top of page

Bash Script for Scanning for TCP ports to see which are open

#/!/bin/bash # Written by Hagi Lerman - april 2015 #

# Toronto

# # BASH script for scanning tcp ports to see which are open # # Note: This script takes one or two parameters # port(s): which port or ports to scan # may be one port or a range, eg 100-200 # default is 1-1023; all the secure ports # host: the host IP address or FQDN, no default # # Usage: portscan [port|range] host # Usage(){ case $# in 1) ports='1-1023' host=$1 ;; 2) ports=$1 host=$2 ;; *) echo 'Usage: portscan [port|range] host' exit 1 ;; esac } # check port range port(){ if [ "$(echo $ports | grep '^[1-9][0-9]*-[1-9][0-9]*$')" != "" ]; then firstport=$(echo $ports | cut -d- -f1) lastport=$(echo $ports | cut -d- -f2) elif [ "$(echo $ports | grep '^[1-9][0-9]*$')" != "" ]; then firstport=$ports lastport=$ports else echo "$ports is an invalid port(s) value" exit 2 fi } # check firstport > lastport checkports(){ if [ $firstport -gt $lastport ]; then echo $firstport is larger than $lastport exit 3 fi } # check host value hostvalue(){ local regex='^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$' if [ "$(echo $host | grep '[A-Za-z]')" != "" ]; then local response=$(host $host) if [[ "$response" =~ "timed out" || "$response" =~ "not found" ]]; then echo host $host not found exit 4 fi elif [[ ! $host =~ $regex ]]; then echo $host is an invalid host address

exit 5 fi } # check if host is reachable using ping hostcheck(){ if [[ "$(ping -c 1 -W 2 -n $host)" =~ "0 received" ]]; then echo $host is unreachable exit 6 fi } # start the scan scan(){ echo -n "Scanning " for p in $(seq $firstport $lastport) do echo -n . local x=$((echo >/dev/tcp/$host/$p) >/dev/null 2>&1 && echo "$p open") if [ "$x" != "" ]; then local y="${y} $x" fi done } # show results of scan results(){ echo -e "\n$y\n" exit 0 }

#if [[ -f $# = "0" || -f $# = "1" || -f $# -eq "2" ]]; then Usage $1 $2 #fi port $ports checkports $firstport $lastport hostvalue $host hostcheck $host scan $firstport $lastport results

exit 5 fi } # check if host is reachable using ping hostcheck(){ if [[ "$(ping -c 1 -W 2 -n $host)" =~ "0 received" ]]; then echo $host is unreachable exit 6 fi } # start the scan scan(){ echo -n "Scanning " for p in $(seq $firstport $lastport) do echo -n . local x=$((echo >/dev/tcp/$host/$p) >/dev/null 2>&1 && echo "$p open") if [ "$x" != "" ]; then local y="${y} $x" fi done } # show results of scan results(){ echo -e "\n$y\n" exit 0 }

#if [[ -f $# = "0" || -f $# = "1" || -f $# -eq "2" ]]; then Usage $1 $2 #fi port $ports checkports $firstport $lastport hostvalue $host hostcheck $host scan $firstport $lastport results

Tags:

Featured Posts
Recent Posts
Archive
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page