Click here to Skip to main content
15,916,280 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
I am working on a program for TCP/UDP port scanning. TCP is working fine and well but it seems like I have no idea on how to achieve the UDP port scanning using the AutoIt.

Since the UDP port is connectionless I am using UDPOpen function to bind my $PortIP and $PortStartNumberB. Unfortunately when I scan it will list out all ports. By now it will show up the respective open port from my application that has been set to allowed only for port 4008 in UDP for example 4008 (since i testing using advance port scanner tool and only this port should be be open).

Could someone more knowledgeable than myself please help me to understand on how I can modify the function code posted below since I am not able to reproduce the UDP open port list in AutoIt script? Platform is Win7 x86.


$portList = "  "
$PortIP = "192.168.11.1"
$PortEndNumberB = "4010"
$PortStartNumberB = "4000"

Func ScanUDP()
    UDPStartup()
    $timerstart = TimerInit()

    For $LetsGo = $PortStartNumberB To $PortEndNumberB
        $a = UDPOpen($PortIP, $PortStartNumberB, 1)
        If @error <> 0 Then
            $portList = $portList & $PortStartNumberB & @CRLF
        EndIf

        $PortStartNumberB = $PortStartNumberB + 1
    Next

    UDPShutdown()
    $timerend = TimerDiff($timerstart)
    TrayTip("Port Scanner", "Done Process took " & Round($timerend,-1)/1000 & " seconds", 7, 1)
EndFunc


What I have tried:

when i try run, it list out all the port from.

4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010


by right, i need to display only 4008 which is the right open udp port (i has tested using other freeware tools-advance port scan)
Posted
Updated 24-Apr-23 9:21am

Because UDP is connectionless, you have to send some data and wait some time if you get an ICMP Destination unreachable (Wikipedia)[^] message with code 3 indicating that the port is unreachable.

But note that a time out is not a reliable indication that an UDP service is listening.

If you know the protocol, it would be better to send a well formatted request and wait for a corresponding reply (again with a time out).
 
Share this answer
 
May be it help

Local $port

If $CmdLine[0] == 0 Then
   MsgBox(0x0,"Err","arg is empty")
   Exit 1
Else
   $port = $CmdLine[1]
EndIf

Func _MyPortExists($port)
   Local $sRead, $sBuffer, $CMD_PId
   $CMD_PId = Run(@ComSpec & ' /c netstat -an | find "UDP" | find ":' & $port & ' " /C', "C:\", @SW_HIDE, 0x2)

   While 1
	   $sBuffer = StdoutRead($CMD_PId)
	   If @error Then ExitLoop
	   If $sBuffer Then
		   $sRead &= $sBuffer
	   EndIf
	   Sleep(2)
   WEnd

   $sRead = StringLeft ( $sRead, 1 )
   If $sRead == 0 Or $sRead == 1 Or $sRead == 2 Then
	  Return $sRead
   Else
;~	  _Log_MyInfo( $flog, $sRead & ", " & VarGetType($sRead) & ", -->" & $sRead & "<--")
	  Return _MyPortExists($port)
   EndIf

EndFunc

If _MyPortExists($port) <> 0 Then
   MsgBox(0x0,"PortLst","Open")
Else
   MsgBox(0x0,"PortLst","Closed")
EndIf
 
Share this answer
 
Comments
Dave Kreskowiak 24-Apr-23 18:14pm    
I seriously doubt it's going to help the OP 7 years later. On top of that, your code uses netstat, which only looks at the local machine, not the ports of a remote machine, which is what the OP was talking about.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900