## STPortScanner
GITHUB: [https://github.com/DebugST/STPortScanner](https://github.com/DebugST/STPortScanner)
## 关于作者
* Blog: [Crystal_lz](http://st233.com)
* Mail: ([email protected])
## å¯æ‰§è¡Œç¨‹åºå‚æ•°
```cs
--------------------------------[STPScan 4.0]--------------------------------
-h Host ......................................... [默认:未指定]
-h target.com,192.168.0.1,192.168.0.2-192.168.1.254,192.168.0.0/24
-hf Host from file ä»Žæ–‡ä»¶åŠ è½½'\n'分割 ............ [默认:未指定]
-hf ./iplist.txt
-p Port ......................................... [默认:Top 300]
-p 21,22,80,443,8000-8080
-pf Port from file ä»Žæ–‡ä»¶åŠ è½½'\n'分割 ............ [默认:未指定]
-pf ./portlist.txt
-np Null Probe 空探测包 .......................... [默认:未指定]
-pr The count of probes 进行多少次å议探测........ [默认:2]
-pr 3
-i ICMP only 仅扫æå˜æ´»ä¸»æœº ..................... [默认:未指定]
该æ“作需è¦ç®¡ç†å‘˜æƒé™å’Œserver系统
-is ICMP + Scan 先扫æå˜æ´»ä¸»æœºå†æ‰«æ ............. [默认:未指定]
-t Timeout 超时时间 ............................. [默认:5]
-t 3
-tt TotalTimeout 一个任务总超时时间 .............. [默认:60]
-tt 50
-r Retry é‡è¯•æ¬¡æ•° ............................... [默认:2]
-r 5
-st Tcp Scan 使用TCPæ–¹å¼æ‰«æ ..................... [默认:已指定]
-su Udp Scan 使用UDPæ–¹å¼æ‰«æ ..................... [默认:未指定]
-ss Syn Scan 使用SYNæ–¹å¼æ‰«æ ..................... [默认:未指定]
该æ“作需è¦ç®¡ç†å‘˜æƒé™å’Œserver系统
-smb Only scan 445 通过smb探测系统版本(仅扫æ445) . [默认:未指定]
-con Concurrent of Scanner 并å‘æ•° ................. [默认:6000]
-con 20000
-stop Stop 当扫æ到指定å议时 åœæ¢è¯¥ä¸»æœºæ‰«æ ....... [默认:未指定]
-stop http,https
-order The priority of scanning 优先扫æé¡ºåº ........ [默认:rnd]
-order (host or port or rnd)
-delay The delay 控制å°è¿›åº¦åˆ·æ–°æ—¶é—´ ................. [默认:2]
-delay 5
-cd Console Display 控制å°æ˜¾ç¤ºæ–¹å¼ ............... [默认:2]
-cd (0 or 1 or 2)
0 Not display
1 xxx.xxx.xxx.xxx:xxx [Protocol]
2 xxx.xxx.xxx.xxx:xxx [Protocol][RegexLine][Banner]
-o Out to file 输出结果到文件 ................... [默认:未指定]
-o ./result.txt
-f Format for output è¾“å‡ºæ–‡ä»¶æ ¼å¼................ [默认:json:h,pr,b]
-f (json or csv):(fields)
h Host [127.0.0.1:8080]
a Address [127.0.0.1]
p Port [8080]
pt Protocol Type [TCP]
pf Protocol Flag [http]
pr Protocol [(TCP)http]
l Line for regexpression [123]
b Banner [SSH-2.0-Ubuntu-Server]
d Hex data for recv [485454502F312E312032...]
-cn Convert Nmap config file 转æ¢nmapé…置文件为当å‰æ‰«æ器适é…文件
parameters [Nmap config file] [Save file for STPscan]
-cn [./nmap-service-probes] [./config_nmap.st]
-2021-03-19----------------Powered by -> Crystal_lz-----------------ST233.COM-
注:
icmp 与 syn ä¸èƒ½åŒæ—¶ä½¿ç”¨ 并ä¸æŽ¨è使用这两个选项 测试阶段
Null Probe -> 是å¦ä½¿ç”¨ç©ºæŽ¢æµ‹åŒ…
若使用
连通åŽå…ˆç‰å¾…对方返回banner(如:mysql,ftp主动返回banneråè®®ç‰) 直到超时æ‰è¿›è¡Œä¸‹ä¸€æ¬¡æŽ¢æµ‹
å¦åˆ™
连通åŽç«‹å³å‘é€æŽ¢æµ‹åŒ…
区别
ä¸ä½¿ç”¨ 将影å“收到banner是进行规制匹é…çš„é¡ºåº å°†ä¼˜å…ˆä½¿ç”¨å‘é€çš„探测包的规则匹é…
å†è¿›è¡Œç©ºæŽ¢æµ‹åŒ…的规则进行匹é…(mysql,ftpç‰åè®®æ— éœ€æŽ¢æµ‹åŒ…çš„è§„åˆ™)
ä¸ä½¿ç”¨é€Ÿåº¦å¿«ç²¾åº¦ä½Ž 使用速度慢进度高
eg:
STPScan -h 192.168.1.1/24
STPScan -h 192.168.1.1/24 -pr 3
STPScan -h 192.168.1.1/24 -smb
STPScan -h 192.168.1.1/24 -p 80,443,8000-8080 -pr 3
STPScan -h 192.168.1.1/24 -o result.json
STPScan -h 192.168.1.1/24 -o result.csv -f csv:h,pr,d
```
## 调用库接å£
```cs
[Interface]
IPortScanner : IDispose
[Configer Class]
ProbeConfiger
[Scanner Class]
PortScanner : IPortScanner
TCPScanner : PortScanner
UDPScanner : PortScanner
SYNScanner : PortScanner
SmbScanner : PortScanner
IcmpScanner : IDispose
[Other Class]
IcmpEventArgs : EventArgs
ScanEventArgs : EventArgs
RawSocket
[RawSocket]
static RawSocket.Dispose();
static RawSocket.InitRawSocket(EndPoint bindEndPoint);
static RawSocket.SendData(byte[] byBuffer);
static RawSocket.RecvCompleted -> EventHandler