Perl 端口扫描的脚本（SYN）

北风留影

　　可能脚本会有Bug，我只是用来工作上用一下，具体有没有BUG没测。
　　项目估计马上结束了。 这个入库的是MYSQL的。原理是先Ping，如果通的话，则加入队列，
　　通过队列再进行SYN探测。



#!/usr/bin/perl
use threads;
use DBI;
use Thread::Queue;
use Thread::Semaphore;
use Net::Ping;
use Term::ProgressBar;

# create queue
my $q=new Thread::Queue;
# read for check list
my @target=<>;
my $se_max = Thread::Semaphore->new( 100 );
my $se_ping= Thread::Semaphore->new( 1000 );
foreach (@target){
chomp($_);
if(${$se_ping} <=0){
for my $t(threads->list(threads::joinable)){
$t->join();
$se_ping->up();
}
redo;
}
$se_ping->down();
threads->create(\&alive,$_);
}
for my $t(threads->list()){
$t->join();
}
sub alive{
my $ip =shift;
$ping=Net::Ping->new();
if($ping->ping($ip)){
foreach my $port(1..65535){
$q->enqueue("$ip|$port");
}
}
}
$all_sum=$q->pending();
print $all_sum;
my $progress = Term::ProgressBar->new({name  => '扫描进度',count => $all_sum});
$progress->max_update_rate(1);
while(1){
foreach(threads->list(threads::joinable))
{
$_->join();
}
my $item = $q->pending();
if( $item == 0 )
{
my $active = threads->list(threads::running);
if($active == 0)
{
print "全部跑完\n";
last;
}
else
{
next;
}
}
$se_max->down;
threads->create(\&nex,$q->dequeue());
$progress->update()
}
foreach(threads->list()){
$_->join();
}
print "\n";
sub nex{
local($tmp)=shift;
@list=split(/\|/,$tmp);
my $scan = Net::Ping->new("syn");
$scan->port_number($list[1]);
$scan->ping($list[0]);
if($scan->ack){
db_insert($list[0],$list[1]);
}
$scan->close();
$se_max->up;
}
sub db_insert{
my $host=shift;
my $port=shift;
my $in=DBI->connect("DBI:mysql:database=port_scan;host=localhost","root","") or die "NO :$!";
my $insert=$in->do("insert into result(ip,port)values('$host',$port)");
$in->disconnect();
}