Accueil > > > SCANER VOS PORT ET AFFICHE LES PORT OUVERT + LES NOMS DES TROYENS
 SCANER VOS PORT ET AFFICHE LES PORT OUVERT + LES NOMS DES TROYENS
 Information sur la source
 Description
Un scanner de port, qui se connect au port ouvert, et affiche l'echo du socket open! avec en prime les nom des port ouvert, et le troyen a proprié, bon je sais bien y a pas tous les backdoors, mais bon vous pouvez en rajouter celle ci et la 1000 emes sources, lol :p merci pour vos commentaires, libre d'utilisation, ceci et un simple outils, afin de ne pas acheté un logiciel de scaner de port, et donc c gratuit!
 Source
- <?
-
-
-
- if(!$debug) error_reporting(0);//DEBUG
- if(!$timeout) $timeout=10000; // CONFIGURATION DU TIME OUT
- $starttime=time();//STARTERE :)
- $portlimit=20;// CONFIGURATION DES LIMITE DE PORT A SCANER exemple : de 0 a 100 ici 20 par defaut
-
- /* PORTS connu vous pouvez en rajouté !*/
- $portdesc[0] = "Reserved";
- $portdesc[1] = "TCP Port Service Multiplexer";
- $portdesc[2] = "Management Utility";
- $portdesc[3] = "Compression Process";
- $portdesc[4] = "Unassigned";
- $portdesc[5] = "Remote Job Entry";
- $portdesc[6] = "Unassigned";
- $portdesc[7] = "Echo";
- $portdesc[8] = "Unassigned";
- $portdesc[9] = "Discard";
- $portdesc[10] = "Unassigned";
- $portdesc[11] = "Active Users";
- $portdesc[12] = "Unassigned";
- $portdesc[13] = "Daytime";
- $portdesc[14] = "Unassigned";
- $portdesc[15] = "Unassigned";
- $portdesc[16] = "Unassigned";
- $portdesc[17] = "Quote of the Day";
- $portdesc[18] = "Message Send Protocol";
- $portdesc[19] = "Character Generator";
- $portdesc[20] = "File Transfer [Default Data]";
- $portdesc[21] = "File Transfer [Control]";
- $portdesc[22] = "Unassigned";
- $portdesc[23] = "Telnet";
- $portdesc[24] = "any private mail system";
- $portdesc[25] = "Simple Mail Transfer";
- $portdesc[26] = "Unassigned";
- $portdesc[27] = "NSW User System FE";
- $portdesc[28] = "Unassigned";
- $portdesc[29] = "MSG ICP";
- $portdesc[30] = "Unassigned";
- $portdesc[31] = "MSG Authentication";
- $portdesc[32] = "Unassigned";
- $portdesc[33] = "Display Support Protocol";
- $portdesc[34] = "Unassigned";
- $portdesc[35] = "any private printer server";
- $portdesc[36] = "Unassigned";
- $portdesc[37] = "Time";
- $portdesc[38] = "Route Access Protocol";
- $portdesc[39] = "Resource Location Protocol";
- $portdesc[40] = "Unassigned";
- $portdesc[41] = "Graphics";
- $portdesc[42] = "Host Name Server";
- $portdesc[43] = "Who Is";
- $portdesc[44] = "Who Is";
- $portdesc[45] = "Message Processing Module [recv]";
- $portdesc[46] = "MPM [default send]";
- $portdesc[47] = "NI FTP";
- $portdesc[48] = "Digital Audit Daemon";
- $portdesc[49] = "Login Host Protocol";
- $portdesc[50] = "Remote Mail Checking Protocol";
- $portdesc[51] = "IMP Logical Address Maintenance";
- $portdesc[52] = "XNS Time Protocol";
- $portdesc[53] = "Domain Name Server";
- $portdesc[54] = "XNS Clearinghouse";
- $portdesc[55] = "ISI Graphics Language";
- $portdesc[56] = "XNS Authentication";
- $portdesc[57] = "any private terminal access";
- $portdesc[58] = "XNS Mail";
- $portdesc[59] = "any private file service";
- $portdesc[66] = "Oracle SQL*NET";
- $portdesc[67] = "Bootstrap Protocol Server";
- $portdesc[68] = "Bootstrap Protocol Client";
- $portdesc[69] = "Trivial File Transfer";
- $portdesc[70] = "Gopher";
- $portdesc[71] = "Remote Job Service";
- $portdesc[76] = "Distributed External Object Store";
- $portdesc[78] = "vettcp";
- $portdesc[79] = "Finger";
- $portdesc[80] = "World Wide Web HTTP";
- $portdesc[88] = "Kerberos";
- $portdesc[92] = "Network Printing Protocol";
- $portdesc[107] = "Remote Telnet Service";
- $portdesc[110] = "Post Office Protocol - Version 3";
- $portdesc[113] = "Authentication Service";
- $portdesc[115] = "Simple File Transfer Protocol";
- $portdesc[119] = "Network News Transfer Protocol";
- $portdesc[137] = "NETBIOS Name Service";
- $portdesc[138] = "NETBIOS Datagram Service";
- $portdesc[139] = "NETBIOS Session Service";
- /* PORTS ENREGISTRER */
- $portdesc[1024] = "Reserved";
- $portdesc[1025] = "network blackjack";
- $portdesc[1356] = "CuillaMartin Company";
- $portdesc[1361] = "LinX";
- $portdesc[1366] = "Novell NetWare Comm Service Platform";
- $portdesc[1376] = "IBM Person to Person Software";
- $portdesc[1387] = "Computer Aided Design Software Inc LM";
- $portdesc[1416] = "Novell LU6.2";
- $portdesc[1428] = "Informatik License Manager";
- $portdesc[1433] = "Microsoft-SQL-Monitor";
- $portdesc[1434] = "Microsoft-SQL-Monitor";
- $portdesc[1465] = "Pipes Platform";
- $portdesc[1477] = "ms-sna-server";
- $portdesc[1478] = "ms-sna-base";
- $portdesc[3306] = "MySQL Database";
- /* LISTE DES TROJANS PORTS AVEC NOM ET VOUS POUVEZ EN RAJOUTER */
- /* SACHER QUE SI VOTRE PORT ET OUVERT L'APPLICATION SE CONNECTE ET AFFICHE LE RESULTAT DU SOCKET */
- /* A NOTER QUE SI UN DE CES PORTS SONT OUVERTS MIEU VOS UTILISER UN FIREWELL comme zone alarm PRO */
- $troj_ary = array (
- "1" => "(UDP) - Sockets des Troie",
- "2" => "Death",
- "20" => "Senna Spy FTP server",
- "21" => "Back Construction, Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Fore, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash",
- "22" => "Shaft",
- "23" => "Fire HacKer, Tiny Telnet Server - TTS, Truva Atl",
- "25" => "Ajan, Antigen, Barok, Email Password Sender - EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, Kuang2, Magic Horse, MBT (Mail Bombing Trojan), Moscow Email trojan, Naebi, NewApt worm, ProMail trojan, Shtirlitz, Stealth, Tapiras, Terminator, WinPC, WinSpy",
- "30" => "Agent 40421",
- "31" => "Agent 31, Hackers Paradise, Masters Paradise",
- "41" => "Deep Throat, Foreplay",
- "48" => "DRAT",
- "50" => "DRAT",
- "58" => "DMSetup",
- "59" => "DMSetup",
- "79" => "CDK, Firehotcker ",
- "80" => "711 trojan (Seven Eleven), AckCmd, Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Executor, God Message, God Message Creator, Hooker, IISworm, MTX, NCX, Reverse WWW Tunnel Backdoor, RingZero, Seeker, WAN Remote, Web Server CT, WebDownloader ",
- "81" => "RemoConChubo ",
- "99" => "Hidden Port, NCX",
- "110" => "ProMail trojan",
- "113" => "Invisible Identd Deamon, Kazimas",
- "119" => "Happy99",
- "121" => "Attack Bot, God Message, JammerKillah ",
- "123" => "Net Controller",
- "133" => "Farnaz",
- "137" => "Chode",
- "137" => "(UDP) - Msinit ",
