121 lines
3.4 KiB
Python
121 lines
3.4 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
HC900 UDP 포트 스캔
|
|
Honeywell proprietary 프로토콜 포트를 찾기 위해 주요 포트 스캔
|
|
"""
|
|
|
|
import socket
|
|
import time
|
|
import threading
|
|
from concurrent.futures import ThreadPoolExecutor, as_completed
|
|
|
|
HC900_IP = "192.168.0.240"
|
|
TIMEOUT = 2.0
|
|
|
|
# Honeywell / HC900 관련 주요 UDP 포트
|
|
HONEYWELL_PORTS = [
|
|
2000, # 사용자 지정
|
|
44818, # H1/HSE 통신 (Honeywell)
|
|
44819, # H1/HSE 통신
|
|
20547, # Honeywell
|
|
20548, # Honeywell
|
|
20549, # Honeywell
|
|
20550, # Honeywell
|
|
20551, # Honeywell
|
|
20552, # Honeywell
|
|
20553, # Honeywell
|
|
20554, # Honeywell
|
|
20555, # Honeywell
|
|
20556, # Honeywell
|
|
20557, # Honeywell
|
|
20558, # Honeywell
|
|
20559, # Honeywell
|
|
20560, # Honeywell
|
|
10001, # Honeywell
|
|
10002, # Honeywell
|
|
10003, # Honeywell
|
|
10004, # Honeywell
|
|
10005, # Honeywell
|
|
10006, # Honeywell
|
|
10007, # Honeywell
|
|
10008, # Honeywell
|
|
10009, # Honeywell
|
|
10010, # Honeywell
|
|
5001, # Honeywell
|
|
5002, # Honeywell
|
|
5003, # Honeywell
|
|
5004, # Honeywell
|
|
5005, # Honeywell
|
|
5006, # Honeywell
|
|
5007, # Honeywell
|
|
5008, # Honeywell
|
|
5009, # Honeywell
|
|
5010, # Honeywell
|
|
]
|
|
|
|
# 전체 포트 범위 (1-1024, 2000-5000, 10000-11000, 20000-21000, 44000-45000)
|
|
RANGE_PORTS = []
|
|
RANGE_PORTS.extend(range(1, 1025))
|
|
RANGE_PORTS.extend(range(2000, 5001))
|
|
RANGE_PORTS.extend(range(10000, 11001))
|
|
RANGE_PORTS.extend(range(20000, 21001))
|
|
RANGE_PORTS.extend(range(44000, 45001))
|
|
|
|
ALL_PORTS = sorted(set(HONEYWELL_PORTS + RANGE_PORTS))
|
|
|
|
|
|
def scan_udp_port(port):
|
|
"""단일 UDP 포트 스캔"""
|
|
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
|
sock.settimeout(TIMEOUT)
|
|
try:
|
|
# 빈 패킷 전송
|
|
sock.sendto(b'\x00' * 4, (HC900_IP, port))
|
|
data, addr = sock.recvfrom(1024)
|
|
return port, True, len(data), data[:64].hex()
|
|
except socket.timeout:
|
|
return port, False, 0, None
|
|
except Exception as e:
|
|
return port, False, 0, str(e)
|
|
finally:
|
|
sock.close()
|
|
|
|
|
|
def main():
|
|
print(f"HC900 UDP 포트 스캔 ({HC900_IP})")
|
|
print(f"스캔 포트 수: {len(ALL_PORTS)}")
|
|
print(f"타임아웃: {TIMEOUT}초")
|
|
print("=" * 60)
|
|
|
|
open_ports = []
|
|
total = len(ALL_PORTS)
|
|
done = 0
|
|
|
|
# ThreadPoolExecutor로 병렬 스캔 (10개 동시)
|
|
with ThreadPoolExecutor(max_workers=10) as executor:
|
|
futures = {executor.submit(scan_udp_port, port): port for port in ALL_PORTS}
|
|
for future in as_completed(futures):
|
|
port, is_open, size, data_hex = future.result()
|
|
done += 1
|
|
if done % 500 == 0 or done == total:
|
|
print(f"\r진행: {done}/{total} ({done*100//total}%)", end='', flush=True)
|
|
|
|
if is_open:
|
|
open_ports.append((port, size, data_hex))
|
|
print(f"\n ✓ 포트 {port}: 응답 {size} bytes ({data_hex})")
|
|
|
|
print(f"\n")
|
|
print("=" * 60)
|
|
print(f"스캔 완료: {total}개 포트")
|
|
print(f"열린 UDP 포트: {len(open_ports)}개")
|
|
if open_ports:
|
|
for port, size, data_hex in open_ports:
|
|
print(f" 포트 {port}: {size} bytes ({data_hex})")
|
|
else:
|
|
print(" (열린 포트 없음)")
|
|
print("=" * 60)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|