'''OWASP PHP Portscanner Project'''

= OWASP PHP PortScanner Project =

Sockets
Sockets are just an abstraction of a low-level feature of the operating system. It is a software endpoint that establishes a bi-directional communication between the server and client program with a specific port on a machine where it runs so many client programs anywhere in the network with the socket associated with the same port. Network communication using sockets is similar to performing file I/O (a socket handle is treated like a file handle).

Creating sockets in PHP:

resource socket_create ( int $domain, int $type , int $protocol )

Refer to Creating sockets for a detailed description on creating a socket string.

Initiate a connection on a socket:

bool socket_connect ( resource $socket, string $address [, int $port = 0 ] )

Refer to Initiating sockets for detailed description on initializing a socket connection.

Close a socket:

void socket_close ( resource $socket )

Refer to Closing sockets for detailed description on closing socket connections. Why close a connection? Well, because to create every new socket connection to a client we need to disconnect or close the previous session.

Why sockets?
Since, sockets are used for communication over network and has the ability to connect to the IP address and the specific port, we will use this feature to our advantage in creating a port scanner. Something like connecting a IP along with the port number and testing if the script was able to establish a connection with the target IP and target port, thereby allowing us to find open ports on the target host machine.

The script is limited to TCP socket connections and IP v4 addresses.

Note: Here index.html is the file for taking user input and port.php is the server-side PHP script for processing results.

index.html
 PORT SCANNER  Port Scanner   ENTER TARGET IP: <input type="text" name="ip" style="{                                        background:BLACK;                                         color:white;                                         font-size:20px;                                         box-shadow:10px 10px 5px #888888;                                         border:8px solid #ffcc00;                                         padding:8px 5px;                                         border-style:inset;                                         }"> FROM: <input type="text" name="from" style="{                                        background:BLACK;                                         color:white;                                         font-size:20px;                                         box-shadow:10px 10px 5px #888888;                                         border:8px solid #ffcc00;                                         padding:8px 5px;                                         border-style:inset;                                         }"> ENDING PORT:  

port.php
 <!DOCTYPE html>  #field {                            margin:10px 250px; box-shadow:10px 10px 5px #888888; opacity:0.9; position:absolute; background:#FFFFCC; border:8px solid #ffcc00; padding:8px 5px; border-radius:10px 10 10 10px; border-style:outset; }       Port Scan Completed.. SCAN RESULT....                           Port Scan Details :  <?php // Main Script begins here error_reporting(~E_ALL); //ip port range and ip                       $host=$_POST['ip']; $from = $_POST['from']; //48 connections supported for now, change php.ini default_socket_timeout for more $to = $_POST['to']; //validation if (empty($_POST["ip"]) || empty($_POST['from']) || empty($_POST['to'])) {                        echo" Incomplete data, Go back! "; }                       elseif (!(filter_var($host, FILTER_VALIDATE_IP,FILTER_FLAG_IPV4))) {                         echo "This IP address is not valid ! "; }                       elseif (!(is_numeric($from)) || !(is_numeric($to))) {                           echo "Entered data is not a Port numeber"; }                       elseif ($from > $to || $from==$to) {                           echo "Please enter lower value in the FROM field !"; }                       else {                           echo "  Scanned IP/Host : $host   List of Open Ports:  "; //Creating Socket $socket = socket_create(AF_INET, SOCK_STREAM , SOL_TCP); for($port = $from; $port <= $to ; $port++) {                               //connect to the host and port $connection = socket_connect($socket, $host , $port); if($connection) {                                   //display port open warning on connect echo "port $port Open (Warning !)  ".' '; //close the socket connection socket_close($socket); //Create a new since earlier socket was closed, we need to close and recreate only when a connection is made //otherwise we can use the same socket $socket = socket_create(AF_INET, SOCK_STREAM , SOL_TCP); }                               else {                               }                            }                        }        ?>

Manual:

 * Prior to running the script, make sure that php_sockets in enabled.


 * To access this HTML file go to your favorite browser and type http://localhost/index.html.


 * For users who are accessing it over the network, they can type the IP of the server into their browser URL.

For example, http://192.168.2.1/index.html.

You’ll see the output shown below.




 * Enter the IP address and the port range and click Scan

See the output below.