- "138" => "Chode",
- "139" => "Chode, God Message worm, Msinit, Netlog, Network, Qaz",
- "142" => "NetTaxi",
- "146" => "Infector",
- "146" => "(UDP) - Infector ",
- "170" => "A-trojan",
- "334" => "Backage",
- "411" => "Backage",
- "420" => "Breach, Incognito",
- "421" => "TCP Wrappers trojan",
- "455" => "Fatal Connections",
- "456" => "Hackers Paradise",
- "513" => "Grlogin",
- "514" => "RPC Backdoor ",
- "531" => "Net666, Rasmin",
- "555" => "711 trojan (Seven Eleven), Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy ",
- "605" => "Secret Service",
- "666" => "Attack FTP, Back Construction, BLA trojan, Cain & Abel, NokNok, Satans Back Door - SBD, ServU, Shadow Phyre, th3r1pp3rz (= Therippers)",
- "667" => "SniperNet ",
- "669" => "DP trojan ",
- "692" => "GayOL",
- "777" => "AimSpy, Undetected",
- "808" => "WinHole",
- "911" => "Dark Shadow ",
- "999" => "Deep Throat, Foreplay, WinSatan",
- "1000" => "Der Späher / Der Spaeher, Direct Connection",
- "1001" => "Der Späher / Der Spaeher, Le Guardien, Silencer, WebEx ",
- "1010" => "Doly Trojan ",
- "1011" => "Doly Trojan ",
- "1012" => "Doly Trojan ",
- "1015" => "Doly Trojan ",
- "1016" => "Doly Trojan ",
- "1020" => "Vampire",
- "1024" => "Jade, Latinus, NetSpy",
- "1025" => "Remote Storm",
- "1025" => "(UDP) - Remote Storm",
- "1035" => "Multidropper",
- "1042" => "BLA trojan ",
- "1045" => "Rasmin",
- "1049" => "/sbin/initd ",
- "1050" => "MiniCommand ",
- "1053" => "The Thief ",
- "1054" => "AckCmd",
- "1080" => "WinHole",
- "1081" => "WinHole",
- "1082" => "WinHole",
- "1083" => "WinHole",
- "1090" => "Xtreme",
- "1095" => "Remote Administration Tool - RAT",
- "1097" => "Remote Administration Tool - RAT",
- "1098" => "Remote Administration Tool - RAT",
- "1099" => "Blood Fest Evolution, Remote Administration Tool - RAT",
- "1150" => "Orion",
- "1151" => "Orion",
- "1170" => "Psyber Stream Server - PSS, Streaming Audio Server, Voice",
- "1200" => "(UDP) - NoBackO ",
- "1201" => "(UDP) - NoBackO ",
- "1207" => "SoftWAR",
- "1208" => "Infector ",
- "1212" => "Kaos",
- "1234" => "SubSeven Java client, Ultors Trojan ",
- "1243" => "BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles ",
- "1245" => "VooDoo Doll ",
- "1255" => "Scarab",
- "1256" => "Project nEXT",
- "1269" => "Matrix",
- "1272" => "The Matrix ",
- "1313" => "NETrojan ",
- "1338" => "Millenium Worm",
- "1349" => "Bo dll",
- "1394" => "GoFriller, Backdoor G-1",
- "1441" => "Remote Storm",
- "1492" => "FTP99CMP ",
- "1524" => "Trinoo",
- "1568" => "Remote Hack ",
- "1600" => "Direct Connection, Shivka-Burka",
- "1703" => "Exploiter ",
- "1777" => "Scarab",
- "1807" => "SpySender ",
- "1966" => "Fake FTP ",
- "1967" => "WM FTP Server",
- "1969" => "OpC BO",
- "1981" => "Bowl, Shockrave",
- "1999" => "Back Door, SubSeven, TransScout",
- "2000" => "Der Späher / Der Spaeher, Insane Network, Last 2000, Remote Explorer 2000, Senna Spy Trojan Generator",
- "2001" => "Der Späher / Der Spaeher, Trojan Cow",
- "2023" => "Ripper Pro ",
- "2080" => "WinHole",
- "2115" => "Bugs",
- "2130" => "(UDP) - Mini Backlash",
- "2140" => "The Invasor ",
- "2140" => "(UDP) - Deep Throat, Foreplay ",
- "2155" => "Illusion Mailer",
- "2255" => "Nirvana",
- "2283" => "Hvl RAT",
- "2300" => "Xplorer",
- "2311" => "Studio 54 ",
- "2330" => "Contact",
- "2331" => "Contact",
- "2332" => "Contact",
- "2333" => "Contact",
- "2334" => "Contact",
- "2335" => "Contact",
- "2336" => "Contact",
- "2337" => "Contact",
- "2338" => "Contact",
- "2339" => "Contact, Voice Spy",
- "2339" => "(UDP) - Voice Spy",
- "2345" => "Doly Trojan ",
- "2565" => "Striker trojan",
- "2583" => "WinCrash ",
- "2600" => "Digital RootBeer",
- "2716" => "The Prayer ",
- "2773" => "SubSeven, SubSeven 2.1 Gold",
- "2774" => "SubSeven, SubSeven 2.1 Gold",
- "2801" => "Phineas Phucker",
- "2989" => "(UDP) - Remote Administration Tool - RAT",
- "3000" => "Remote Shut ",
- "3024" => "WinCrash ",
- "3031" => "Microspy ",
- "3128" => "Reverse WWW Tunnel Backdoor, RingZero",
- "3129" => "Masters Paradise",
- "3150" => "The Invasor ",
- "3150" => "(UDP) - Deep Throat, Foreplay, Mini Backlash ",
- "3456" => "Terror trojan",
- "3459" => "Eclipse 2000, Sanctuary ",
- "3700" => "Portal of Doom",
- "3777" => "PsychWard ",
- "3791" => "Total Solar Eclypse",
- "3801" => "Total Solar Eclypse",
- "4000" => "SkyDance ",
- "4092" => "WinCrash ",
- "4242" => "Virtual Hacking Machine - VHM",
- "4321" => "BoBo",
- "4444" => "Prosiak, Swift Remote ",
- "4567" => "File Nail ",
- "4590" => "ICQ Trojan ",
- "4950" => "ICQ Trogen (Lm)",
- "5000" => "Back Door Setup, Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie",
- "5001" => "Back Door Setup, Sockets des Troie",
- "5002" => "cd00r, Shaft",
- "5010" => "Solo",
- "5011" => "One of the Last Trojans - OOTLT, One of the Last Trojans - OOTLT, modified",
- "5025" => "WM Remote KeyLogger",
- "5031" => "Net Metropolitan",
- "5032" => "Net Metropolitan",
- "5321" => "Firehotcker ",
- "5333" => "Backage, NetDemon",
- "5343" => "wCrat - WC Remote Administration Tool",
- "5400" => "Back Construction, Blade Runner ",
- "5401" => "Back Construction, Blade Runner ",
- "5402" => "Back Construction, Blade Runner ",
- "5512" => "Illusion Mailer",
- "5534" => "The Flu",
- "5550" => "Xtcp",
- "5555" => "ServeMe",
- "5556" => "BO Facil ",
- "5557" => "BO Facil ",
- "5569" => "Robo-Hack ",
- "5637" => "PC Crasher ",
- "5638" => "PC Crasher ",
- "5742" => "WinCrash ",
- "5760" => "Portmap Remote Root Linux Exploit",
- "5880" => "Y3K RAT",
- "5882" => "Y3K RAT",
- "5882" => "(UDP) - Y3K RAT ",
- "5888" => "Y3K RAT",
- "5888" => "(UDP) - Y3K RAT ",
- "5889" => "Y3K RAT",
- "6000" => "The Thing ",
- "6006" => "Bad Blood ",
- "6272" => "Secret Service",
- "6400" => "The Thing ",
- "6661" => "TEMan, Weia-Meia",
- "6666" => "Dark Connection Inside, NetBus worm ",
- "6667" => "Dark FTP, ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, Trinity, WinSatan",
- "6669" => "Host Control, Vampire ",
- "6670" => "BackWeb Server, Deep Throat, Foreplay, WinNuke eXtreame",
- "6711" => "BackDoor-G, SubSeven, VP Killer",
- "6712" => "Funny trojan, SubSeven ",
- "6713" => "SubSeven ",
- "6723" => "Mstream",
- "6771" => "Deep Throat, Foreplay",
- "6776" => "2000 Cracks, BackDoor-G, SubSeven, VP Killer",
- "6838" => "(UDP) - Mstream ",
- "6883" => "Delta Source DarkStar (??)",
