I'm writing a port scanner and I want to verify if a specific port is running the standard service expected on that port, such as SSH
and HTTP
. I know one of the methods is to send a query to that port and analyze the returned information. For example, SSH sends me the version information immediately upon connection. However, when I did connect()
to port 22 on an ip address, I only got Error number: 110. Error message: Connection timed out
. Any idea will be appreciated.
The whole code is a long story. I paste some excerpt here.
struct sockaddr_in dest_addr;
dest_addr.sin_family = AF_INET;
dest_addr.sin_port = htons(22);
dest_addr.sin_addr.s_addr = inet_addr("8.8.8.8");
int service_sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (service_sock < 0) {
printf("Error creating service socket. Error number: %d. Error message: %s\n", errno, strerror(errno));
exit(0);
}
int dest_addr_len = sizeof(dest_addr);
if (connect(service_sock, (struct sockaddr *)&dest_addr, dest_addr_len) < 0) { // stuck here
printf("Error connection. Error number: %d. Error message: %s\n", errno, strerror(errno));
exit(0);
}
To clarify this question, I need to show an example. I just figured out a method to verify HTTP
service. That is to send a string "GET / HTTP\n\n"
to destination address. Then call recv()
function to read the returned message. I can get something like this.
HTTP/1.0 400 Bad Request
Content-Type: text/html; charset=UTF-8
Content-Length: 1419
Date: Tue, 02 Dec 2014 05:56:25 GMT
Server: GFE/2.0
...
I can read the HTTP
version is 1.0
from the first line.
Here I want to check many services on the remote host including but not limited to SSH
, HTTP
. I don't think guessing is a good idea. So I need a general method to retrieve those information from dest_addr
.
OK, finally I need to answer my own question. I just got this verification work and wrote a post for it.