A C++ Tool for Port Scanning and Service Checking

2025-02-12

This C++ code provides a straightforward vulnerability scanner that examines a given IP address for open ports and verifies common services. It can be especially beneficial for network administrators and security experts aiming to enhance the security of their systems.

Concepts

The code incorporates several essential concepts in C++ and networking:

1. Socket Programming: A socket is created to establish a connection to the target IP address and port.
2. Non-blocking I/O: By configuring the socket to non-blocking mode, the scanner can attempt connections without getting stuck waiting.
3. Select Function: This function monitors multiple file descriptors, enabling the program to wait for the socket to become writable, which indicates that the connection attempt has finished.
4. Error Handling: The code includes mechanisms to handle errors related to socket creation and invalid IP addresses.

The code is organized into a class called VulnerabilityScanner, which features methods for scanning ports and checking services. The main function acts as the entry point, initializing the scanner and starting the scanning process.

• scanPort: Scans a specific port on the designated IP address.
• scanPorts: Loops through a range of ports (1 to 1024) and invokes `scanPort` for each one.
• checkServices: Verifies the presence of common services (HTTP, FTP, SSH) on the specified IP address.

Example Code

#include <iostream>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/select.h>

class VulnerabilityScanner {
public:
VulnerabilityScanner(const std::string& ip) : ipAddress(ip) {}

bool scanPort(int port) {
int sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock == -1) {
std::cerr << "Socket creation failed\n";
return false;
}

sockaddr_in server;
server.sin_family = AF_INET;
server.sin_port = htons(port);
inet_pton(AF_INET, ipAddress.c_str(), &server.sin_addr);

fcntl(sock, F_SETFL, O_NONBLOCK);

connect(sock, (struct sockaddr*)&server, sizeof(server));

fd_set fdset;
FD_ZERO(&fdset);
FD_SET(sock, &fdset);
timeval tv;
tv.tv_sec = 1;
tv.tv_usec = 0;

if (select(sock + 1, NULL, &fdset, NULL, &tv) == 1) {
int so_error;
socklen_t len = sizeof(so_error);
getsockopt(sock, SOL_SOCKET, SO_ERROR, &so_error, &len);

if (so_error == 0) {
close(sock);
return true;
}
}

close(sock);
return false;
}

void scanPorts() {
for (int port = 1; port <= 1024; ++port) {
if (scanPort(port)) {
std::cout << "Port " << port << " is open\n";
}
}
}

void checkServices() {
if (scanPort(80)) {
std::cout << "HTTP service is running\n";
}
if (scanPort(21)) {
std::cout << "FTP service is running\n";
}
if (scanPort(22)) {
std::cout << "SSH service is running\n";
}
}

private:
std::string ipAddress;
};

int main() {
VulnerabilityScanner scanner("127.0.0.1");
scanner.scanPorts();
scanner.checkServices();
return 0;
}

What Undercode Say

Port scanning and service checking are critical components of network security. The provided C++ code leverages socket programming and non-blocking I/O to create a lightweight vulnerability scanner. This tool is particularly useful for identifying open ports and common services running on a target IP address, which can help in assessing potential security risks.

In addition to the C++ implementation, similar functionality can be achieved using Linux commands and tools. For instance, `nmap` is a powerful network scanning tool that can be used to achieve similar results:

nmap -p 1-1024 127.0.0.1

This command scans ports 1 through 1024 on the localhost. For service detection, you can use:

nmap -sV 127.0.0.1

This command not only scans for open ports but also attempts to determine the version of the services running on those ports.

Another useful tool is `netcat` (nc), which can be used to check if a specific port is open:

nc -zv 127.0.0.1 80

This command checks if port 80 (HTTP) is open on the localhost.

For more advanced network analysis, `tcpdump` can be used to capture and analyze network traffic:

sudo tcpdump -i eth0 port 80

This command captures all traffic on port 80 on the `eth0` interface.

In conclusion, understanding and utilizing these tools and techniques are essential for maintaining robust network security. Whether through custom C++ implementations or leveraging existing Linux tools, the ability to scan and analyze network vulnerabilities is a critical skill for any IT professional.

For further reading on network security and advanced scanning techniques, consider the following resources:

• Nmap Official Documentation
• Linux Networking Commands
• Socket Programming in C++

References:

Hackers Feeds, Undercode AI