O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  



Small Port Scanner
A small tcp/udp port-scanner implemented in bash.

Contributed by:
Luke Bonanomi
[08/06/06 | Discuss (1) | Link to this hack]

Port scanners are like cork-screws. There's never one around when you need one, and you generally need it right away. Even when you aren't in a hurry many distributions (particularly firewall or routing appliances) don't have a C compiler available, making a conventional port-scanner impossible.

This hack takes advantage of bash's little-known integral network support in /dev/tcp/hostname and /dev/udp/hostname to create a full open TCP/UDP port scanner. This version stresses simplicity (and ease of typing) over features, though filtering the output through /etc/services to provide labels for open ports or running multiple scans in parallel to speed the scanning process up would both be neat refinements. (invoke this script as ./scriptname hostname type, where type is udp or tcp

#!/bin/bash
for a in $(yes scan | head -1024)
  do
  (( start++ ))
  if [[ -n $(echo '' > /dev/$2/$1/$start && echo "up") ]];
      then
      echo "Port $start" >> scan;
  fi
done;
clear
cat scan;
rm scan;


O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.