- "6912" => "Shit Heep ",
- "6939" => "Indoctrination",
- "6969" => "GateCrasher, IRC 3, Net Controller, Priority",
- "6970" => "GateCrasher ",
- "7000" => "Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold",
- "7001" => "Freak88, Freak2k",
- "7215" => "SubSeven, SubSeven 2.1 Gold",
- "7300" => "NetMonitor ",
- "7301" => "NetMonitor ",
- "7306" => "NetMonitor ",
- "7307" => "NetMonitor ",
- "7308" => "NetMonitor ",
- "7424" => "Host Control",
- "7424" => "(UDP) - Host Control",
- "7597" => "Qaz",
- "7626" => "Glacier",
- "7777" => "God Message, Tini",
- "7789" => "Back Door Setup, ICKiller",
- "7891" => "The ReVeNgEr",
- "7983" => "Mstream",
- "8080" => "Brown Orifice, RemoConChubo, Reverse WWW Tunnel Backdoor, RingZero",
- "8787" => "Back Orifice 2000",
- "8988" => "BacHack",
- "8989" => "Rcon, Recon, Xcon",
- "9000" => "Netministrator",
- "9325" => "(UDP) - Mstream ",
- "9400" => "InCommand ",
- "9872" => "Portal of Doom",
- "9873" => "Portal of Doom",
- "9874" => "Portal of Doom",
- "9875" => "Portal of Doom",
- "9876" => "Cyber Attacker, Rux",
- "9878" => "TransScout ",
- "9989" => "Ini-Killer ",
- "9999" => "The Prayer ",
- "10000" => "OpwinTRojan ",
- "10005" => "OpwinTRojan ",
- "10067" => "(UDP) - Portal of Doom",
- "10085" => "Syphillis ",
- "10086" => "Syphillis ",
- "10100" => "Control Total, Gift trojan",
- "10101" => "BrainSpy, Silencer",
- "10167" => "(UDP) - Portal of Doom",
- "10520" => "Acid Shivers",
- "10528" => "Host Control",
- "10607" => "Coma",
- "10666" => "(UDP) - Ambush ",
- "11000" => "Senna Spy Trojan Generator",
- "11050" => "Host Control",
- "11051" => "Host Control",
- "11223" => "Progenic trojan, Secret Agent ",
- "12076" => "Gjamer",
- "12223" => "HackZ99 KeyLogger",
- "12345" => "Ashley, cron / crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-bill",
- "12346" => "Fat Bitch trojan, GabanBus, NetBus, X-bill",
- "12349" => "BioNet",
- "12361" => "Whack-a-mole",
- "12362" => "Whack-a-mole",
- "12363" => "Whack-a-mole",
- "12623" => "(UDP) - DUN Control",
- "12624" => "ButtMan",
- "12631" => "Whack Job ",
- "12754" => "Mstream",
- "13000" => "Senna Spy Trojan Generator, Senna Spy Trojan Generator",
- "13010" => "Hacker Brasil - HBR",
- "13013" => "PsychWard ",
- "13014" => "PsychWard ",
- "13223" => "HackZ99 KeyLogger",
- "13473" => "Chupacabra ",
- "14500" => "PC Invader ",
- "14501" => "PC Invader ",
- "14502" => "PC Invader ",
- "14503" => "PC Invader ",
- "15000" => "NetDemon ",
- "15092" => "Host Control",
- "15104" => "Mstream",
- "15382" => "SubZero",
- "15858" => "CDK",
- "16484" => "Mosucker ",
- "16660" => "Stacheldraht",
- "16772" => "ICQ Revenge ",
- "16959" => "SubSeven, Subseven 2.1.4 DefCon 8",
- "16969" => "Priority ",
- "17166" => "Mosaic",
- "17300" => "Kuang2 the virus",
- "17449" => "Kid Terror ",
- "17499" => "CrazzyNet ",
- "17500" => "CrazzyNet ",
- "17569" => "Infector ",
- "17593" => "Audiodoor ",
- "17777" => "Nephron",
- "18753" => "(UDP) - Shaft ",
- "19864" => "ICQ Revenge ",
- "20000" => "Millenium ",
- "20001" => "Millenium, Millenium (Lm) ",
- "20002" => "AcidkoR",
- "20005" => "Mosucker ",
- "20023" => "VP Killer ",
- "20034" => "NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job",
- "20203" => "Chupacabra ",
- "20331" => "BLA trojan ",
- "20432" => "Shaft",
- "20433" => "(UDP) - Shaft ",
- "21544" => "GirlFriend, Kid Terror",
- "21554" => "Exploiter, Kid Terror, Schwindler, Winsp00fer",
- "22222" => "Donald Dick, Prosiak, Ruler, RUX The TIc.K ",
- "23005" => "NetTrash ",
- "23006" => "NetTrash ",
- "23023" => "Logged",
- "23032" => "Amanda",
- "23432" => "Asylum",
- "23456" => "Evil FTP, Ugly FTP, Whack Job",
- "23476" => "Donald Dick ",
- "23476" => "(UDP) - Donald Dick",
- "23477" => "Donald Dick ",
- "23777" => "InetSpy",
- "24000" => "Infector ",
- "25685" => "Moonpie",
- "25686" => "Moonpie",
- "25982" => "Moonpie",
- "26274" => "(UDP) - Delta Source",
- "26681" => "Voice Spy ",
- "27374" => "Bad Blood, Ramen, Seeker, SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven Muie, Ttfloader",
- "27444" => "(UDP) - Trinoo ",
- "27573" => "SubSeven ",
- "27665" => "Trinoo",
- "28678" => "Exploiter ",
- "29104" => "NetTrojan ",
- "29369" => "ovasOn",
- "29891" => "The Unexplained",
- "30000" => "Infector ",
- "30001" => "ErrOr32",
- "30003" => "Lamers Death",
- "30029" => "AOL trojan ",
- "30100" => "NetSphere ",
- "30101" => "NetSphere ",
- "30102" => "NetSphere ",
- "30103" => "NetSphere ",
- "30103" => "(UDP) - NetSphere",
- "30133" => "NetSphere ",
- "30303" => "Sockets des Troie",
- "30947" => "Intruse",
- "30999" => "Kuang2",
- "31335" => "Trinoo",
- "31336" => "Bo Whack, Butt Funnel ",
- "31337" => "Back Fire, Back Orifice 1.20 patches, Back Orifice (Lm), Back Orifice russian, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, cron / crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini",
- "31337" => "(UDP) - Back Orifice, Deep BO",
- "31338" => "Back Orifice, Butt Funnel, NetSpy (DK)",
- "31338" => "(UDP) - Deep BO ",
- "31339" => "NetSpy (DK) ",
- "31666" => "BOWhack",
- "31785" => "HackZaZTack ",
- "31787" => "HackZaZTack ",
- "31788" => "HackZaZTack ",
- "31789" => "(UDP) - HackZaZTack",
- "31790" => "HackZaZTack ",
- "31791" => "(UDP) - HackZaZTack",
- "31792" => "HackZaZTack ",
- "32001" => "Donald Dick ",
- "32100" => "Peanut Brittle, Project nEXT",
- "32418" => "Acid Battery",
- "33270" => "Trinity",
- "33333" => "Blakharaz, Prosiak",
- "33577" => "Son of PsychWard",
- "33777" => "Son of PsychWard",
- "33911" => "Spirit 2000, Spirit 2001",
- "34324" => "Big Gluck, TN",
- "34444" => "Donald Dick ",
- "34555" => "(UDP) - Trinoo (for Windows)",
- "35555" => "(UDP) - Trinoo (for Windows)",
- "37237" => "Mantis",
- "37651" => "Yet Another Trojan - YAT",
- "40412" => "The Spy",
- "40421" => "Agent 40421, Masters Paradise",
- "40422" => "Masters Paradise",
- "40423" => "Masters Paradise",
- "40425" => "Masters Paradise",
- "40426" => "Masters Paradise",
- "41337" => "Storm",
- "41666" => "Remote Boot Tool - RBT, Remote Boot Tool - RBT",
- "44444" => "Prosiak",
- "44575" => "Exploiter ",
- "47262" => "(UDP) - Delta Source",
- "49301" => "OnLine KeyLogger",
- "50130" => "Enterprise ",
- "50505" => "Sockets des Troie",
- "50766" => "Fore, Schwindler",
- "51966" => "Cafeini",
- "52317" => "Acid Battery 2000",
