random input. Otherwise there won't be a reply for open ports.

     
    • Amit Khandelwal

      Amit Khandelwal - 2017-03-29

      I tried with that too. I deployes UDP sevrer that replies back to the same IP and Port from which it recieves the packet. Still it is not working. I think the problem is :
      1. Once a port is used for sending the packet at 'Por Scanner' , it canno be further registered for listening the replies from the server side.
      2. I could not find methods that captures the incoming packets without registered ports.

       
      • Karsten Bsufka

        Karsten Bsufka - 2017-03-29

        You could try to extend your application from the class AbstractPromiscuousModeApplication. If you implement the method public void process(Packet p) you should receive/see all incoming and outgoing packets. In your case you also need to make sure, that processing packets is not blocked by the application.

         

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.