How to code a port scanner in Perl with Sockets

Tcp connect port scanner in perl

A tcp connect port scanner works on the principle of establishing a full tcp connection on a port it wants to check.

Therefore a port scanner is quite easy to code, as it just connects to all required ports one by one and whenever a connection is established, reports that port as open.

To code such a port scanner in perl, all we need to do is create a socket and make it connect to the desired port numbers one by one, and whenever a connection is established, report the port as open else closed and move on to the next port number.

Code

In this example we shall code such a simple port scanner. It asks user to input the hostname, start port and end port to scan. Then runs a loop to connect to each port in the port range.

#!/usr/bin/perl

# TCP Port scanner

use IO::Socket;

# flush the print buffer immediately
$| = 1;

# Take input from user - hostname, start port , end port
print "Enter Target/hostname : ";

# Need to chop off the newline character from the input
chop ($target = <stdin>);
print "Start Port : ";
chop ($start_port = <stdin>);
print "End Port : ";
chop ($end_port = <stdin>);

# start the scanning loop
foreach ($port = $start_port ; $port <= $end_port ; $port++) 
{
	#\r will refresh the line
	print "\rScanning port $port";
	
	#Connect to port number
	$socket = IO::Socket::INET->new(PeerAddr => $target , PeerPort => $port , Proto => 'tcp' , Timeout => 1);
	
	#Check connection
	if( $socket )
	{
		print "\r = Port $port is open.\n" ;
	}
	else
	{
		#Port is closed, nothing to print
	}
}

print "\n\nFinished Scanning $target\n";

exit (0);

Output

To run the program you need the perl interpreter installed. On linux systems perl is generally installed by default.

If you are on windows then you need to download perl and install it. I use activeperl from Activestate. It can be downloaded from the following url

Once installed, any perl script can be run from the command line by issuing the command "perl path_to_script".

Here is the output of the above program

$ perl tcp_connect.pl 
Enter Target/hostname : google.com
Start Port : 79
End Port : 81
 = Port 80 is open.
Scanning port 81

Finished Scanning google.com

In the above given code the following line connects to remote server on specific port number

$socket = IO::Socket::INET->new(PeerAddr => $target , PeerPort => $port , Proto => 'tcp' , Timeout => 1);

Perl does the task of converting the hostname ($target) to an ip address. The above is a very plain example of a port scanner.

Lots of other features can be added like checking if host is alive or not, grabbing the banner of the daemon on that port, reporting the service (http, ftp) running on that port etc.

Since perl is cross platform, this same port scanner would work on both windows and linux.
So try it out.

If you have any feedback or questions, let us know in the comments below.