Port Scanning with Python3 for absolute dummies with only 15 lines of code

Port scanners can be used for reconnaissance. In this article, we will learn how to create a port scanner with python3. It's super easy to build a port scanner.

Disclaimer: Port scanning might not be legal in some countries, use this at your own risk and with responsibility. I am scanning my own machine(127.0.0.1) so that's ok.

Now its time to import some modules that we can use:

“sockets” module is helpful in making socket connections which we will be using for the port scanning.
We will use the sys module for taking arguments from the user.
“datetime” module will be used for time calculation.
“queue” module will be used to make queue of ports that are open.
Now let's get straight into it.

Now, at a very basic level, this can qualify as a port scanner. But this is just for one port, let's make it work for a range of ports by implementing a for-loop.
The following snippet does that by introducing “portstart” and “portend” variables.

Now our we have built a basic port scanner but it is not disposable (we can call it again and again without replicating it). Let's make it reusable by converting it into a function so that we can call it again and again.
Here is how it looks as a function:
the scanner function takes three arguments “ip”, “portstart”, “portend” and passes that to our loop.
at the end, the function is used twice to demonstrate how to call it multiple times.

The first if condition checks if there are less than or greater than 4 arguments passed, the second condition checks if the ports numbers are greater than 65535 (maximum number of ports) or lesser than 0 or if the “portend” is lesser than “portstart”.
If both conditions pass then the scanner is called with the arguments.

Now let's make our program more robust so that if someone passes a hostname rather than an IP then we can convert that to an IP.
this can be done by following simple change:
the “gethostbyname” returns an IP address if a hostname is provided and returns the IP address if an IP address is provided, so it works both ways.

Now, what if the hostname entered does not exist or the IP entered is not reachable by our network or someone interrupts the process by CTRL+C.
we should handle those exceptions and exit gracefully.
the try-excpet block will try the code(between try and first except) and if there is any error it will try to match that error to expect type. If the error matches an except type then it will exit the program according to the code in that except.
“KeyboardInterrupt” will handle the keyboard interrupt (ctrl + c)
“socket.gaierror” will handle the resolution error(if the hostname entered cannot be resolved to an IP)
“socket.error” will handle the connection error(if the host is not reachable, the firewall is blocking the connections, etc)

We are almost finished. Let’s add the ability to calculate the total time it took to scan all specified ports.

let's test our scanner with multiple input methods:
as you can see I tried to scan “dkahjksfhjkahf.com” which does not exist and the program handles that exception. then I scanned “facebook.com” and it successfully converted the hostname to an IP and then a scan with IP address is completed successfully.

Related posts:

This was a week that definitely proved that politics is a game of inches. Or politics are a game of inches — no one really knows, not even the nation’s top grammarians. But we digress. And, no, the…

The Ankara court ordered the pretrial detention of 17 current and former politicians and officials including senior pro-Kurdish opposition members from the opposition Peoples’ Democratic Party (HDP)…

These underestimated Medium features will give your story the final polish. Use them to improve your formatting and improving visibility by search engines.