In attached File is the starter code
1 Overview
For this project you will be given a bash script that implements a basic TCP port scanner, which you will improve by adding several features. You will also submit a report documenting your code changes and describing how to use the script.
2 Motivation
This project concerns the scanning phase of penetration testing. A network port scanner is an essential tool for any penetration tester. Finding open ports on hosts is a key first step to finding vulnerabilities.
Though there are already exist full-featured port scanning tools, the ability to script such a tool could be very valuable to a penetration tester, who may wish to scan from an environment where no such tool installed and has no privileges to install one.
More importantly, writing such a tool for yourself in bash is a good way to build your scripting ability and gain an understanding of network and network programming.
3 Required code features
In class, we described the command-line usage of the bash port scanner script distributed with the project. You are to add the following features to the program. All the features described must work correctly, separately and in combination.
3.1 Command-line argument for timeout (25 points)
Modify your program to accept an optional command-line argument -t
, followed by a space and an additional numerical argument, which sets the timeout value for the echo command in the portcheck
function. The argument must come before the hostname and start and stop ports. If the argument is not given, the timeout should remain at a default value of 2. If the argument is given, in addition to changing the timeout, the script should print out an informational message Timeout changed to <value>.
For example, ./portscanner.sh -t 3 www.yahoo.com 40 80
should change the default timeout for each write to /dev/tcp to 3 seconds.
Note: adding this feature will also require you to change the way you scan and save the command line arguments for hostnames. The number and place of command line arguments will now vary depending on whether the user uses the -t option or not. You will have to add program logic to account for this, so that everything works correctly in either case.
3.2 Interactive/batch mode (25 points)
Modify the script so that it also works interactively. Specifically, if no hostname is given on the command line, the program should interactively ask for a hostname, starting port, and ending port with three separate prompts, and carry out its scan using those values. After scanning finishes, the program should loop to receive another set of values, stopping only when the user enters a blank host name.
If this feature is implemented properly, it will also allow you to run the script in batch mode, by piping in a plain text file with the hostname on the first line, start port on the second, stop port on the third, and repeating for as many hosts as you wish to scan.
For example, if a file named hosts_to_scan.txt
contains a list of hosts and ports in the proper format, the program should now work as follows:
cat hosts_to_scan.txt | ./portscanner.sh
The timeout argument should still work in this case as well:
cat hosts_to_scan.txt | ./portscanner.sh -t 3
3.3 Argument number check (15 points)
After correctly implementing the above features, the result will be a script that can be run with either 0, 2, 3, or 5 command-line arguments. As a basic sanity check, Your program should test at the beginning that the number of arguments given is one of these. If not, the user has entered something incorrectly, and the script should output the error message
Usage: ./portscanner.sh [-t timeout] [host startport stopport]
,
and immediately exit.
4 Required documentation (25 points)
Along with your code, you will submit a plain-text documentation file describing the purpose and function of your program, and with detailed instructions for how to run your program in both interactive and command mode, documenting each of the command-line arguments. You also need to document the format of the input file that the program accepts in batch mode.
You are to write your documentation in the form of a Unix man page, with appropriate sections and headers. A template will be given with a suggested format for this. You can also look at some man pages on the Kali VM for inspiration.
If your program has known bugs or limitations, these must also be documented. Clearly documenting any bugs or issues you could not solve may help your grade. However, I waited until the last minute and ran out of time is not an acceptable justification.
5 What to turn in
Please submit your project to the Blackboard assignment page as a zip or tar archive containing the following three files:
- The bash source file for your program, named
portscanner.sh
. Below the#!/bin/bash
line, the file should have a comment line or lines including your name, the course number, and the submission date. - A sample input file
hosts_to_scan.txt
to run your program in batch mode, containing three different hosts and start/stop port settings. - The documentation file
README.txt
, as described above.
Please do not include any additional files or program versions in your submission.
6 Grading
Your submitted program will be tested for correctness on a Linux virtual machine running the same version of Kali that we installed in class. I will test for correct implementation of the above features by running your script with a variety of command-line and file inputs.
To receive full credit, your program must continue to perform port scanning properly, with the features implemented exactly as described above. Bugs will cause a loss of credit in proportion to how much they affect the running of the program.
Some sample command-lines that I will use to test your program include, but are not limited to, the following:
./portscanner.sh www.yahoo.com 40 90
./portscanner.sh -t 3 www.yahoo.com 45 85
./portscanner.sh
./portscanner.sh -t 1
cat hosts_to_scan.txt | ./portscanner.sh
cat hosts_to_scan.txt | ./portscanner.sh -t 3
If you have any doubts about how the program should behave for any of these inputs, please ask.
As this project is a simple proof-of-concept script, your program is not required to check for every possible error condition or wrong inputonly what is implied by the requirements above.
Your documentation will be graded on completeness, organization, and clarity of writing.