- "53001" => "Remote Windows Shutdown - RWS",
- "54283" => "SubSeven, SubSeven 2.1 Gold",
- "54320" => "Back Orifice 2000",
- "54321" => "Back Orifice 2000, School Bus",
- "55165" => "File Manager trojan, File Manager trojan, WM Trojan Generator",
- "55166" => "WM Trojan Generator",
- "57341" => "NetRaider ",
- "58339" => "Butt Funnel ",
- "60000" => "Deep Throat, Foreplay, Sockets des Troie",
- "60001" => "Trinity",
- "60068" => "Xzip 6000068",
- "60411" => "Connection ",
- "61348" => "Bunker-Hill ",
- "61466" => "TeleCommando",
- "61603" => "Bunker-Hill ",
- "63485" => "Bunker-Hill ",
- "64101" => "Taskman",
- "65000" => "Devil, Sockets des Troie, Stacheldraht",
- "65390" => "Eclypse",
- "65421" => "Jade",
- "65432" => "The Traitor (= th3tr41t0r)",
- "65432" => "(UDP) - The Traitor (= th3tr41t0r)",
- "65534" => "/sbin/initd ",
- "65535" => "RC1 trojan"
- );
-
- function reload() {
- global $from, $to;
- echo "document.write('Patientez le Scanne cherche les [ports ouvert de $from à-> port $to]<br>');\n";
- relay();
- }
-
-
-
- function relay() {
- global $index;
- echo "document.write('$index<br>');\n";
- }
-
- function checkport($port)
- { //CONNEXION SOCKET ET AFFICHE LE RESULTAT
- global $host, $timeout, $index;
- $status = 0;
- $socket = @fsockopen($host, $port, &$errno, &$errstr, 10);
- if ($socket) {
- $service = getservbyport($port, "tcp");
- @set_socket_blocking($socket, 0);
- $count = 0;
- $portOutput = "";
- while ($count < $timeout) {
- if ($readString = @fread($socket, 1)) {
- $readString = addslashes(nl2br(htmlentities(chop($readString))));
- $portOutput .= $readString;
- }
- $count++;
- }
- @fclose($socket);
- if ($portOutput != "") {
- $tempstring=" <b>Connexion au socket voici l'echo de la reponse sur votre port ouvert:</b><font face=arial size=-2 color=#ff0000>$portOutput</font>";
- }
- else
- {
- $tempstring="(service : $service)";// AFFICHAGE DU SERVICE SI RIEN S AFFICHE C QUE VOTRE PORT ET OUVERT MAIS BLOKER PAR UN par a feu moi je prefere les par a pluie, o moin ca brule pas :)
-
- }
- }
- else
- {
- // port fermer
- }
- return $tempstring;
- }
-
-
-
- function scanner($from, $to) {
- global $starttime, $portdesc, $troj_ary, $index, $PHP_SELF, $to, $timeout, $host, $portlimit;
- for($port=$from; $port<=$to; $port++) {
- $now=time();
- $tempstring=checkport($port);
- // $index.="<br>Port : $port -->"; // debeug
- if ($tempstring!="") {
- $index.="<table width=500><tr><td><font color=red><B>Alert</font> port $port <i>ouvert</i>!</b>";
- $index.="</td></tr><tr><td><B>Reserved : $portdesc[$port] </B></td></tr><tr><td>";
- $i=0;
- if($troj_ary[$port]!="") {
- $index.="<B>et/ou Trojan : ".addslashes($troj_ary[$port])."</B>";
- }
- $index.="</td></tr><tr><td><i>$tempstring</i></td></tr></table>";
- relay();
- $index="";
- if($starttime+20>$now) {
- $index .= ".";
- // ok
- }
- else {
- $index="<!-- br> .. port $port.<br --> ";
- // timeout !!
- relay();
- exit;
- }
- }
- else {
- if($starttime+20>$now) {
- $index .= ".";
- // port SUIVANT
- }
- else {
- // timeout !!
- $index.="<!-- br>En continue <br -->');\n";
- if($port!=$to) {
- $index.="document.write(\"<script src='$PHP_SELF?host=$host&from=$port&to=$to&timeout=$timeout&reload=1'></script>\");\n";
- }
- $index.="document.write('";
- reload();
- exit;
- }
- }
- }
- return $index;
- }
-
-
-
-
-
-
-
- if($index!="") {
- reload();
- exit;
- }
-
-
-
- if(($recursive=="") && ($host=="")) {
- ?>
- <head><title>ScannerTrOy</title>
- <style type="text/css"><!--
- body { background-color: #000066; color: white; }
- strong.bad { color: red; font-weight: bold; }
- strong.good { color: green; font-weight: bold; }
- input.submit { background-color: black; color: white; }
- h1 { color: green; }
- h2 { color: green; }
- .permit { background-color: #003300; }
- pre { background-color: #003300; }
- p.note { font-size: smaller; }
- --></style>
- </head><body>
- <?
- /*
- AFFICHAGE INFORMATION DE LA MACHINE IP, HOST, DNS
- echo "Ip : ".$REMOTE_ADDR;
- echo "<br>Host :".gethostbyaddr($REMOTE_ADDR);
- echo "<br>Dns :".gethostbyname($REMOTE_ADDR);*/
- echo $header;
- ?>
- <FORM ACTION="<? echo $PHP_SELF; ?>" METHOD="get">
- <div align="center">
- <table width= 500 bgcolor=#c0c0c0 cellpadding=8 cellspacing=3>
- <tr>
- <td bgcolor=#000000 colspan=2><p align=justify>
- <p><B><span class=permit>Votre ip
- <INPUT TYPE="text" NAME="host" SIZE="30" MAXLENGTH="100" value="<? echo $REMOTE_ADDR; ?>">
- <br>
- entrer le nb de por a scaner exemple de 1 a 1024 (par default)<br>
- de:
- <INPUT value=1 TYPE="text" NAME="from" SIZE="8" MAXLENGTH="100">
- a:
- <INPUT value=1024 TYPE="text" NAME="to" SIZE="8" MAXLENGTH="100">
- <br>
- </span></td>
- </tr>
- <tr>
- <td bgcolor=#000000 colspan=2>
- <!-- input value=10000 name=timeout type=hidden -->
- <INPUT TYPE=submit VALUE="SCANNER"></td>
- </tr>
- </table>
- </div>
- </FORM>
- <div align="center">
- <table width= 500 bgcolor=#c0c0c0 cellpadding=8 cellspacing=3>
- <tr>
- <td bgcolor=#000000 colspan=2><p align=justify>
- <p><B> <pre> </pre> </td>
- </tr>
- </table>
- </div>
- <?
-
- exit;
- }
-
-
- if(($host) && (!$reload)) {
- $ary = explode("\n",$header);
- echo "<script>function stopErrors() { return true; } window.onerror = stopErrors;</script>\n";
- echo "
- <head><title>ScannerTrOY</title>
- <style type=\"text/css\"><!--
- body { background-color: #000066; color: white; }
- strong.bad { color: red; font-weight: bold; }
- strong.good { color: green; font-weight: bold; }
- input.submit { background-color: black; color: white; }
- h1 { color: green; }
- h2 { color: green; }
- .permit { background-color: #003300; }
- pre { background-color: #003300; }
- p.note { font-size: smaller; }
- --></style>
- </head><body><center>";
- /*while( list($n,$v) = each($ary) ) {
- $str=ltrim(chop(addslashes($v)));
- echo "<script>document.write('$str');</script>\n";
- }*/
- }
-
- if($to-$from>$portlimit) {
- while($from<$to) {
- $tempto=$from+$portlimit;
- if($reload=="1") {
- $index=scanner($from, $from+$portlimit);
- reload();
- }
- else echo "<script src='$PHP_SELF?host=$host&from=$from&to=$tempto&timeout=$timeout&reload=1'></script>\n";
- $from=$tempto;
- if($from>$to) $from=$to;
- }
- }
- else {
- if($reload=="1") {
- $index=scanner($from, $to);
- reload();
- }
- else echo "<script src='$PHP_SELF?host=$host&from=$from&to=$to&timeout=$timeout&reload=1'></script>\n";
- }
- ?>
<?
