I'm a beginner in programming and have been experimenting with a Python-based port scanner using Scapy. I've encountered an issue where my Scapy-based script fails to detect open ports on localhost or different virtual machines. However, it works as expected when scanning web pages and detects open ports. Interestingly, when I tried a similar scanner using Python's socket library, it detected the ports correctly.
The reason I'm keen on using Scapy is because I want a more low-level understanding and control over the packets I'm sending.
Here's the Scapy-based code I've written:
import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
import sys
from scapy.all import *
from scapy.layers.inet import *
if len(sys.argv) !=4:
print("usage %s target startport endport" % (sys.argv[0]))
sys.exit(0)
target = str(sys.argv[1])
startport = int(sys.argv[2])
endport = int(sys.argv[3])
print ('Scanning ' + target+' for open TCP ports\n')
if startport==endport:
endport+=1
for x in range(startport,endport):
packet = IP(dst=target)/TCP(dport=x,flags='S')
response = sr1(packet,timeout=2,verbose=0)
if response is None:
print('No response for port ' + str(x))
continue
if response.haslayer(TCP) and response.getlayer(TCP).flags==0x12:
print('port'+str(x)+' is open!')
sr(IP(dst=target)/TCP(dport=response.sport,flags='R'),timeout=0.5,verbose=0)
print('Scan is complete!\n')
Things I've tried:
- Verifying ports are open using netstat.
- Temporarily disabling my firewall.
- Testing with Python's socket library, which detected the ports accurately.
Despite these steps, I still face issues when scanning local or VM addresses using Scapy. Could someone guide me on why this might be happening with Scapy and not with sockets and how i can fix this?