iniitial work for also showing closed ports

Author: fabianbees

src/input.rs

@@ -162,6 +162,10 @@ pub struct Opts {
     /// UDP scanning mode, finds UDP ports that send back responses
     #[arg(long)]
     pub udp: bool,
+
+    /// Also show closed Ports
+    #[arg(long)]
+    pub closed: bool,
 }
 
 #[cfg(not(tarpaulin_include))]
@@ -201,7 +205,7 @@ impl Opts {
 
         merge_required!(
             addresses, greppable, accessible, batch_size, timeout, tries, scan_order, scripts,
-            command, udp
+            command, udp, closed
         );
     }
 
@@ -252,6 +256,7 @@ impl Default for Opts {
             exclude_ports: None,
             exclude_addresses: None,
             udp: false,
+            closed: false,
         }
     }
 }
@@ -278,6 +283,7 @@ pub struct Config {
     exclude_ports: Option<Vec<u16>>,
     exclude_addresses: Option<Vec<String>>,
     udp: Option<bool>,
+    closed: Option<bool>,
 }
 
 #[cfg(not(tarpaulin_include))]
@@ -295,6 +301,7 @@ impl Config {
     /// scan_order = "Serial"
     /// exclude_ports = [8080, 9090, 80]
     /// udp = false
+    /// closed = false
     ///
     pub fn read(custom_config_path: Option<PathBuf>) -> Self {
         let mut content = String::new();
@@ -353,6 +360,7 @@ mod tests {
                 exclude_ports: None,
                 exclude_addresses: None,
                 udp: Some(false),
+                closed: Some(false),
             }
         }
     }

src/main.rs

@@ -35,6 +35,8 @@ extern crate log;
 /// Faster Nmap scanning with Rust
 /// If you're looking for the actual scanning, check out the module Scanner
 fn main() {
+    use rustscan::scanner::PortStatus;
+
     #[cfg(not(unix))]
     let _ = ansi_term::enable_ansi_support();
 
@@ -93,6 +95,7 @@ fn main() {
         opts.accessible,
         opts.exclude_ports.unwrap_or_default(),
         opts.udp,
+        opts.closed,
     );
     debug!("Scanner finished building: {:?}", scanner);
 
@@ -101,17 +104,28 @@ fn main() {
     portscan_bench.end();
     benchmarks.push(portscan_bench);
 
-    let mut ports_per_ip = HashMap::new();
+    let mut open_ports_per_ip = HashMap::new();
+    let mut closed_ports_per_ip = HashMap::new();
 
     for socket in scan_result {
-        ports_per_ip
-            .entry(socket.ip())
-            .or_insert_with(Vec::new)
-            .push(socket.port());
+        match socket {
+            PortStatus::Open(socket) => {
+                open_ports_per_ip
+                    .entry(socket.ip())
+                    .or_insert_with(Vec::new)
+                    .push(socket.port());
+            }
+            PortStatus::Closed(socket) => {
+                closed_ports_per_ip
+                    .entry(socket.ip())
+                    .or_insert_with(Vec::new)
+                    .push(socket.port());
+            }
+        }
     }
 
     for ip in ips {
-        if ports_per_ip.contains_key(&ip) {
+        if open_ports_per_ip.contains_key(&ip) || closed_ports_per_ip.contains_key(&ip) {
             continue;
         }
 
@@ -128,7 +142,63 @@ fn main() {
     }
 
     let mut script_bench = NamedTimer::start("Scripts");
-    for (ip, ports) in &ports_per_ip {
+    for (ip, ports) in &open_ports_per_ip {
+        let vec_str_ports: Vec<String> = ports.iter().map(ToString::to_string).collect();
+
+        // nmap port style is 80,443. Comma separated with no spaces.
+        let ports_str = vec_str_ports.join(",");
+
+        // if option scripts is none, no script will be spawned
+        if opts.greppable || opts.scripts == ScriptsRequired::None {
+            println!("{} -> [{}]", &ip, ports_str);
+            continue;
+        }
+        detail!("Starting Script(s)", opts.greppable, opts.accessible);
+
+        // Run all the scripts we found and parsed based on the script config file tags field.
+        for mut script_f in scripts_to_run.clone() {
+            // This part allows us to add commandline arguments to the Script call_format, appending them to the end of the command.
+            if !opts.command.is_empty() {
+                let user_extra_args = &opts.command.join(" ");
+                debug!("Extra args vec {:?}", user_extra_args);
+                if script_f.call_format.is_some() {
+                    let mut call_f = script_f.call_format.unwrap();
+                    call_f.push(' ');
+                    call_f.push_str(user_extra_args);
+                    output!(
+                        format!("Running script {:?} on ip {}\nDepending on the complexity of the script, results may take some time to appear.", call_f, &ip),
+                        opts.greppable,
+                        opts.accessible
+                    );
+                    debug!("Call format {}", call_f);
+                    script_f.call_format = Some(call_f);
+                }
+            }
+
+            // Building the script with the arguments from the ScriptFile, and ip-ports.
+            let script = Script::build(
+                script_f.path,
+                *ip,
+                ports.clone(),
+                script_f.port,
+                script_f.ports_separator,
+                script_f.tags,
+                script_f.call_format,
+            );
+            match script.run() {
+                Ok(script_result) => {
+                    detail!(script_result.to_string(), opts.greppable, opts.accessible);
+                }
+                Err(e) => {
+                    warning!(&format!("Error {e}"), opts.greppable, opts.accessible);
+                }
+            }
+        }
+    }
+
+    // TODO:
+    println!("closed ports:");
+    for (ip, ports) in &closed_ports_per_ip {
         let vec_str_ports: Vec<String> = ports.iter().map(ToString::to_string).collect();
 