if(!$debug) error_reporting(0);//DEBUG
if(!$timeout) $timeout=10000; // CONFIGURATION DU TIME OUT
$starttime=time();//STARTERE :)
$portlimit=20;// CONFIGURATION DES LIMITE DE PORT A SCANER exemple : de 0 a 100 ici 20 par defaut
/* PORTS connu vous pouvez en rajouté !*/
$portdesc[0] = "Reserved";
$portdesc[1] = "TCP Port Service Multiplexer";
$portdesc[2] = "Management Utility";
$portdesc[3] = "Compression Process";
$portdesc[4] = "Unassigned";
$portdesc[5] = "Remote Job Entry";
$portdesc[6] = "Unassigned";
$portdesc[7] = "Echo";
$portdesc[8] = "Unassigned";
$portdesc[9] = "Discard";
$portdesc[10] = "Unassigned";
$portdesc[11] = "Active Users";
$portdesc[12] = "Unassigned";
$portdesc[13] = "Daytime";
$portdesc[14] = "Unassigned";
$portdesc[15] = "Unassigned";
$portdesc[16] = "Unassigned";
$portdesc[17] = "Quote of the Day";
$portdesc[18] = "Message Send Protocol";
$portdesc[19] = "Character Generator";
$portdesc[20] = "File Transfer [Default Data]";
$portdesc[21] = "File Transfer [Control]";
$portdesc[22] = "Unassigned";
$portdesc[23] = "Telnet";
$portdesc[24] = "any private mail system";
$portdesc[25] = "Simple Mail Transfer";
$portdesc[26] = "Unassigned";
$portdesc[27] = "NSW User System FE";
$portdesc[28] = "Unassigned";
$portdesc[29] = "MSG ICP";
$portdesc[30] = "Unassigned";
$portdesc[31] = "MSG Authentication";
$portdesc[32] = "Unassigned";
$portdesc[33] = "Display Support Protocol";
$portdesc[34] = "Unassigned";
$portdesc[35] = "any private printer server";
$portdesc[36] = "Unassigned";
$portdesc[37] = "Time";
$portdesc[38] = "Route Access Protocol";
$portdesc[39] = "Resource Location Protocol";
$portdesc[40] = "Unassigned";
$portdesc[41] = "Graphics";
$portdesc[42] = "Host Name Server";
$portdesc[43] = "Who Is";
$portdesc[44] = "Who Is";
$portdesc[45] = "Message Processing Module [recv]";
$portdesc[46] = "MPM [default send]";
$portdesc[47] = "NI FTP";
$portdesc[48] = "Digital Audit Daemon";
$portdesc[49] = "Login Host Protocol";
$portdesc[50] = "Remote Mail Checking Protocol";
$portdesc[51] = "IMP Logical Address Maintenance";
$portdesc[52] = "XNS Time Protocol";
$portdesc[53] = "Domain Name Server";
$portdesc[54] = "XNS Clearinghouse";
$portdesc[55] = "ISI Graphics Language";
$portdesc[56] = "XNS Authentication";
$portdesc[57] = "any private terminal access";
$portdesc[58] = "XNS Mail";
$portdesc[59] = "any private file service";
$portdesc[66] = "Oracle SQL*NET";
$portdesc[67] = "Bootstrap Protocol Server";
$portdesc[68] = "Bootstrap Protocol Client";
$portdesc[69] = "Trivial File Transfer";
$portdesc[70] = "Gopher";
$portdesc[71] = "Remote Job Service";
$portdesc[76] = "Distributed External Object Store";
$portdesc[78] = "vettcp";
$portdesc[79] = "Finger";
$portdesc[80] = "World Wide Web HTTP";
$portdesc[88] = "Kerberos";
$portdesc[92] = "Network Printing Protocol";
$portdesc[107] = "Remote Telnet Service";
$portdesc[110] = "Post Office Protocol - Version 3";
$portdesc[113] = "Authentication Service";
$portdesc[115] = "Simple File Transfer Protocol";
$portdesc[119] = "Network News Transfer Protocol";
$portdesc[137] = "NETBIOS Name Service";
$portdesc[138] = "NETBIOS Datagram Service";
$portdesc[139] = "NETBIOS Session Service";
/* PORTS ENREGISTRER */
$portdesc[1024] = "Reserved";
$portdesc[1025] = "network blackjack";
$portdesc[1356] = "CuillaMartin Company";
$portdesc[1361] = "LinX";
$portdesc[1366] = "Novell NetWare Comm Service Platform";
$portdesc[1376] = "IBM Person to Person Software";
$portdesc[1387] = "Computer Aided Design Software Inc LM";
$portdesc[1416] = "Novell LU6.2";
$portdesc[1428] = "Informatik License Manager";
$portdesc[1433] = "Microsoft-SQL-Monitor";
$portdesc[1434] = "Microsoft-SQL-Monitor";
$portdesc[1465] = "Pipes Platform";
$portdesc[1477] = "ms-sna-server";
$portdesc[1478] = "ms-sna-base";
$portdesc[3306] = "MySQL Database";
/* LISTE DES TROJANS PORTS AVEC NOM ET VOUS POUVEZ EN RAJOUTER */
/* SACHER QUE SI VOTRE PORT ET OUVERT L'APPLICATION SE CONNECTE ET AFFICHE LE RESULTAT DU SOCKET */
/* A NOTER QUE SI UN DE CES PORTS SONT OUVERTS MIEU VOS UTILISER UN FIREWELL comme zone alarm PRO */
$troj_ary = array (
"1" => "(UDP) - Sockets des Troie",
"2" => "Death",
"20" => "Senna Spy FTP server",
"21" => "Back Construction, Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Fore, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash",
"22" => "Shaft",
"23" => "Fire HacKer, Tiny Telnet Server - TTS, Truva Atl",
"25" => "Ajan, Antigen, Barok, Email Password Sender - EPS, EPS II, Gip, Gris, Happy99, Hpteam mail, Hybris, I love you, Kuang2, Magic Horse, MBT (Mail Bombing Trojan), Moscow Email trojan, Naebi, NewApt worm, ProMail trojan, Shtirlitz, Stealth, Tapiras, Terminator, WinPC, WinSpy",
"30" => "Agent 40421",
"31" => "Agent 31, Hackers Paradise, Masters Paradise",
"41" => "Deep Throat, Foreplay",
"48" => "DRAT",
"50" => "DRAT",
"58" => "DMSetup",
"59" => "DMSetup",
"79" => "CDK, Firehotcker ",
"80" => "711 trojan (Seven Eleven), AckCmd, Back End, Back Orifice 2000 Plug-Ins, Cafeini, CGI Backdoor, Executor, God Message, God Message Creator, Hooker, IISworm, MTX, NCX, Reverse WWW Tunnel Backdoor, RingZero, Seeker, WAN Remote, Web Server CT, WebDownloader ",
"81" => "RemoConChubo ",
"99" => "Hidden Port, NCX",
"110" => "ProMail trojan",
"113" => "Invisible Identd Deamon, Kazimas",
"119" => "Happy99",
"121" => "Attack Bot, God Message, JammerKillah ",
"123" => "Net Controller",
"133" => "Farnaz",
"137" => "Chode",
"137" => "(UDP) - Msinit ",
"138" => "Chode",
"139" => "Chode, God Message worm, Msinit, Netlog, Network, Qaz",
"142" => "NetTaxi",
"146" => "Infector",
"146" => "(UDP) - Infector ",
"170" => "A-trojan",
"334" => "Backage",
"411" => "Backage",
"420" => "Breach, Incognito",
"421" => "TCP Wrappers trojan",
"455" => "Fatal Connections",
"456" => "Hackers Paradise",
"513" => "Grlogin",
"514" => "RPC Backdoor ",
"531" => "Net666, Rasmin",
"555" => "711 trojan (Seven Eleven), Ini-Killer, Net Administrator, Phase Zero, Phase-0, Stealth Spy ",
"605" => "Secret Service",
"666" => "Attack FTP, Back Construction, BLA trojan, Cain & Abel, NokNok, Satans Back Door - SBD, ServU, Shadow Phyre, th3r1pp3rz (= Therippers)",
"667" => "SniperNet ",
"669" => "DP trojan ",
"692" => "GayOL",
"777" => "AimSpy, Undetected",
"808" => "WinHole",
"911" => "Dark Shadow ",
"999" => "Deep Throat, Foreplay, WinSatan",
"1000" => "Der Späher / Der Spaeher, Direct Connection",
"1001" => "Der Späher / Der Spaeher, Le Guardien, Silencer, WebEx ",
"1010" => "Doly Trojan ",
"1011" => "Doly Trojan ",
"1012" => "Doly Trojan ",
"1015" => "Doly Trojan ",
"1016" => "Doly Trojan ",
"1020" => "Vampire",
"1024" => "Jade, Latinus, NetSpy",
"1025" => "Remote Storm",
"1025" => "(UDP) - Remote Storm",
"1035" => "Multidropper",
