Re: portscanner written in PHP

[H D Moore <hdm () secureaustin com>]

I wrote a distributed port scanner in php a few months back:

http://www.digitaloffense.net/phpDistributedPortScanner/

The public version supports unlimited nodes and a primitive form of 
authentication. It can be fairly hard to trace the source of the scan because 
the master can be accessed via one or more proxies and the connection 
attempts only occur from the slave nodes.  The communication protocol is 
really simply and it would be trivial to add timing options and a much more 
random port->node dispersal.


The development (aka nonpublic) version uses encrypted comms (shared secret 
for now) and the 'agent' code consists of a wrapper which decrypt's and 
eval()'s the code sent by the master.  Master agents can be chained together 
to transparently spread a scan across dozens of systems. In short, the agent 
is only responsilble for authenticating code from a master system, just 
viewing the source of the agent will not disclose the purpose of the script. 
I have some other projects in the works which perform some much more 
interesting tasks using the same distributed architecture. Think of an 
attack-proxy system which uses randomly chained multiple relayers capable of 
transforming the data as it passes through. The agent code is going to be 
slimmed down enough so that it can be "injected" into any arbitrary php 
script transforming it into a slave node on the fly. I am looking for 
experienced php developers to help on this project, so if anyone is 
interested...


-- 
H D Moore
http://www.digitaldefense.net - work
http://www.digitaloffense.net - play

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/