2. 程式人生 > >PS-Scan ports掃描網絡端口

PS-Scan ports掃描網絡端口

阿新 發佈:2017-05-17
powershell 端口掃描

用PS寫出端口掃描 TCP139/445 AND UDP 137/138

用法簡單:在c:\temp\target.txt寫入多臺IP地址

端口可以自己定義

以下是代碼:

<#

This script can be used to Scan port TCP139/445 AND UDP 137/138


Need to modify Ip address under C:\temp\Target.txt first


Date:2017-05-15


#>

function Test-PortUDP{

<#

.SYNOPSIS

Tests port on computer.

.DESCRIPTION

Tests port on computer.

.PARAMETER computer

Name of server to test the port connection on.

.PARAMETER port

Port to test

.PARAMETER tcp

Use tcp port

.PARAMETER udp

Use udp port

.PARAMETER UDPTimeOut

Sets a timeout for UDP port query. (In milliseconds, Default is 1000)

.PARAMETER TCPTimeOut

Sets a timeout for TCP port query. (In milliseconds, Default is 1000)

.NOTES

Name: Test-Port.ps1

Author: Boe Prox

DateCreated: 18Aug2010

List of Ports: http://www.iana.org/assignments/port-numbers

To Do:

Add capability to run background jobs for each host to shorten the time to scan.

.LINK

https://boeprox.wordpress.org

.EXAMPLE

Test-Port -computer ‘server‘ -port 80

Checks port 80 on server ‘server‘ to see if it is listening

.EXAMPLE

‘server‘ | Test-Port -port 80

Checks port 80 on server ‘server‘ to see if it is listening

.EXAMPLE

Test-Port -computer @("server1","server2") -port 80

Checks port 80 on server1 and server2 to see if it is listening

.EXAMPLE

Test-Port -comp dc1 -port 17 -udp -UDPtimeout 10000

Server : dc1

Port : 17

TypePort : UDP

Open : True

Notes : "My spelling is Wobbly. It‘s good spelling but it Wobbles, and the letters

get in the wrong places." A. A. Milne (1882-1958)

Description

-----------

Queries port 17 (qotd) on the UDP port and returns whether port is open or not

.EXAMPLE

@("server1","server2") | Test-Port -port 80

Checks port 80 on server1 and server2 to see if it is listening

.EXAMPLE

(Get-Content hosts.txt) | Test-Port -port 80

Checks port 80 on servers in host file to see if it is listening

.EXAMPLE

Test-Port -computer (Get-Content hosts.txt) -port 80

Checks port 80 on servers in host file to see if it is listening

.EXAMPLE

Test-Port -computer (Get-Content hosts.txt) -port @(1..59)

Checks a range of ports from 1-59 on all servers in the hosts.txt file

#>

[cmdletbinding(

DefaultParameterSetName = ‘‘,

ConfirmImpact = ‘low‘

)]

Param(

[Parameter(

Mandatory = $True,

Position = 0,

ParameterSetName = ‘‘,

ValueFromPipeline = $True)]

[array]$computer,

[Parameter(

Position = 1,

Mandatory = $True,

ParameterSetName = ‘‘)]

[array]$port,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[int]$TCPtimeout=1000,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[int]$UDPtimeout=1000,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[switch]$TCP,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[switch]$UDP

)

Begin {

If (!$tcp -AND !$udp) {$tcp = $True}

#Typically you never do this, but in this case I felt it was for the benefit of the function

#as any errors will be noted in the output of the report

$ErrorActionPreference = "SilentlyContinue"

$report = @()

}

Process {

ForEach ($c in $computer) {

ForEach ($p in $port) {

If ($tcp) {

#Create temporary holder

$temp = "" | Select Server, Port, TypePort, Open, Notes

#Create object for connecting to port on computer

$tcpobject = new-Object system.Net.Sockets.TcpClient

#Connect to remote machine‘s port

$connect = $tcpobject.BeginConnect($c,$p,$null,$null)

#Configure a timeout before quitting

$wait = $connect.AsyncWaitHandle.WaitOne($TCPtimeout,$false)

#If timeout

If(!$wait) {

#Close connection

$tcpobject.Close()

Write-Verbose "Connection Timeout"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "TCP"

$temp.Open = "False"

$temp.Notes = "Connection to Port Timed Out"

} Else {

$error.Clear()