"1042" => "BLA trojan ",
"1045" => "Rasmin",
"1049" => "/sbin/initd ",
"1050" => "MiniCommand ",
"1053" => "The Thief ",
"1054" => "AckCmd",
"1080" => "WinHole",
"1081" => "WinHole",
"1082" => "WinHole",
"1083" => "WinHole",
"1090" => "Xtreme",
"1095" => "Remote Administration Tool - RAT",
"1097" => "Remote Administration Tool - RAT",
"1098" => "Remote Administration Tool - RAT",
"1099" => "Blood Fest Evolution, Remote Administration Tool - RAT",
"1150" => "Orion",
"1151" => "Orion",
"1170" => "Psyber Stream Server - PSS, Streaming Audio Server, Voice",
"1200" => "(UDP) - NoBackO ",
"1201" => "(UDP) - NoBackO ",
"1207" => "SoftWAR",
"1208" => "Infector ",
"1212" => "Kaos",
"1234" => "SubSeven Java client, Ultors Trojan ",
"1243" => "BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles ",
"1245" => "VooDoo Doll ",
"1255" => "Scarab",
"1256" => "Project nEXT",
"1269" => "Matrix",
"1272" => "The Matrix ",
"1313" => "NETrojan ",
"1338" => "Millenium Worm",
"1349" => "Bo dll",
"1394" => "GoFriller, Backdoor G-1",
"1441" => "Remote Storm",
"1492" => "FTP99CMP ",
"1524" => "Trinoo",
"1568" => "Remote Hack ",
"1600" => "Direct Connection, Shivka-Burka",
"1703" => "Exploiter ",
"1777" => "Scarab",
"1807" => "SpySender ",
"1966" => "Fake FTP ",
"1967" => "WM FTP Server",
"1969" => "OpC BO",
"1981" => "Bowl, Shockrave",
"1999" => "Back Door, SubSeven, TransScout",
"2000" => "Der Späher / Der Spaeher, Insane Network, Last 2000, Remote Explorer 2000, Senna Spy Trojan Generator",
"2001" => "Der Späher / Der Spaeher, Trojan Cow",
"2023" => "Ripper Pro ",
"2080" => "WinHole",
"2115" => "Bugs",
"2130" => "(UDP) - Mini Backlash",
"2140" => "The Invasor ",
"2140" => "(UDP) - Deep Throat, Foreplay ",
"2155" => "Illusion Mailer",
"2255" => "Nirvana",
"2283" => "Hvl RAT",
"2300" => "Xplorer",
"2311" => "Studio 54 ",
"2330" => "Contact",
"2331" => "Contact",
"2332" => "Contact",
"2333" => "Contact",
"2334" => "Contact",
"2335" => "Contact",
"2336" => "Contact",
"2337" => "Contact",
"2338" => "Contact",
"2339" => "Contact, Voice Spy",
"2339" => "(UDP) - Voice Spy",
"2345" => "Doly Trojan ",
"2565" => "Striker trojan",
"2583" => "WinCrash ",
"2600" => "Digital RootBeer",
"2716" => "The Prayer ",
"2773" => "SubSeven, SubSeven 2.1 Gold",
"2774" => "SubSeven, SubSeven 2.1 Gold",
"2801" => "Phineas Phucker",
"2989" => "(UDP) - Remote Administration Tool - RAT",
"3000" => "Remote Shut ",
"3024" => "WinCrash ",
"3031" => "Microspy ",
"3128" => "Reverse WWW Tunnel Backdoor, RingZero",
"3129" => "Masters Paradise",
"3150" => "The Invasor ",
"3150" => "(UDP) - Deep Throat, Foreplay, Mini Backlash ",
"3456" => "Terror trojan",
"3459" => "Eclipse 2000, Sanctuary ",
"3700" => "Portal of Doom",
"3777" => "PsychWard ",
"3791" => "Total Solar Eclypse",
"3801" => "Total Solar Eclypse",
"4000" => "SkyDance ",
"4092" => "WinCrash ",
"4242" => "Virtual Hacking Machine - VHM",
"4321" => "BoBo",
"4444" => "Prosiak, Swift Remote ",
"4567" => "File Nail ",
"4590" => "ICQ Trojan ",
"4950" => "ICQ Trogen (Lm)",
"5000" => "Back Door Setup, Blazer5, Bubbel, ICKiller, Ra1d, Sockets des Troie",
"5001" => "Back Door Setup, Sockets des Troie",
"5002" => "cd00r, Shaft",
"5010" => "Solo",
"5011" => "One of the Last Trojans - OOTLT, One of the Last Trojans - OOTLT, modified",
"5025" => "WM Remote KeyLogger",
"5031" => "Net Metropolitan",
"5032" => "Net Metropolitan",
"5321" => "Firehotcker ",
"5333" => "Backage, NetDemon",
"5343" => "wCrat - WC Remote Administration Tool",
"5400" => "Back Construction, Blade Runner ",
"5401" => "Back Construction, Blade Runner ",
"5402" => "Back Construction, Blade Runner ",
"5512" => "Illusion Mailer",
"5534" => "The Flu",
"5550" => "Xtcp",
"5555" => "ServeMe",
"5556" => "BO Facil ",
"5557" => "BO Facil ",
"5569" => "Robo-Hack ",
"5637" => "PC Crasher ",
"5638" => "PC Crasher ",
"5742" => "WinCrash ",
"5760" => "Portmap Remote Root Linux Exploit",
"5880" => "Y3K RAT",
"5882" => "Y3K RAT",
"5882" => "(UDP) - Y3K RAT ",
"5888" => "Y3K RAT",
"5888" => "(UDP) - Y3K RAT ",
"5889" => "Y3K RAT",
"6000" => "The Thing ",
"6006" => "Bad Blood ",
"6272" => "Secret Service",
"6400" => "The Thing ",
"6661" => "TEMan, Weia-Meia",
"6666" => "Dark Connection Inside, NetBus worm ",
"6667" => "Dark FTP, ScheduleAgent, SubSeven, Subseven 2.1.4 DefCon 8, Trinity, WinSatan",
"6669" => "Host Control, Vampire ",
"6670" => "BackWeb Server, Deep Throat, Foreplay, WinNuke eXtreame",
"6711" => "BackDoor-G, SubSeven, VP Killer",
"6712" => "Funny trojan, SubSeven ",
"6713" => "SubSeven ",
"6723" => "Mstream",
"6771" => "Deep Throat, Foreplay",
"6776" => "2000 Cracks, BackDoor-G, SubSeven, VP Killer",
"6838" => "(UDP) - Mstream ",
"6883" => "Delta Source DarkStar (??)",
"6912" => "Shit Heep ",
"6939" => "Indoctrination",
"6969" => "GateCrasher, IRC 3, Net Controller, Priority",
"6970" => "GateCrasher ",
"7000" => "Exploit Translation Server, Kazimas, Remote Grab, SubSeven, SubSeven 2.1 Gold",
"7001" => "Freak88, Freak2k",
"7215" => "SubSeven, SubSeven 2.1 Gold",
"7300" => "NetMonitor ",
"7301" => "NetMonitor ",
"7306" => "NetMonitor ",
"7307" => "NetMonitor ",
"7308" => "NetMonitor ",
"7424" => "Host Control",
"7424" => "(UDP) - Host Control",
"7597" => "Qaz",
"7626" => "Glacier",
"7777" => "God Message, Tini",
"7789" => "Back Door Setup, ICKiller",
"7891" => "The ReVeNgEr",
"7983" => "Mstream",
"8080" => "Brown Orifice, RemoConChubo, Reverse WWW Tunnel Backdoor, RingZero",
"8787" => "Back Orifice 2000",
"8988" => "BacHack",
"8989" => "Rcon, Recon, Xcon",
"9000" => "Netministrator",
"9325" => "(UDP) - Mstream ",
"9400" => "InCommand ",
"9872" => "Portal of Doom",
"9873" => "Portal of Doom",
"9874" => "Portal of Doom",
"9875" => "Portal of Doom",
"9876" => "Cyber Attacker, Rux",
"9878" => "TransScout ",
"9989" => "Ini-Killer ",
"9999" => "The Prayer ",
"10000" => "OpwinTRojan ",
"10005" => "OpwinTRojan ",
"10067" => "(UDP) - Portal of Doom",
"10085" => "Syphillis ",
"10086" => "Syphillis ",
"10100" => "Control Total, Gift trojan",
"10101" => "BrainSpy, Silencer",
"10167" => "(UDP) - Portal of Doom",
"10520" => "Acid Shivers",
"10528" => "Host Control",
"10607" => "Coma",
"10666" => "(UDP) - Ambush ",
"11000" => "Senna Spy Trojan Generator",
"11050" => "Host Control",
"11051" => "Host Control",
"11223" => "Progenic trojan, Secret Agent ",
"12076" => "Gjamer",
"12223" => "HackZ99 KeyLogger",
"12345" => "Ashley, cron / crontab, Fat Bitch trojan, GabanBus, icmp_client.c, icmp_pipe.c, Mypic, NetBus, NetBus Toy, NetBus worm, Pie Bill Gates, Whack Job, X-bill",
"12346" => "Fat Bitch trojan, GabanBus, NetBus, X-bill",
"12349" => "BioNet",
"12361" => "Whack-a-mole",
"12362" => "Whack-a-mole",
"12363" => "Whack-a-mole",
"12623" => "(UDP) - DUN Control",
"12624" => "ButtMan",
