Written by: mxpack3t Disclosure: Copyright 2003 mxpack3t. This document is protected by international copyright laws. Unauthorized duplication in whole or in part is prohibited. In no way do I promote hacking for illegal actions. The knowledge you gain from this tutorial you are responsible for. The tutorial is for educational and security purpose only and nothing else. Before you try this tutorial, you should have a basic understanding of the c programming language. Keep in mind that I am not an expert c programmer. This is just a basic port scanner. It works very good on one ip address. This is not meant to scan a whole c class. You should have a basic understanding of socket programming. You should read Beej's Guide to Network Programming tutorial. I have learned a lot from his tutorials. This port scanner is not very fast; it just gets the job done. This tutorial is so you can get an understanding of socket programming while writing something useful in your arsenal of tools. So here it goes. /* stdio.h = standard input output netdb.h = network database errno.h = system errors like perror and herror netinet/in.h = internet address family sys/types.h = data types sys/socket.h = building socket so we do need it */ #include #include #include #include #include #include /* all c programmers should know what this is used for. use this for command line arguments */ main(int argc, char *argv[]) /* lets do some error checking for the user input. also give a usage example for the command line. */ { if(argc != 4) { printf("\nusage: mpscan target_ip start_port end_port\n"); printf("\nexample: mpscan 192.168.1.100 1 2000\n"); exit(1); } /* set the variables that will be used later int sockfd is the socket file descriptor int scan is used for the array int sport is the starting port number int pstop is the port number to stop at struct hostent *target is a pointer to the target struct hostent sockaddr_in mxpack3t will call elements of the socket address */ int sockfd; int scan = 0; int sport = atoi(argv[2]); int pstop = atoi(argv[3]); struct hostent *target; struct sockaddr_in mxpack3t; /* do some error checking for the ip address. herror will print out the error message */ if((target = gethostbyname(argv[1])) == NULL) { herror("gethostbyname"); exit(1); } /* this is your array for the ports sport is the starting port number <=pstop means less than or equal to the port to stop at scan++ means go to the next port */ for(scan = sport; scan <=pstop; scan++) { /* create a scocket and do some error checking we use SOCK_STREAM for the port scanner perror will print the error message if a socket can not be created */ if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) { perror("socket"); exit(1); } /* mxpack3t is what we will be storing information in. .sin_family is the address family .sin_port is the port numbers that are in the array scan htons means host to network short .sin_addr this is the target address */ mxpack3t.sin_family = AF_INET; mxpack3t.sin_port = htons(scan); mxpack3t.sin_addr = *((struct in_addr *)target->h_addr); /* connect and check to see if the ports are open */ if(connect(sockfd, (struct sockaddr *)&mxpack3t, sizeof(struct sockaddr)) == -1) /* if the port is closed print closed */ { printf("port %d\tclosed\n", scan); close(sockfd); } /* if the port is not closed then we use the else statement to print port is open. */ else { printf("\t\t**** port %d OPEN ****\n", scan); close(sockfd); } } /* exit the program */ return 0; } I hope this tutorial has helped you gain a better understanding of how a port scanner is written. In order to completly understand this tutorial you need a basic understanding of the c language. Also you need to read the socket programmming tutorial from Beej's guide. I would like to thank shaun2k2 for helping me out when i was learning socket programming. Your posts helped me out.