$tcpobject.EndConnect($connect) | out-Null

#If error

If($error[0]){

#Begin making error more readable in report

[string]$string = ($error[0].exception).message

$message = (($string.split(":")[1]).replace(‘"‘,"")).TrimStart()

$failed = $true

}

#Close connection

$tcpobject.Close()

#If unable to query port to due failure

If($failed){

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "TCP"

$temp.Open = "False"

$temp.Notes = "$message"

} Else{

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "TCP"

$temp.Open = "True"

$temp.Notes = ""

}

}

#Reset failed value

$failed = $Null

#Merge temp array with report

$report += $temp

}

If ($udp) {

#Create temporary holder

$temp = "" | Select Server, Port, TypePort, Open, Notes

#Create object for connecting to port on computer

$udpobject = new-Object system.Net.Sockets.Udpclient

#Set a timeout on receiving message

$udpobject.client.ReceiveTimeout = $UDPTimeout

#Connect to remote machine‘s port

Write-Verbose "Making UDP connection to remote server"

$udpobject.Connect("$c",$p)

#Sends a message to the host to which you have connected.

Write-Verbose "Sending message to remote host"

$a = new-object system.text.asciiencoding

$byte = $a.GetBytes("$(Get-Date)")

[void]$udpobject.Send($byte,$byte.length)

#IPEndPoint object will allow us to read datagrams sent from any source.

Write-Verbose "Creating remote endpoint"

$remoteendpoint = New-Object system.net.ipendpoint([system.net.ipaddress]::Any,0)

Try {

#Blocks until a message returns on this socket from a remote host.

Write-Verbose "Waiting for message return"

$receivebytes = $udpobject.Receive([ref]$remoteendpoint)

[string]$returndata = $a.GetString($receivebytes)

If ($returndata) {

Write-Verbose "Connection Successful"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "True"

$temp.Notes = $returndata

$udpobject.close()

}

} Catch {

If ($Error[0].ToString() -match "\bRespond after a period of time\b") {

#Close connection

$udpobject.Close()

#Make sure that the host is online and not a false positive that it is open

If (Test-Connection -comp $c -count 1 -quiet) {

Write-Verbose "Connection Open"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "False"

$temp.Notes = ""

} Else {

<#

It is possible that the host is not online or that the host is online,

but ICMP is blocked by a firewall and this port is actually open.

#>

Write-Verbose "Host maybe unavailable"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "False"

$temp.Notes = "Unable to verify if port is open or if host is unavailable."

}

} ElseIf ($Error[0].ToString() -match "forcibly closed by the remote host" ) {

#Close connection

$udpobject.Close()

Write-Verbose "Connection Timeout"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "False"

$temp.Notes = "Connection to Port Timed Out"

} Else {

$udpobject.close()

}

}

#Merge temp array with report

$report += $temp

}

}

}

}

End {

#Generate Report

$report

}

}

function Test-PortTCP{

<#

.SYNOPSIS

Tests port on computer.

.DESCRIPTION

Tests port on computer.

.PARAMETER computer

Name of server to test the port connection on.

.PARAMETER port

Port to test

.PARAMETER tcp

Use tcp port

.PARAMETER udp

Use udp port

.PARAMETER UDPTimeOut

Sets a timeout for UDP port query. (In milliseconds, Default is 1000)

.PARAMETER TCPTimeOut

Sets a timeout for TCP port query. (In milliseconds, Default is 1000)

.NOTES

Name: Test-Port.ps1

Author: Boe Prox

DateCreated: 18Aug2010

List of Ports: http://www.iana.org/assignments/port-numbers

To Do:

Add capability to run background jobs for each host to shorten the time to scan.

.LINK

https://boeprox.wordpress.org

.EXAMPLE

Test-Port -computer ‘server‘ -port 80

Checks port 80 on server ‘server‘ to see if it is listening

.EXAMPLE

‘server‘ | Test-Port -port 80

Checks port 80 on server ‘server‘ to see if it is listening

.EXAMPLE

Test-Port -computer @("server1","server2") -port 80

Checks port 80 on server1 and server2 to see if it is listening

.EXAMPLE

Test-Port -comp dc1 -port 17 -udp -UDPtimeout 10000

Server : dc1

Port : 17

TypePort : UDP

Open : True

Notes : "My spelling is Wobbly. It‘s good spelling but it Wobbles, and the letters

get in the wrong places." A. A. Milne (1882-1958)