"12631" => "Whack Job ",
"12754" => "Mstream",
"13000" => "Senna Spy Trojan Generator, Senna Spy Trojan Generator",
"13010" => "Hacker Brasil - HBR",
"13013" => "PsychWard ",
"13014" => "PsychWard ",
"13223" => "HackZ99 KeyLogger",
"13473" => "Chupacabra ",
"14500" => "PC Invader ",
"14501" => "PC Invader ",
"14502" => "PC Invader ",
"14503" => "PC Invader ",
"15000" => "NetDemon ",
"15092" => "Host Control",
"15104" => "Mstream",
"15382" => "SubZero",
"15858" => "CDK",
"16484" => "Mosucker ",
"16660" => "Stacheldraht",
"16772" => "ICQ Revenge ",
"16959" => "SubSeven, Subseven 2.1.4 DefCon 8",
"16969" => "Priority ",
"17166" => "Mosaic",
"17300" => "Kuang2 the virus",
"17449" => "Kid Terror ",
"17499" => "CrazzyNet ",
"17500" => "CrazzyNet ",
"17569" => "Infector ",
"17593" => "Audiodoor ",
"17777" => "Nephron",
"18753" => "(UDP) - Shaft ",
"19864" => "ICQ Revenge ",
"20000" => "Millenium ",
"20001" => "Millenium, Millenium (Lm) ",
"20002" => "AcidkoR",
"20005" => "Mosucker ",
"20023" => "VP Killer ",
"20034" => "NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, NetRex, Whack Job",
"20203" => "Chupacabra ",
"20331" => "BLA trojan ",
"20432" => "Shaft",
"20433" => "(UDP) - Shaft ",
"21544" => "GirlFriend, Kid Terror",
"21554" => "Exploiter, Kid Terror, Schwindler, Winsp00fer",
"22222" => "Donald Dick, Prosiak, Ruler, RUX The TIc.K ",
"23005" => "NetTrash ",
"23006" => "NetTrash ",
"23023" => "Logged",
"23032" => "Amanda",
"23432" => "Asylum",
"23456" => "Evil FTP, Ugly FTP, Whack Job",
"23476" => "Donald Dick ",
"23476" => "(UDP) - Donald Dick",
"23477" => "Donald Dick ",
"23777" => "InetSpy",
"24000" => "Infector ",
"25685" => "Moonpie",
"25686" => "Moonpie",
"25982" => "Moonpie",
"26274" => "(UDP) - Delta Source",
"26681" => "Voice Spy ",
"27374" => "Bad Blood, Ramen, Seeker, SubSeven, SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8, SubSeven Muie, Ttfloader",
"27444" => "(UDP) - Trinoo ",
"27573" => "SubSeven ",
"27665" => "Trinoo",
"28678" => "Exploiter ",
"29104" => "NetTrojan ",
"29369" => "ovasOn",
"29891" => "The Unexplained",
"30000" => "Infector ",
"30001" => "ErrOr32",
"30003" => "Lamers Death",
"30029" => "AOL trojan ",
"30100" => "NetSphere ",
"30101" => "NetSphere ",
"30102" => "NetSphere ",
"30103" => "NetSphere ",
"30103" => "(UDP) - NetSphere",
"30133" => "NetSphere ",
"30303" => "Sockets des Troie",
"30947" => "Intruse",
"30999" => "Kuang2",
"31335" => "Trinoo",
"31336" => "Bo Whack, Butt Funnel ",
"31337" => "Back Fire, Back Orifice 1.20 patches, Back Orifice (Lm), Back Orifice russian, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, cron / crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini",
"31337" => "(UDP) - Back Orifice, Deep BO",
"31338" => "Back Orifice, Butt Funnel, NetSpy (DK)",
"31338" => "(UDP) - Deep BO ",
"31339" => "NetSpy (DK) ",
"31666" => "BOWhack",
"31785" => "HackZaZTack ",
"31787" => "HackZaZTack ",
"31788" => "HackZaZTack ",
"31789" => "(UDP) - HackZaZTack",
"31790" => "HackZaZTack ",
"31791" => "(UDP) - HackZaZTack",
"31792" => "HackZaZTack ",
"32001" => "Donald Dick ",
"32100" => "Peanut Brittle, Project nEXT",
"32418" => "Acid Battery",
"33270" => "Trinity",
"33333" => "Blakharaz, Prosiak",
"33577" => "Son of PsychWard",
"33777" => "Son of PsychWard",
"33911" => "Spirit 2000, Spirit 2001",
"34324" => "Big Gluck, TN",
"34444" => "Donald Dick ",
"34555" => "(UDP) - Trinoo (for Windows)",
"35555" => "(UDP) - Trinoo (for Windows)",
"37237" => "Mantis",
"37651" => "Yet Another Trojan - YAT",
"40412" => "The Spy",
"40421" => "Agent 40421, Masters Paradise",
"40422" => "Masters Paradise",
"40423" => "Masters Paradise",
"40425" => "Masters Paradise",
"40426" => "Masters Paradise",
"41337" => "Storm",
"41666" => "Remote Boot Tool - RBT, Remote Boot Tool - RBT",
"44444" => "Prosiak",
"44575" => "Exploiter ",
"47262" => "(UDP) - Delta Source",
"49301" => "OnLine KeyLogger",
"50130" => "Enterprise ",
"50505" => "Sockets des Troie",
"50766" => "Fore, Schwindler",
"51966" => "Cafeini",
"52317" => "Acid Battery 2000",
"53001" => "Remote Windows Shutdown - RWS",
"54283" => "SubSeven, SubSeven 2.1 Gold",
"54320" => "Back Orifice 2000",
"54321" => "Back Orifice 2000, School Bus",
"55165" => "File Manager trojan, File Manager trojan, WM Trojan Generator",
"55166" => "WM Trojan Generator",
"57341" => "NetRaider ",
"58339" => "Butt Funnel ",
"60000" => "Deep Throat, Foreplay, Sockets des Troie",
"60001" => "Trinity",
"60068" => "Xzip 6000068",
"60411" => "Connection ",
"61348" => "Bunker-Hill ",
"61466" => "TeleCommando",
"61603" => "Bunker-Hill ",
"63485" => "Bunker-Hill ",
"64101" => "Taskman",
"65000" => "Devil, Sockets des Troie, Stacheldraht",
"65390" => "Eclypse",
"65421" => "Jade",
"65432" => "The Traitor (= th3tr41t0r)",
"65432" => "(UDP) - The Traitor (= th3tr41t0r)",
"65534" => "/sbin/initd ",
"65535" => "RC1 trojan"
);
function reload() {
global $from, $to;
echo "document.write('Patientez le Scanne cherche les [ports ouvert de $from à-> port $to]<br>');\n";
relay();
}
function relay() {
global $index;
echo "document.write('$index<br>');\n";
}
function checkport($port)
{ //CONNEXION SOCKET ET AFFICHE LE RESULTAT
global $host, $timeout, $index;
$status = 0;
$socket = @fsockopen($host, $port, &$errno, &$errstr, 10);
if ($socket) {
$service = getservbyport($port, "tcp");
@set_socket_blocking($socket, 0);
$count = 0;
$portOutput = "";
while ($count < $timeout) {
if ($readString = @fread($socket, 1)) {
$readString = addslashes(nl2br(htmlentities(chop($readString))));
$portOutput .= $readString;
}
$count++;
}
@fclose($socket);
if ($portOutput != "") {
$tempstring=" <b>Connexion au socket voici l'echo de la reponse sur votre port ouvert:</b><font face=arial size=-2 color=#ff0000>$portOutput</font>";
}
else
{
$tempstring="(service : $service)";// AFFICHAGE DU SERVICE SI RIEN S AFFICHE C QUE VOTRE PORT ET OUVERT MAIS BLOKER PAR UN par a feu moi je prefere les par a pluie, o moin ca brule pas :)
}
}
else
{
// port fermer
}
return $tempstring;
}
function scanner($from, $to) {
global $starttime, $portdesc, $troj_ary, $index, $PHP_SELF, $to, $timeout, $host, $portlimit;
for($port=$from; $port<=$to; $port++) {
$now=time();
$tempstring=checkport($port);
// $index.="<br>Port : $port -->"; // debeug
if ($tempstring!="") {
$index.="<table width=500><tr><td><font color=red><B>Alert</font> port $port <i>ouvert</i>!</b>";
$index.="</td></tr><tr><td><B>Reserved : $portdesc[$port] </B></td></tr><tr><td>";
$i=0;
if($troj_ary[$port]!="") {
$index.="<B>et/ou Trojan : ".addslashes($troj_ary[$port])."</B>";
}
$index.="</td></tr><tr><td><i>$tempstring</i></td></tr></table>";
relay();
$index="";
if($starttime+20>$now) {
$index .= ".";
// ok
}
else {
$index="<!-- br> .. port $port.<br --> ";
// timeout !!
