In attached File is the starter code
For this project you will be given a bash script that implements a basic TCP port scanner, which you will improve by adding several features. You will also submit a report documenting your code changes and describing how to use the script.
This project concerns the scanning phase of penetration testing. A network port scanner is an essential tool for any penetration tester. Finding open ports on hosts is a key first step to finding vulnerabilities.
Though there are already exist full-featured port scanning tools, the ability to script such a tool could be very valuable to a penetration tester, who may wish to scan from an environment where no such tool installed and has no privileges to install one.
More importantly, writing such a tool for yourself in bash is a good way to build your scripting ability and gain an understanding of network and network programming.
In class, we described the command-line usage of the bash port scanner script distributed with the project. You are to add the following features to the program. All the features described must work correctly, separately and in combination.
Modify your program to accept an optional command-line argument -t, followed by a space and an additional numerical argument, which sets the timeout value for the echo command in the portcheck function. The argument must come before the hostname and start and stop ports. If the argument is not given, the timeout should remain at a default value of 2. If the argument is given, in addition to changing the timeout, the script should print out an informational message “Timeout changed to <value>”.
For example, ./portscanner.sh -t 3 www.yahoo.com 40 80 should change the default timeout for each write to /dev/tcp to 3 seconds.
Note: adding this feature will also require you to change the way you scan and save the command line arguments for hostnames. The number and place of command line arguments will now vary depending on whether the user uses the ’-t’ option or not. You will have to add program logic to account for this, so that everything works correctly in either case.
Modify the script so that it also works interactively. Specifically, if no hostname is given on the command line, the program should interactively ask for a hostname, starting port, and ending port with three separate prompts, and carry out its scan using those values. After scanning finishes, the program should loop to receive another set of values, stopping only when the user enters a blank host name.
If this feature is implemented properly, it will also allow you to run the script in ’batch’ mode, by “piping in” a plain text file with the hostname on the first line, start port on the second, stop port on the third, and repeating for as many hosts as you wish to scan.
For example, if a file named hosts_to_scan.txt contains a list of hosts and ports in the proper format, the program should now work as follows:
cat hosts_to_scan.txt | ./portscanner.sh
The timeout argument should still work in this case as well:
cat hosts_to_scan.txt | ./portscanner.sh -t 3
After correctly implementing the above features, the result will be a script that can be run with either 0, 2, 3, or 5 command-line arguments. As a basic sanity check, Your program should test at the beginning that the number of arguments given is one of these. If not, the user has entered something incorrectly, and the script should output the error message
Usage: ./portscanner.sh [-t timeout] [host startport stopport],
and immediately exit.
Along with your code, you will submit a plain-text documentation file describing the purpose and function of your program, and with detailed instructions for how to run your program in both interactive and command mode, documenting each of the command-line arguments. You also need to document the format of the input file that the program accepts in batch mode.
You are to write your documentation in the form of a Unix “man” page, with appropriate sections and headers. A template will be given with a suggested format for this. You can also look at some man pages on the Kali VM for inspiration.
If your program has known bugs or limitations, these must also be documented. Clearly documenting any bugs or issues you could not solve may help your grade. However, “I waited until the last minute and ran out of time” is not an acceptable justification.
Please submit your project to the Blackboard assignment page as a zip or tar archive containing the following three files:
portscanner.sh. Below the #!/bin/bash line, the file should have a comment line or lines including your name, the course number, and the submission date.hosts_to_scan.txt to run your program in batch mode, containing three different hosts and start/stop port settings.README.txt, as described above.Please do not include any additional files or program versions in your submission.
Your submitted program will be tested for correctness on a Linux virtual machine running the same version of Kali that we installed in class. I will test for correct implementation of the above features by running your script with a variety of command-line and file inputs.
To receive full credit, your program must continue to perform port scanning properly, with the features implemented exactly as described above. Bugs will cause a loss of credit in proportion to how much they affect the running of the program.
Some sample command-lines that I will use to test your program include, but are not limited to, the following:
./portscanner.sh www.yahoo.com 40 90./portscanner.sh -t 3 www.yahoo.com 45 85
./portscanner.sh
./portscanner.sh -t 1
cat hosts_to_scan.txt | ./portscanner.sh
cat hosts_to_scan.txt | ./portscanner.sh -t 3
If you have any doubts about how the program should behave for any of these inputs, please ask.
As this project is a simple proof-of-concept script, your program is not required to check for every possible error condition or wrong input–only what is implied by the requirements above.
Your documentation will be graded on completeness, organization, and clarity of writing.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more
Recent Comments