Description

-----------

Queries port 17 (qotd) on the UDP port and returns whether port is open or not

.EXAMPLE

@("server1","server2") | Test-Port -port 80

Checks port 80 on server1 and server2 to see if it is listening

.EXAMPLE

(Get-Content hosts.txt) | Test-Port -port 80

Checks port 80 on servers in host file to see if it is listening

.EXAMPLE

Test-Port -computer (Get-Content hosts.txt) -port 80

Checks port 80 on servers in host file to see if it is listening

.EXAMPLE

Test-Port -computer (Get-Content hosts.txt) -port @(1..59)

Checks a range of ports from 1-59 on all servers in the hosts.txt file

#>

[cmdletbinding(

DefaultParameterSetName = ‘‘,

ConfirmImpact = ‘low‘

)]

Param(

[Parameter(

Mandatory = $True,

Position = 0,

ParameterSetName = ‘‘,

ValueFromPipeline = $True)]

[array]$computer,

[Parameter(

Position = 1,

Mandatory = $True,

ParameterSetName = ‘‘)]

[array]$port,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[int]$TCPtimeout=1000,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[int]$UDPtimeout=1000,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[switch]$TCP,

[Parameter(

Mandatory = $False,

ParameterSetName = ‘‘)]

[switch]$UDP

)

Begin {

If (!$tcp -AND !$udp) {$tcp = $True}

#Typically you never do this, but in this case I felt it was for the benefit of the function

#as any errors will be noted in the output of the report

$ErrorActionPreference = "SilentlyContinue"

$report = @()

}

Process {

ForEach ($c in $computer) {

ForEach ($p in $port) {

If ($tcp) {

#Create temporary holder

$temp = "" | Select Server, Port, TypePort, Open, Notes

#Create object for connecting to port on computer

$tcpobject = new-Object system.Net.Sockets.TcpClient

#Connect to remote machine‘s port

$connect = $tcpobject.BeginConnect($c,$p,$null,$null)

#Configure a timeout before quitting

$wait = $connect.AsyncWaitHandle.WaitOne($TCPtimeout,$false)

#If timeout

If(!$wait) {

#Close connection

$tcpobject.Close()

Write-Verbose "Connection Timeout"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "TCP"

$temp.Open = "False"

$temp.Notes = "Connection to Port Timed Out"

} Else {

$error.Clear()

$tcpobject.EndConnect($connect) | out-Null

#If error

If($error[0]){

#Begin making error more readable in report

[string]$string = ($error[0].exception).message

$message = (($string.split(":")[1]).replace(‘"‘,"")).TrimStart()

$failed = $true

}

#Close connection

$tcpobject.Close()

#If unable to query port to due failure

If($failed){

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "TCP"

$temp.Open = "False"

$temp.Notes = "$message"

} Else{

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "TCP"

$temp.Open = "True"

$temp.Notes = ""

}

}

#Reset failed value

$failed = $Null

#Merge temp array with report

$report += $temp

}

If ($udp) {

#Create temporary holder

$temp = "" | Select Server, Port, TypePort, Open, Notes

#Create object for connecting to port on computer

$udpobject = new-Object system.Net.Sockets.Udpclient

#Set a timeout on receiving message

$udpobject.client.ReceiveTimeout = $UDPTimeout

#Connect to remote machine‘s port

Write-Verbose "Making UDP connection to remote server"

$udpobject.Connect("$c",$p)

#Sends a message to the host to which you have connected.

Write-Verbose "Sending message to remote host"

$a = new-object system.text.asciiencoding

$byte = $a.GetBytes("$(Get-Date)")

[void]$udpobject.Send($byte,$byte.length)

#IPEndPoint object will allow us to read datagrams sent from any source.

Write-Verbose "Creating remote endpoint"

$remoteendpoint = New-Object system.net.ipendpoint([system.net.ipaddress]::Any,0)

Try {

#Blocks until a message returns on this socket from a remote host.

Write-Verbose "Waiting for message return"

$receivebytes = $udpobject.Receive([ref]$remoteendpoint)

[string]$returndata = $a.GetString($receivebytes)

If ($returndata) {

Write-Verbose "Connection Successful"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "True"

$temp.Notes = $returndata

$udpobject.close()

}

} Catch {

If ($Error[0].ToString() -match "\bRespond after a period of time\b") {

#Close connection

$udpobject.Close()

#Make sure that the host is online and not a false positive that it is open

If (Test-Connection -comp $c -count 1 -quiet) {

Write-Verbose "Connection Open"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "True"

$temp.Notes = ""

} Else {

<#

It is possible that the host is not online or that the host is online,

but ICMP is blocked by a firewall and this port is actually open.