         // nmap port style is 80,443. Comma separated with no spaces.

src/scanner/mod.rs

@@ -37,6 +37,13 @@ pub struct Scanner {
     accessible: bool,
     exclude_ports: Vec<u16>,
     udp: bool,
+    closed: bool,
+}
+
+#[derive(Debug)]
+pub enum PortStatus {
+    Open(SocketAddr),
+    Closed(SocketAddr),
 }
 
 // Allowing too many arguments for clippy.
@@ -52,6 +59,7 @@ impl Scanner {
         accessible: bool,
         exclude_ports: Vec<u16>,
         udp: bool,
+        closed: bool,
     ) -> Self {
         Self {
             batch_size,
@@ -63,13 +71,14 @@ impl Scanner {
             accessible,
             exclude_ports,
             udp,
+            closed,
         }
     }
 
     /// Runs scan_range with chunk sizes
     /// If you want to run RustScan normally, this is the entry point used
     /// Returns all open ports as `Vec<u16>`
-    pub async fn run(&self) -> Vec<SocketAddr> {
+    pub async fn run(&self) -> Vec<PortStatus> {
         let ports: Vec<u16> = self
             .port_strategy
             .order()
@@ -78,7 +87,7 @@ impl Scanner {
             .copied()
             .collect();
         let mut socket_iterator: SocketIterator = SocketIterator::new(&self.ips, &ports);
-        let mut open_sockets: Vec<SocketAddr> = Vec::new();
+        let mut found_sockets: Vec<PortStatus> = Vec::new();
         let mut ftrs = FuturesUnordered::new();
         let mut errors: HashSet<String> = HashSet::new();
         let udp_map = get_parsed_data();
@@ -103,7 +112,7 @@ impl Scanner {
             }
 
             match result {
-                Ok(socket) => open_sockets.push(socket),
+                Ok(socket) => found_sockets.push(socket),
                 Err(e) => {
                     let error_string = e.to_string();
                     if errors.len() < self.ips.len() * 1000 {
@@ -113,8 +122,8 @@ impl Scanner {
             }
         }
         debug!("Typical socket connection errors {:?}", errors);
-        debug!("Open Sockets found: {:?}", &open_sockets);
-        open_sockets
+        debug!("Open Sockets found: {:?}", &found_sockets);
+        found_sockets
     }
 
     /// Given a socket, scan it self.tries times.
@@ -135,7 +144,7 @@ impl Scanner {
         &self,
         socket: SocketAddr,
         udp_map: BTreeMap<Vec<u16>, Vec<u8>>,
-    ) -> io::Result<SocketAddr> {
+    ) -> io::Result<PortStatus> {
         if self.udp {
             return self.scan_udp_socket(socket, udp_map).await;
         }
@@ -154,11 +163,23 @@ impl Scanner {
                     self.fmt_ports(socket);
 
                     debug!("Return Ok after {} tries", nr_try);
-                    return Ok(socket);
+                    return Ok(PortStatus::Open(socket));
                 }
                 Err(e) => {
                     let mut error_string = e.to_string();
 
+                    if e.kind() == io::ErrorKind::ConnectionRefused {
+                        if !self.greppable {
+                            if self.accessible {
+                                println!("Closed {socket}");
+                            } else {
+                                println!("Closed {}", socket.to_string().red());
+                            }
+                        }
+
+                        return Ok(PortStatus::Closed(socket));
+                    }
+
                     assert!(!error_string.to_lowercase().contains("too many open files"), "Too many open files. Please reduce batch size. The default is 5000. Try -b 2500.");
 
                     if nr_try == tries {
@@ -176,7 +197,7 @@ impl Scanner {
         &self,
         socket: SocketAddr,
         udp_map: BTreeMap<Vec<u16>, Vec<u8>>,
-    ) -> io::Result<SocketAddr> {
+    ) -> io::Result<PortStatus> {
         let mut payload: Vec<u8> = Vec::new();
         for (key, value) in udp_map {
             if key.contains(&socket.port()) {
@@ -187,13 +208,13 @@ impl Scanner {
         let tries = self.tries.get();
         for _ in 1..=tries {
             match self.udp_scan(socket, &payload, self.timeout).await {
-                Ok(true) => return Ok(socket),
+                Ok(true) => return Ok(PortStatus::Open(socket)),
                 Ok(false) => continue,
                 Err(e) => return Err(e),
             }
         }
 
-        Ok(socket)
+        Ok(PortStatus::Open(socket))
     }
 
     /// Performs the connection to the socket with timeout