def connect(host, port, timeout_sec, log_in_file, language, time_sleep,
thread_tmp_filename, socks_proxy, scan_id, scan_cmd, stealth_flag):
try:
if socks_proxy is not None:
socks_version = socks.SOCKS5 if socks_proxy.startswith(
'socks5://') else socks.SOCKS4
socks_proxy = socks_proxy.rsplit('://')[1]
if '@' in socks_proxy:
socks_username = socks_proxy.rsplit(':')[0]
socks_password = socks_proxy.rsplit(':')[1].rsplit('@')[0]
socks.set_default_proxy(
socks_version,
str(socks_proxy.rsplit('@')[1].rsplit(':')[0]),
int(socks_proxy.rsplit(':')[-1]),
username=socks_username,
password=socks_password)
socket.socket = socks.socksocket
socket.getaddrinfo = getaddrinfo
else:
socks.set_default_proxy(socks_version,
str(socks_proxy.rsplit(':')[0]),
int(socks_proxy.rsplit(':')[1]))
socket.socket = socks.socksocket
socket.getaddrinfo = getaddrinfo
if target_type(host) == "SINGLE_IPv6":
s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM, 0)
else:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
if timeout_sec is not None:
s.settimeout(timeout_sec)
if target_type(host) == "SINGLE_IPv6":
s.connect((host, port, 0, 0))
else:
s.connect((host, port))
try:
service_name = "/" + discover_by_port(host,
port,
timeout_sec,
b"ABC\x00\r\n" * 10,
socks_proxy,
external_run=True)
except Exception as _:
service_name = None
if not service_name or service_name == "/UNKNOWN":
try:
service_name = "/" + socket.getservbyport(port)
except Exception:
service_name = ""
info(
messages(language, "port_found").format(host,
str(port) + service_name,
"TCP_CONNECT"),
log_in_file, "a", {
'HOST':
host,
'USERNAME':
'',
'PASSWORD':
'',
'PORT':
port,
'TYPE':
'port_scan',
'DESCRIPTION':
messages(language, "port/type").format(
str(port) + service_name, "TCP_CONNECT"),
'TIME':
now(),
'CATEGORY':
"scan",
'SCAN_ID':
scan_id,
'SCAN_CMD':
scan_cmd
}, language, thread_tmp_filename)
s.close()
return True
except socket.timeout:
try:
service_name = "/" + discover_by_port(host,
port,
timeout_sec,
b"ABC\x00\r\n" * 10,
socks_proxy,
external_run=True)
except Exception as _:
service_name = None
if not service_name or service_name == "/UNKNOWN":
try:
service_name = "/" + socket.getservbyport(port)
except Exception:
service_name = ""
try:
if filter_port(host, port):
info(
messages(language,
"port_found").format(host,
str(port) + service_name,
"TCP_CONNECT"))
data = json.dumps({
'HOST':
host,
'USERNAME':
'',
'PASSWORD':
'',
'PORT':
port,
'TYPE':
'port_scan',
'DESCRIPTION':
messages(language, "port/type").format(
str(port) + service_name, "TCP_CONNECT"),
'TIME':
now(),
'CATEGORY':
"scan",
'SCAN_ID':
scan_id,
'SCAN_CMD':
scan_cmd
}) + '\n'
__log_into_file(log_in_file, 'a', data, language)
__log_into_file(thread_tmp_filename, 'w', '0', language)
except:
pass
except:
return False
def stealth(host, port, timeout_sec, log_in_file, language, time_sleep,
thread_tmp_filename, socks_proxy, scan_id, scan_cmd, stealth_flag):
try:
if socks_proxy is not None:
socks_version = socks.SOCKS5 if socks_proxy.startswith(
'socks5://') else socks.SOCKS4
socks_proxy = socks_proxy.rsplit('://')[1]
if '@' in socks_proxy:
socks_username = socks_proxy.rsplit(':')[0]
socks_password = socks_proxy.rsplit(':')[1].rsplit('@')[0]
socks.set_default_proxy(
socks_version,
str(socks_proxy.rsplit('@')[1].rsplit(':')[0]),
int(socks_proxy.rsplit(':')[-1]),
username=socks_username,
password=socks_password)
socket.socket = socks.socksocket
socket.getaddrinfo = getaddrinfo
else:
socks.set_default_proxy(socks_version,
str(socks_proxy.rsplit(':')[0]),
int(socks_proxy.rsplit(':')[1]))
socket.socket = socks.socksocket
src_port = RandShort()
stealth_scan_resp = sr1(IP(dst=host) /
TCP(sport=src_port, dport=port, flags="S"),
timeout=int(timeout_sec))
if (str(type(stealth_scan_resp)) == "<type 'NoneType'>"):
# "Filtered"
pass
elif (stealth_scan_resp.haslayer(TCP)):
if (stealth_scan_resp.getlayer(TCP).flags == 0x12):
# send_rst = sr(IP(dst=host) / TCP(sport=src_port, dport=port, flags="R"), timeout=timeout_sec)
try:
service_name = "/" + discover_by_port(host,
port,
timeout_sec,
b"ABC\x00\r\n" * 10,
socks_proxy,
external_run=True)
except Exception as _:
service_name = None
if not service_name or service_name == "/UNKNOWN":
try:
service_name = "/" + socket.getservbyport(port)
except Exception:
service_name = ""
data = json.dumps({
'HOST':
host,
'USERNAME':
'',
'PASSWORD':
'',
'PORT':
port,
'TYPE':
'port_scan',
'DESCRIPTION':
messages(language, "port/type").format(
str(port) + service_name, "STEALTH"),
'TIME':
now(),
'CATEGORY':
"scan",
'SCAN_ID':
scan_id,
'SCAN_CMD':
scan_cmd
}) + '\n'
__log_into_file(log_in_file, 'a', data, language)
__log_into_file(thread_tmp_filename, 'w', '0', language)
elif (stealth_scan_resp.getlayer(TCP).flags == 0x14):
# "Closed"
pass
elif (stealth_scan_resp.haslayer(ICMP)):
if (int(stealth_scan_resp.getlayer(ICMP).type) == 3
and int(stealth_scan_resp.getlayer(ICMP).code)
in [1, 2, 3, 9, 10, 13]):
pass
else:
# "CHECK"
pass
return True
except:
return False