#>

Write-Verbose "Host maybe unavailable"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "False"

$temp.Notes = "Unable to verify if port is open or if host is unavailable."

}

} ElseIf ($Error[0].ToString() -match "forcibly closed by the remote host" ) {

#Close connection

$udpobject.Close()

Write-Verbose "Connection Timeout"

#Build report

$temp.Server = $c

$temp.Port = $p

$temp.TypePort = "UDP"

$temp.Open = "False"

$temp.Notes = "Connection to Port Timed Out"

} Else {

$udpobject.close()

}

}

#Merge temp array with report

$report += $temp

}

}

}

}

End {

#Generate Report

$report

}

}




Get-Content "C:\Temp\Target.txt" | ForEach-Object {



$tmp = Test-Connection $_ -Count 1 -Quiet



if ($tmp){


write-host $_" Target Can access"



$re1 = Test-PortTCP -computer $_ -port 139 -TCP -WarningAction Ignore -TCPtimeout 10000


$result1 = $re1.Open -eq "True"


# write-host $result1


if ($result1) {



write-host $_ "TCP 139 Port is opening"



}




$re2 = Test-PortTCP -computer $_ -port 445 -TCP -WarningAction Ignore -TCPtimeout 10000


$result2 = $re2.Open -eq "True"


# write-host $result2


if ($result2) {



write-host $_ "TCP 445 Port is opening"



}




$re3 = Test-PortUDP -computer $_ -port 138 -UDP -UDPtimeout 10000


$result3 = $re3.Open -eq "True"


# write-host $result3


if ($result3) {



write-host $_ "UDP 138 Port is opening"



}


$re4 = Test-PortUDP -computer $_ -port 137 -UDP -UDPtimeout 10000



$result4 = $re4.Open -eq "True"


# write-host $result4


if ($result4) {



write-host $_ "UDP 137 Port is opening"



}





$Total = $result1 -or $result2 -or $result3 -or $result4


if (-not $Total) {



write-host $_ "Related Ports are not opening"


}


del variable:re1 -Force


del variable:re2 -Force


del variable:re3 -Force


del variable:re4 -Force


del variable:result1 -Force


del variable:result2 -Force


del variable:result3 -Force


del variable:result4 -Force


del variable:Total -Force




}




}



本文出自 “Erick WAY” 博客,謝絕轉載!

PS-Scan ports掃描網絡端口

相關推薦

PS-Scan ports掃描

powershell 端口掃描用PS寫出端口掃描 TCP139/445 AND UDP 137/138用法簡單:在c:\temp\target.txt寫入多臺IP地址端口可以自己定義以下是代碼:<# This script can be used to Scan port TCP139/445 AND

組策略關閉

本地安全策略 col 安全措施 繼續 新規 多端口 文本 tro 運行 我們的個人信息為什麽會被盜呢?原因之一是我們的電腦有漏洞,通俗的說,門窗關閉不嚴。 默認情況下,Windows有很多端口是開放的,在你上網的時候,網絡病毒和黑客可以通過這些端口連上你的電腦。   為了讓

win下如何查看那個被那個應用程序使用

efault 命令行 tps 默認 ref cati ide roc .html 在運行裏面鍵入cmd打開命令行窗口。 在命令行窗口鍵入命令: netstat -ano 第一和第二列是自己網絡的端口和外網連接的端口,pid:(全稱Process I

Python 輸出文件內容到

bsp __name__ 輸出 [1] exit send cond lee line Python 輸出文件內容到網絡端口 $ cat mySocketTest.py import sysimport timeimport socket if __name

Exchange 2016 中客戶和郵件流的

onclick microsoft 網絡流 inb 體系結構 ces 占位符 class web Exchange 2016 其他版本 [該主題是預發布的文檔,在將來的版本中可能會有所更改。包含以占位符形式表示的空白主題。]如

地址轉換的NAPT配置

外部 測試過程 ip nat nat src add ace 有效 access 背景:只有一個IP地址,實現內網內多臺主機訪問外網 原理:NAPT使用不同的端口來映射對各內網的IP地址到一個指定的外網IP地址,多對一。    NAPT采用端口多路復用的方式。內部網絡的所有

iOS - Mac 下查看占用情況

網絡端口 服務器 技術 mark 命令 png 分享圖片 class 端口 1、Mac 下查看網絡端口占用情況 有的時候關閉了服務器,但是端口還是占用,解決的方法是 kill 掉占用該端口的進程。 # 查看 8009 端口的占用情況 $ lsof -i:8009

firewalld 安全詳細介紹

開放 網卡類型 源地址 功能 查看版本 端口安全 sys 其中 done redhat7 network port security 網絡端口安全 目錄: * 1.firewald ---firewalld 服務 * 2.configuring a fi

