Scanning Windows machine using Python from Kali Linux

There are two machines in our network. Kali Linux with IP Address : 192.168.56.101 and Windows machine with IP Address : 192.168.56.102

root@kali:~# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.56.101  netmask 255.255.255.0  broadcast 192.168.56.255
        inet6 fe80::a00:27ff:fe1f:3076  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:1f:30:76  txqueuelen 1000  (Ethernet)
        RX packets 153  bytes 24512 (23.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 87  bytes 11106 (10.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Now creating python program which will try to check open ports on Windows machine. Below is the ports list that will be checked.

22,80,443,445,23,5000

Creating file called scan.py using nano editor.

root@kali:~# nano scan.py

This programs uses socket module and socket.connect_ex() function. socket.connect_ex() function takes two argument IP address and port number. This function returns 0 or zero if ports is open otherwise returns 10061 or 10060.

Assigning Windows IP address to host variable and creating port list.

host = '192.168.56.102' 
ports = [22,80,443,445,23,5000]

Using for loop to check whether each port from ports list is open or closed.

for p in ports:
        s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
        result  = s.connect_ex((host,p))
        if result == 0:
                print('Port %s is open'%p)
        else:
                print('Port %s is closed'%p)
        s.close()

Inside for loop we have used if loop to determine whether the result is 0 or any other. If result is 0, display port is open. If not then display port is closed.

Saving and exiting the editor.

Now running the file scan.py

root@kali:~# python scan.py

Below is the output.

root@kali:~# python scan.py
Port 22 is closed
Port 80 is closed
Port 443 is closed
Port 445 is open
Port 23 is closed
Port 5000 is closed

 

 

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s