python-3.xscapyport-scanning

Find webserver listening on port with Scapy port scanner

I am trying to write a port scanner in Python for Scapy to find out on which port a webserver is listening. The server does not use port 80 and port 443. The range to be scanned is from 5000 to 10000 (this is an assignment for university). I need to use Scapy for this, so no nmap and other is allowed.

The code I have written so far (it is an adaptation of this original work https://is.muni.cz/th/n9spk/dp.pdf):

target = "172.16.51.142"
ports = range(5000, 10000)
ip = IP(dst=target)
tcp = TCP(dport=ports , flags="S") # SYN flag
ans, unans = sr(ip/tcp) # send packets
for sent, rcvd in ans:
    if rcvd.haslayer(TCP): # TCP packet
        if rcvd.haslayer(TCP).flags & 2: # SYN/ACK flag
            print (sent.dport) # open ports

The first part until the for-loop works as intended:

result of portscan, response of webserver

But when the for-loop starts, I get the following error:

enter image description here

I don't know how to fix this problem.

I have used the online documentation https://scapy.readthedocs.io/en/latest/usage.html#send-and-receive-packets-sr and https://scapy.readthedocs.io/en/latest/usage.html#tcp-port-scanning but could not find a solution.

Solution

  • rcvd.haslayer(TCP).flags isn't possible as haslayer returns a Boolean. You're looking for

    rcvd.getlayer(TCP).flags