Linux 環境配置 進程命令

sys 服務 tis 磁盤 修改配置 nbsp 定期 hosts 狀態 網絡通信命令ping 命令路徑:/bin/ping 執行權限:所有用戶作用:測試網絡的連通性語法:ping 選項 IP地址 -c 指定發送次數 ping 命令使用的是icmp協議,不占用端口e

批量測試服務器腳本

connect 批量測試 net ali cli cti cmd tput put #PS C:\Users\admin.MYAD\Desktop> .\test.ps1 -Dir C:\Users\admin.MYAD\Desktop\test.txt -Port

Python實現局域指定掃描

Python 局域網指定端口掃描 import socket import threading # 創建接收路由列表 routers = [] # 創建互斥鎖 lock = threading.Lock() # 設置需要掃描的端口號列表 port_list = [‘3389‘, ‘2425‘,‘13

Juniper防火墻映射內外不同

juniper 不同端口映射以下操作均通過WEB用戶管理界面進行:一、添加自定義服務端口1、選擇菜單Objects > Services > Custom,進入自定義服務管理頁面。2、點擊右上角的New按鈕進入自定義服務添加頁面 。在Service Name處填寫自定義的服務名稱,在Transp

Powercli批量修改虛擬機

批量修改端口組Get-VM 0001 | Get-NetworkAdapter | Where-Object NetworkName -eq vcenterHA | Set-NetworkAdapter -confirm:$false -Portgroup (Get-VirtualPortGroup -Nam

Linux通過轉發來訪問內服務(轉發訪問阿裏雲Redis數據庫等服務)

creat 同方 eat sta -s span 不用 man conf # 安裝rinetd wget http://www.boutell.com/rinetd/http/rinetd.tar.gz&&tar -xvf rinetd.tar.gz&am

kali linux: 卡監聽及掃描

id號 XML ram requests tor 來源 監聽 報文 station 一、網卡監聽: kali不支持內置網卡,僅僅支持usb網卡。我用的虛擬機。首先在虛擬機的可移動設備裏打開usb網卡的連接,執行ifconfig命令,如下: eth0接口是本地有線網卡

linux涉及的常見設置和特殊路由問題匯總

linux 網絡 路由 在我的工作中,經常會遇到服務器和其他服務器,交換機對接,目前主要有這樣幾個場景,將相關配置和註意點總結,以便後來查看參考。一個網卡接口有多個IP地址一個網卡接口分多個VLAN多個網卡接口聚合成一個鏈路多個網卡對應多個路由表 linux中有0~255共256張路由表。其中0

K8S的CNI及靈雀雲的實踐

docker k8s 靈雀雲 kubernetesK8S的網絡接口CNI及靈雀雲的實踐K8S的網絡模型我們從底層網絡來看,分為三個層面。首先是Pod之間的多個容器的網絡互通。我們知道,K8S的Pod可以由多個容器組成,這個層面網絡互通是比較簡單的,因為所有的容器都是共享一個網卡,可以直接通信。第二個,一臺

linux配置相關命令、虛擬eth0:0

命令 ftw onf network gre .org -h ocs ngs 網絡接口(interface)是網絡硬件設備在操作系統中的表示方法,比如網卡在Linux操作系統中用ethX,是由0開始的正整數,比如eth0、eth1...... ethX。而普通貓和ADSL的

二LWIP學習筆記之管理

line nts span 基於 網絡接口 blog 內部 定義 1.5 一、引言   LWIP分為四個層次:鏈路層、網絡層、傳輸層和應用層。運行LWIP的嵌入式設備可以有多個網絡接口:以太網接口、串行鏈路接口、環回接口等。為了實現對所有網絡接口的有效管理,協議棧內部使用了

Spring Cloud Commons教程(三)忽略

ech 什麽 targe 地址 分享圖片 ans str log list 有時,忽略某些命名網絡接口是有用的,因此可以將其從服務發現註冊中排除(例如,在Docker容器中運行)。可以設置正則表達式的列表,這將導致所需的網絡接口被忽略。以下配置將忽略“docker0”接口