relay();
exit;
}
}
else {
if($starttime+20>$now) {
$index .= ".";
// port SUIVANT
}
else {
// timeout !!
$index.="<!-- br>En continue <br -->');\n";
if($port!=$to) {
$index.="document.write(\"<script src='$PHP_SELF?host=$host&from=$port&to=$to&timeout=$timeout&reload=1'></script>\");\n";
}
$index.="document.write('";
reload();
exit;
}
}
}
return $index;
}
if($index!="") {
reload();
exit;
}
if(($recursive=="") && ($host=="")) {
?>
<head><title>ScannerTrOy</title>
<style type="text/css"><!--
body { background-color: #000066; color: white; }
strong.bad { color: red; font-weight: bold; }
strong.good { color: green; font-weight: bold; }
input.submit { background-color: black; color: white; }
h1 { color: green; }
h2 { color: green; }
.permit { background-color: #003300; }
pre { background-color: #003300; }
p.note { font-size: smaller; }
--></style>
</head><body>
<?
/*
AFFICHAGE INFORMATION DE LA MACHINE IP, HOST, DNS
echo "Ip : ".$REMOTE_ADDR;
echo "<br>Host :".gethostbyaddr($REMOTE_ADDR);
echo "<br>Dns :".gethostbyname($REMOTE_ADDR);*/
echo $header;
?>
<FORM ACTION="<? echo $PHP_SELF; ?>" METHOD="get">
<div align="center">
<table width= 500 bgcolor=#c0c0c0 cellpadding=8 cellspacing=3>
<tr>
<td bgcolor=#000000 colspan=2><p align=justify>
<p><B><span class=permit>Votre ip
<INPUT TYPE="text" NAME="host" SIZE="30" MAXLENGTH="100" value="<? echo $REMOTE_ADDR; ?>">
<br>
entrer le nb de por a scaner exemple de 1 a 1024 (par default)<br>
de:
<INPUT value=1 TYPE="text" NAME="from" SIZE="8" MAXLENGTH="100">
a:
<INPUT value=1024 TYPE="text" NAME="to" SIZE="8" MAXLENGTH="100">
<br>
</span></td>
</tr>
<tr>
<td bgcolor=#000000 colspan=2>
<!-- input value=10000 name=timeout type=hidden -->
<INPUT TYPE=submit VALUE="SCANNER"></td>
</tr>
</table>
</div>
</FORM>
<div align="center">
<table width= 500 bgcolor=#c0c0c0 cellpadding=8 cellspacing=3>
<tr>
<td bgcolor=#000000 colspan=2><p align=justify>
<p><B> <pre> </pre> </td>
</tr>
</table>
</div>
<?
exit;
}
if(($host) && (!$reload)) {
$ary = explode("\n",$header);
echo "<script>function stopErrors() { return true; } window.onerror = stopErrors;</script>\n";
echo "
<head><title>ScannerTrOY</title>
<style type=\"text/css\"><!--
body { background-color: #000066; color: white; }
strong.bad { color: red; font-weight: bold; }
strong.good { color: green; font-weight: bold; }
input.submit { background-color: black; color: white; }
h1 { color: green; }
h2 { color: green; }
.permit { background-color: #003300; }
pre { background-color: #003300; }
p.note { font-size: smaller; }
--></style>
</head><body><center>";
/*while( list($n,$v) = each($ary) ) {
$str=ltrim(chop(addslashes($v)));
echo "<script>document.write('$str');</script>\n";
}*/
}
if($to-$from>$portlimit) {
while($from<$to) {
$tempto=$from+$portlimit;
if($reload=="1") {
$index=scanner($from, $from+$portlimit);
reload();
}
else echo "<script src='$PHP_SELF?host=$host&from=$from&to=$tempto&timeout=$timeout&reload=1'></script>\n";
$from=$tempto;
if($from>$to) $from=$to;
}
}
else {
if($reload=="1") {
$index=scanner($from, $to);
reload();
}
else echo "<script src='$PHP_SELF?host=$host&from=$from&to=$to&timeout=$timeout&reload=1'></script>\n";
}
?>
 Sources de la même categorie
 Commentaires et avis
|
Derniers Blogs
 PARUTION DE MON LIVRE SUR WPF 4PARUTION DE MON LIVRE SUR WPF 4 par odewit
La 2e édition de mon livre sur WPF sort aujourd'hui en version numérique et lundi en version papier :-)
L'ouvrage présente de façon approfondie les fonctionnalités de WPF 4 : graphisme 2D et 3D, animation, multimédia, interfaces utilisateur, databind...
Cliquez pour lire la suite de l'article par odewit EDM : COMMENT UTILISER L'HORIZONTAL ENTITY SPLITTINGEDM : COMMENT UTILISER L'HORIZONTAL ENTITY SPLITTING par Matthieu MEZIL
Une des raisons pour lesquelles j'adore l'Entity Framework est la puissance de son mapping. Beaucoup de développeurs pour ne pas dire la plus part n'en n'ont pas conscience. Pour rappel, j'ai réalisé des videos (en anglais) sur le mapping . Certains scena...
Cliquez pour lire la suite de l'article par Matthieu MEZIL [WP7DEV][REACTIVE] RENDRE LES REACTIVE EXTENSIONS PLUS STABLES[WP7DEV][REACTIVE] RENDRE LES REACTIVE EXTENSIONS PLUS STABLES par jay
Lorsque l'on développe des applications .NET, les exceptions non gérées dans des threads ont le désagréable effet de terminer le processus courant.
Dans l'exemple suivant.......(read more) ...
Cliquez pour lire la suite de l'article par jay WINDBG / SOS / PSSCOR2 : FAILED TO LOAD DATA ACCESS DLL (MSCORDACWKS)WINDBG / SOS / PSSCOR2 : FAILED TO LOAD DATA ACCESS DLL (MSCORDACWKS) par coq
Ceux d'entre nous qui analysent des dumps d'applications .NET (notamment ceux créés via WER après un crash) en dehors de l'environnement initial ont probablement tous été confrontés au moins une fois au message suivant, à la saisie d'une commande SOS ...
Cliquez pour lire la suite de l'article par coq
Logiciels
 Microsoft Office (2010)MICROSOFT OFFICE (2010)Microsoft Office 2010 offre de nouveaux moyens flexibles et puissants pour optimiser votre travai... Cliquez pour télécharger Microsoft Office SeaMonkey (2.0.7)SEAMONKEY (2.0.7)Le projet SeaMonkey est issu d'un effort communautaire pour developper une application tout en un... Cliquez pour télécharger SeaMonkey Safari (5.0.2)SAFARI (5.0.2)Le navigateur d'Apple a lui aussi été mis à jour, aussi bien dans sa mouture Windows que celle po... Cliquez pour télécharger Safari Mozilla FireFox (4.0 béta 5)MOZILLA FIREFOX (4.0 BéTA 5)Firefox 4.0 béta 5
L'une des nouveautés visibles les plus attendues réside sans doute dans l'a... Cliquez pour télécharger Mozilla FireFox Mozilla Firefox (3.6.9)MOZILLA FIREFOX (3.6.9)Firefox 3.6.9 corrige les problèmes suivants :
* Introduced support for the X-FRAME-OPTION... Cliquez pour télécharger Mozilla Firefox
|