[批量主机存活扫描工具scanhost]扫描主机存活[python版本，非nmap版本]

我真不知道会引起世界大战~~~

地址： http://blog.csdn.net/hujkay

作者：Jekkay Hu(34538980@qq.com)

关键词：主机扫描，主机存活，纯python版本,非nmap

时间： 2014/1/21

最近受好友所托写个python脚本，就是扫描局域网的主机存活的情况，这个在内网渗透时非常有用，因为你在跳板机上贸然安装namp等扫描工具，则很容易被发现，我抽时间写了个python脚本，使用ping工具来监测主机存活情况。我写的这个脚本时采用单线程的方式工作，所效率不是很快，下个版本我在优化成多线程的版本，同时也让支持扫描端口等功能。

#!/usr/bin/env python
#-*- coding: utf8 -*-
#
# Author: Jekkay Hu
# Date: 2014/1/21
# Email: jekkay@gmail.com
# QQ: 34538980
#

import os
import sys

# Convert IP Format:  Number['3232247553] <----> String ['192.168.47.1']
IPNumToString = lambda x: '.'.join([str(x/(256**i)%256) for i in range(3,-1,-1)])
IPStringToNum = lambda x:sum([256**j*int(i) for j,i in enumerate(x.split('.')[::-1])])
# start IP -- End IP
StartIP = 0
EndIP = 0

def welcome():
welcomeinfo = """
======================================================
=                                                    =
=                    scanhost V1.0                   =
=           Jekkay Hu,  Written in 2014/1/21         =
=           34538980@qq.com, Jekkay@gmail.com        =
= More please visit: http://blog.csdn.net/hujkay     =
=                                                    =
======================================================
"""
print welcomeinfo

def help():
helpinfo = """
======================================================
=                                                    =
=                    scanhost V1.0                   =
=           Jekkay Hu,  Written in 2014/1/21         =
=           34538980@qq.com, Jekkay@gmail.com        =
= More please visit: http://blog.csdn.net/hujkay     =
=                                                    =
=  Usage:                                            =
=    python scanhost.py 1.2.3.4                      =
=    python scanhost.py 1.2.3.4-255                  =
=    python scanhost.py 1.2.3.4 - 1.2.4.5            =
======================================================
"""
print helpinfo

def parseargs():
try:
commandargs = sys.argv[1:]
if not commandargs:
return False
commandargs = ''.join(commandargs)
commandargs = commandargs.split('-')
global StartIP
global EndIP
commandlen = len(commandargs)
if commandlen == 1:
StartIP = EndIP = int(IPStringToNum(commandargs[0]))
elif commandlen == 2:
StartIP = commandargs[0]
EndIP = commandargs[1]
if len(StartIP.split('.')) !=4 :
return False
endiplen =  len(EndIP.split('.'))
if endiplen == 1:
prefixip = StartIP.split('.')[0:3]
prefixip.append(EndIP)
EndIP = '.'.join(prefixip)
elif endiplen == 4:
pass
else:
return False
#print "startip",StartIP,",endip:",EndIP
StartIP = int(IPStringToNum(StartIP))
EndIP   = int(IPStringToNum(EndIP))
except Exception,e:
# any exception occurs
print e
return False

return True

def checkhoston(ip):
try:
cmd = ['ping',
'%s' % IPNumToString(ip),
'-c',
'1']
output = os.popen(' '.join(cmd)).readlines()
for line in list(output):
if not line:
continue
if str(line).find('ttl') >= 0 or str(line).find('TTL') >= 0:
return True

except:
pass

def processcheckhost():
global StartIP
global EndIP
alivecount = 0
StartIP = int(StartIP)
EndIP = int(EndIP)
totalip = EndIP - StartIP + 1
if totalip <= 0:
help()
exit(0)

print 'Startint scan ',IPNumToString(StartIP),' -> ',IPNumToString(EndIP), ',please wait...'
fd = open('scanhost.txt',"w")
#for i in xrange(StartIP,EndIP+1,1):
ip = StartIP

while True:
if ip > EndIP:
break
if checkhoston(ip):
fd.write(IPNumToString(ip))
alivecount = alivecount + 1
#print IPNumToString(ip)
ip = ip + 1
sys.stdout.write('#')
if (ip-StartIP) % 20 == 0:
sys.stdout.write('\r\n')
fd.close()
return alivecount

def showresult(shownum):
fd = open('scanhost.txt',"r")
for line in fd.readlines(shownum):
print line
fd.close()

def main():
if not parseargs():
help()
exit(0)
welcome()
alivecount = processcheckhost()
print "\r\n [%d] host is on,please see the scanhost.txt, top 300 will be shown below" % alivecount
showresult(300)
if alivecount > 300:
print "More ips please see scanhost.txt"

if __name__ == '__main__':
main()

胡杨, Jekkay Hu

2014/1/21