This is a very simply scanner coded in C language, it starts a MAXIP number of child process (one for each ip), it connects to the given ips readed from file then read the first MAXCHAR characters sent from the host and exits, if the host contacted doesn't send anything but have the port open the child process dies after TIMEOUT. Scan result is written in a file or on stdout.
written by miasma
2002-07-09
Mpscan 0.04-testing-2 released,
corrected some code error, new command line options (-c ), added ip geneadded ip generation status info.
Note that mpscan has changed his name (from mp-scan to mpscan), i do this cause the "-" can create some problem, i suggest to delete the old mp-scan from your system and after install the new mpscan version.
ChangeLog:
0.04-testing-2, 2002-07-09, miasma@freepingu.it
- added -c option,
- fixed some code error,
- added ip generation status.
0.04-testing, 2002-07-07, miasma@freepingu.it
- code clenup,
- better info on connection error,
- added simply bash scripts to generate ip list file,
- added -S option look help for more info,
- added -R option look help for more info,
- some bug fix.
0.03, 2002-05-24, miasm4@freemail.it
- added T and I option( look the help for more info),
- added changelog,
- added rpm rules;
- added debian rules,
- added man page,
- Makefile created.
0.02, 2002-05-22, miasm4@freemail.it
- added many option.
0.01, 2002-05-20, miasm4@freemail.it
- initial release.
$ mpscan -e -p 25 -t 15 -r 100 -T 20 -R 192.168.1.0-10
Fast mp-scan 0.04-testing ...
Total ip: 11
11/11 91% 192.168.1.10
Generated 11 ip in 0.199 seconds
Ip range parsed... 11 ip found
Scan on 25 started...
0:192.168.1.0 -> Network is unreachable
3:192.168.1.3 -> Connection refused
2:192.168.1.2 -> Connection refused
1: 192.168.1.1 -> 220 zeus.olimpo.hm ESMTP Postfix (Debian/GNU)
6:192.168.1.6 -> No route to host
5:192.168.1.5 -> connected but no data retrived within 7 sec
4:192.168.1.4 -> No route to host
8:192.168.1.8 -> connect timeout after 15
7:192.168.1.7 -> No route to host
9:192.168.1.9 -> No route to host
10:192.168.1.10 -> No route to host
Waiting for child dead...
Scanned 10 ip in 3.14821 seconds
Scan ended... enjoy the result
The output is not in order because for each there is a single indipendent
process that try the connection, then each child can require more or less
time then the other to print out the result. All MPscan version can be downloaded from:
| mirror | location: | pakage type |
| Savannah hackers | http://savannah.gnu.org/download/mpscan/ |
debian pakage tar.gz source rpm pakage |
| SourceForge | http://prdownloads.sourceforge.net/mp-scan/ | |
| My pc(if i'm on line) | ftp://thus.ath.cx/Projects/mp-scan/mpscan | |
| friend's mirror | ftp://asus.dyndns.org/pub/projects/mpscan |
Note: to download from sourceforge follow the link with your browser then you can chose a sourceforge mirror and download the file with your preferred downloader like wget.
The rpm pakage is alienized from debian pakage, if it doesn't work fine pls tell me;
mp-scan: Suggest Ideas:
Have an idea for a new features or a change that would make mp-scan better? Tell me now! Please send me an email.
mpscan(1) mpscan(1)
NAME
mpscan - Multi Purpose scanner
SYNOPSIS
mpscan [-] [e] [d] [p port] [t timeout] [r maxchar] [T maxthread] [I maxips]
[i input_file] [R iprange] [o output_file] [S string]
DESCRIPTION
mp-scan starts maxthread number of child process (one for each ip),
it connects to the given ips readed from input_file then read the first maxchar
characters sent from the host and exits, if the host contacted doesn't send
anything but have the port open the child process dies after timeout.
Scan result is written in output_file or on stdout.
OPTIONS
-e write "connection error" to the output file;
-d enable debugging mode, simply print debug info;
-h display the help;
-p port to scan, supperted value: all integer between 0 and 2147483647;
-t set the connection timeout in second, if not set the default is 7 sec;
-c set how mutch wait data when connected, if not set the default is 7 sec;
-r set the the num of char can be retrieved, if not set the default is 100;
-T set the num of threads that the scanner must run, the deafult is 15;
-I set the num of ips that must be read from input file,
by default prog consider all ip in file;
-i input file name;
-R set the ip range to scan, for example 192.168.0-1.0-255;
-o output file name, if not set the default is stdout;
-S set the string to send to scanned host,it change \n, \r or \t
into its relative mean, use \\ to print a \, \\n to print \n;
NOTE
example: mpscan -e -p 80 -t 10 -c 5 -r 100 -T 20 -R 192.168.1.0-255
-o scanout -S "GET / HTTP/1.0\n\n"
-The program read the ips from the input file, this file should be a list of ip, one per line.
Input file example:
$cat ip_list 127.0.0.1 192.168.1.1 192.168.1.2 etc...
Fabio Borraccetti 0.04 mpscan(1)
For more help feel free to mail me.
- There are some problem scanning telnet and bind port
- The microseconds difference from begin to end of scan for example is wrong
For now I'm working on four particular features:
- Add IPv6 support;
- Add udp support;
- Modify all mpscan to make it more faster, once an ip is generated or readed it should be scanned istantly;
- Obviously correct bugs;
- Code cleanup;
http://mp-scan.sourceforge.net/ <- This home page
http://sourceforge.net/projects/mp-scan/ <- MPscan sourceforge.net homepage
http://www.freesoftware.fsf.org/mpscan <- MPscan homepage at savannah
http://savannah.gnu.org/projects/mpscan <- MPscan savannah hackers homepage
miasma@freepingu.it <- my email
Fabio borraccetti aka miasma (or miasma-);
Thanks to Asus and Morpaus for code help, features ideas, bugs and so on;
MPscan is tested and developed by me on debian sid system with 2.4.17.