一、背景:
在平时工作中有遇到端口检测,查看服务端特定端口是否对外开放,常用nmap,tcping,telnet等,同时也可以利用站长工具等web扫描端口等。
但是在使用站长工具发现:
- 每次只能输入一个检测的地址;
- 虽然可以输入多个端口,但是不能指定一个端口范围来进行批量检测;
- 没有批量任务记录日志等;
因避免由于局域网检测发起端网络限制而导致的端口检测异常,未使用python-nmap
想通过调用站长工具,实现
- 单次可多个地址或域名检测
- 单次可指定端口范围,批量检测
- 记录日志
二、代码:
2.1 结构
2.2 代码
- info.cfg代码
-
#address = 8.8.8.8
-
address = www.moguyun.com,www.51cto.com,www.anchnet.com
-
-
#检查的端口,如多个端口使用,隔开,端口范围使用'-'
-
#ports = 80,8080....
-
ports = 20-25,80,443,1433,1521,3306,3389,6379,8080,27017
-
-
#日志配置
-
[loginfo]
-
#日志目录
-
logdir_name = logdir
-
-
#日志文件名称
-
logfile_name = check_port.log
- logger.py代码
-
#!/bin/env python
-
# -*- coding:utf-8 -*-
-
# _auth:kelly
-
-
-
import os
-
import time
-
import logging
-
import configparser
-
-
class LogHelper():
-
"""
-
初始化logger,读取目录及文件名称
-
"""
-
def __init__(self):
-
configoper = configparser.ConfigParser()
-
configoper.read(
'info.cfg',encoding=
'utf-8')
-
self.logdir_name = configoper[
'loginfo'][
'logdir_name']
-
self.logfile_name = configoper[
'loginfo'][
'logfile_name']
-
-
def create_dir(self):
-
"""
-
创建目录
-
:return: 文件名称
-
"""
-
_LOGDIR = os.path.join(os.path.dirname(__file__), self.logdir_name)
-
_TIME = time.strftime(
'%Y-%m-%d', time.gmtime()) +
'-'
-
_LOGNAME = _TIME + self.logfile_name
-
LOGFILENAME = os.path.join(_LOGDIR, _LOGNAME)
-
if
not os.path.exists(_LOGDIR):
-
os.mkdir(_LOGDIR)
-
return LOGFILENAME
-
-
def create_logger(self, logfilename):
-
"""
-
创建logger对象
-
:param logfilename:
-
:return: logger对象
-
"""
-
logger = logging.getLogger()
-
logger.setLevel(logging.INFO)
-
handler = logging.FileHandler(logfilename)
-
handler.setLevel(logging.INFO)
-
formater = logging.Formatter(
'%(asctime)s - %(name)s - %(levelname)s - %(message)s')
-
handler.setFormatter(formater)
-
logger.addHandler(handler)
-
return logger
- tcp_check_port.py 代码
-
#!/bin/env python
-
# -*- coding:utf-8 -*-
-
# _auth:kaliarch
-
-
import requests
-
from configparser
import ConfigParser
-
import re
-
-
from tcp_port_check
import logger
-
-
-
class check_ports():
-
def __init__(self,logger):
-
"""
-
初始化,获取配置文件信息
-
"""
-
self.url =
'http://tool.chinaz.com/iframe.ashx?t=port'
-
self.headers = {
-
'Accept':
'text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01',
-
'Accept-Encoding':
'gzip, deflate',
-
'Accept-Language':
'zh-CN,zh;q=0.8',
-
'Connection':
'keep-alive',
-
'Content-Length':
'62',
-
'Content-Type':
'application/x-www-form-urlencoded; charset=UTF-8',
-
'Host':
'tool.chinaz.com',
-
'Origin':
'http://tool.chinaz.com',
-
'Referer':
'http://tool.chinaz.com/port/',
-
'User-Agent':
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36',
-
'X-Requested-With':
'XMLHttpRequest'
-
}
-
config = ConfigParser()
-
config.read(
'info.cfg',encoding=
'utf-8')
-
self.address_list = config[
'port_check_info'][
'address']
-
self.port_list = config[
'port_check_info'][
'ports']
-
#初始化logger
-
logger = logger.LogHelper()
-
logname = logger.create_dir()
-
self.logoper = logger.create_logger(logname)
-
-
-
def _get_body(self):
-
"""
-
获取address和port
-
:return: list
-
"""
-
address_list = self.address_list.split(
',')
-
port_list = self.port_list.split(
',')
-
-
# 处理端口范围,返回range
-
range_flag =
False
-
port_range =
None
-
content_List_range = []
-
for port
in port_list:
-
if
'-'
in port:
-
range_flag =
True
-
port_range = range(int(port.split(
'-')[
0]),int(port.split(
'-')[
1])+
1)
-
port_list.remove(port)
-
-
# 处理总体list
-
for add
in address_list:
-
if range_flag:
-
for port
in port_range:
-
content_List_range.append(add +
':' + str(port))
-
-
# 合并range和普通list
-
content_List = [ add+
':'+port
for add
in address_list
for port
in port_list ]
-
content_List_range.extend(content_List)
-
return content_List_range
-
-
def run(self):
-
"""
-
进行端口检测
-
:return:
-
"""
-
for content
in self._get_body():
-
content_list = content.split(
':')
-
body = {
-
'host': content_list[
0],
-
'port': content_list[
1],
-
'encode':
'tlCHS1u3IgF4sC57m6KOP3Oaj1Y1kfLq'
-
}
-
try:
-
response = requests.post(url=self.url,data=body,headers=self.headers)
-
port_status = re.findall(
"msg:'(.*?)'", response.text)
-
if len(port_status) >
0:
-
print(
'%s,port status is:%s' % (content, port_status))
-
self.logoper.info(
'%s,port status is:%s' % (content, port_status))
-
else:
-
self.logoper.info(
'%s,port status is:%s' % (content, port_status))
-
print(
'Occer error!请输入正确的地址和端口')
-
except Exception
as e:
-
self.logoper.info(e)
-
-
-
if __name__ ==
'__main__':
-
check_app = check_ports(logger)
-
check_app.run()
三、测试
3.1 查看检测结果
通过日志可以看出蘑菇云和51cto的80和443端口都是放开的
3.2 查看日志
四、改进
- 后期可以添加异步多进程等来提升效率
- 可以对比多个站点检测结果,使结果更准确
- 整合nmap内网也可检测
转载:https://blog.csdn.net/qq_36441027/article/details/105628425
查看评论