This would be really simple with Python, at least to verify that the port is open. You could then verify that there is a web-server running there if you make a request and verify the header (200 OK
I think).
Anyway, to do this in Python
install nmap
to your system and then the python nmap bindings.
#!/usr/bin/env python
import nmap, threading, urllib2, socket
baseip = "108.170.28.{}"
def NmapPortScan( targethost, targetport = 80 ):
print("Trying: " + str(targethost) )
scanner = nmap.PortScanner()
result = scanner.scan( str(targethost), str(targetport) )
if ( int(result['nmap']['scanstats']['uphosts']) == 1):
try:
state = result[str(targethost)]['tcp'][int(targetport)]['state']
print "State: {} : {}".format(str(targethost), str(state))
return state
except:
print "State: {} : {}".format( str(targethost), "error")
return "error"
else:
print "{}: Not up".format( str(targethost) )
return "notup"
def CheckHttpStatus( targethost ):
req = urllib2.urlopen( targethost )
if( "Content-Type: text/html" in req.info().headers[3] ):
return True
else:
return False
def LogIp( ipaddr ):
with open("openips.txt", "a") as fi:
fi.write( ipaddr + '\n' )
fi.close()
def CheckIps( ip ):
if ( NmapPortScan( ip ) == "open" ) and ( CheckHttpStatus( "http://" + socket.gethostbyaddr( ip )[0] ) ):
#if ( CheckHttpStatus( "http://" + socket.gethostbyaddr( ip )[0] ) ):
LogIp( ip )
print( "Open Port 80 on: " + str(ip) )
def main():
for i in range(153, 201):
#for i in range(153, 154):
ip = baseip.format(str(i))
#CheckIps( ip )
th = threading.Thread(target=CheckIps, args=(ip,))
th.start()
if __name__ == "__main__":
main()
This will both:
Print a message to the console: Open Port 80 on: xxx.xxx.xxx.xxx
Log to a file the IP: openips.txt
saved to wherever you ran the script from.
Hmm... could you make this work for scanning big IP ranges? I do not know python... – user1307079 – 2013-07-11T20:11:52.127
@user1307079 - I'll update in a minute when I can do it and test. – nerdwaller – 2013-07-11T20:17:22.673
@user1307079 - Done. Should work for your IP range, but it looks like few are "up" and a bunch are giving errors. If you plugin google's IP
74.125.225.167
- instead of the range, you'll see it be happy. – nerdwaller – 2013-07-11T20:57:52.980Thanks, it works :). How would I configure it to scan an even larger range of IP's though? Like all the way up to 1.x.x.x. And do you think that the python Nmap module will be faster than a regular nmap scan? – user1307079 – 2013-07-11T22:03:31.927
@user1307079 - That'll take a bit more work, but you can. Easiest answer is if you want to do all ip's from 1.0.0.0 to 1.255.255.255 is do:
baseip = "1.{0}.{0}.{0}"
and then change my loop to befor i in range(0, 256):
(note: 256 because it is[start-end)
). Yes, this is likely faster because you are threading out all the nmap work. But I am not super familiar with how nmap fully works outside of limited use cases I have used it for. – nerdwaller – 2013-07-11T23:45:32.663neat script brother nerdwaller. However for open IPs I only see error and the state only displays IP. I haven't used nmap before in python so wonder what is missing. Any clues before read the whole doc? thanks – Abhishek Dujari – 2014-02-18T11:02:04.990
@Vangel - At the time it worked for anything I had tried, and the bindings haven't changed so nothing should have changed AFAIK. What do you mean by "open IPs"? – nerdwaller – 2014-02-18T13:35:51.017
I scanned a block that included a known webserver on one IP. All IPs that did have a working web server still reported the "error" printout instead of "open" as its supposed to be in your code. – Abhishek Dujari – 2014-02-21T14:04:13.527
Try running it from an interactive console to see if you can get more helpful error text. The only time I see an "error" is when I use the domain name rather than an IP (easily resolved by using
socket
to resolve the IP). If that fails, open a new question relating to the topic (maybe link back to this answer for reference). – nerdwaller – 2014-02-21T14:17:06.083thanks nerdwaller. I will try that. btw not using hostname – Abhishek Dujari – 2014-02-21T16:31:53.813