PureBoard

Verfasst: **22.09.2005 19:53**

MOin

ich habe mir jetzt aus dem[LINK] und dem[LINK] den[unten] code Gemacht
und eigentlich müsste der mir doch jetzt fast alle offenen ports ausgeben
das macht er aber nicht [nicht mal port 80 vom apache]

Code: Alles auswählen

Enumeration
  #LinkToKernel32Lib
  #LinkToAdvapi32Lib
EndEnumeration

#MAX_PATH = 260

#TH32CS_SNAPHEAPLIST = $1 ;Includes all heaps of the process specified in th32ProcessID in the snapshot. To enumerate the heaps, see Heap32ListFirst.
#TH32CS_SNAPPROCESS = $2 ;Includes all processes in the system in the snapshot. To enumerate the processes, see Process32First.
#TH32CS_SNAPTHREAD = $4 ;To identify the threads that belong to a specific process, compare its process identifier to the th32OwnerProcessID member of the THREADENTRY32 structure when enumerating the threads.
#TH32CS_SNAPMODULE = $8 ;Includes all modules of the process specified in th32ProcessID in the snapshot. To enumerate the modules, see Module32First.
#TH32CS_SNAPALL = #TH32CS_SNAPHEAPLIST | #TH32CS_SNAPPROCESS | #TH32CS_SNAPTHREAD | #TH32CS_SNAPMODULE ;Includes all processes and threads in the system, plus the heaps and modules of the process specified in th32ProcessID. Equivalent to specifying the TH32CS_SNAPHEAPLIST, TH32CS_SNAPMODULE, TH32CS_SNAPPROCESS, and TH32CS_SNAPTHREAD values.
#TH32CS_INHERIT = $80000000 ;Indicates that the snapshot handle is to be inheritable.
#TOKEN_QUERY=8
#TOKEN_ADJUST_PRIVILEGES=32
#PROCESS_DUP_HANDLE=64
#STANDARD_RIGHTS_ALL=2031616
#GENERIC_ALL=268435456

Structure PROCESSENTRY32
  dwSize.l
  cntUsage.l
  th32ProcessID.l
  th32DefaultHeapID.l
  th32ModuleID.l
  cntThreads.l
  th32ParentProcessID.l
  pcPriClassBase.l
  dwFlags.l
  szExeFile.b [#MAX_PATH]
EndStructure

NewList Process32.PROCESSENTRY32()

Procedure.s GetUsedPorts(ProcessID)
  Global GetPorts_AlreadyCalled
  
  Select OSVersion()
    Case #PB_OS_Windows_2000
      OSDepType=26
    Case #PB_OS_Windows_XP
      OSDepType=28
    Default
      ProcedureReturn "0"
      
  EndSelect
  
  If GetPorts_AlreadyCalled=0
    
    NewToken.TOKEN_PRIVILEGES
    OldToken.TOKEN_PRIVILEGES
    FoundPorts=0
    AdvapiInst=LoadLibrary_("advapi32.dll")
    If AdvapiInst
      Addr1=GetProcAddress_(AdvapiInst,"LookupPrivilegeValueA")
      Addr2=GetProcAddress_(AdvapiInst,"OpenProcessToken")
      Addr3=GetProcAddress_(AdvapiInst,"AdjustTokenPrivileges")
      If  Addr1<>0 And Addr2<>0 And Addr3<>0
        result=CallFunctionFast(Addr2,GetCurrentProcess_(),#TOKEN_ADJUST_PRIVILEGES|#TOKEN_QUERY,@A)
        If result
          result=CallFunctionFast(Addr1,"","SeDebugPrivilege",OldToken\Privileges[0]\Luid)
          If result
            NewToken\PrivilegeCount=1
            NewToken\Privileges[0]\Attributes=#SE_PRIVILEGE_ENABLED
            NewToken\Privileges[0]\Luid\LowPart=OldToken\Privileges[0]\Luid\LowPart
            NewToken\Privileges[0]\Luid\HighPart=OldToken\Privileges[0]\Luid\HighPart
            CallFunctionFast(Addr3,A,0,NewToken,SizeOf(TOKEN_PRIVILEGES),OldToken,@dummy)
          EndIf
        EndIf
      EndIf
      FreeLibrary_(AdvapiInst)
    EndIf
    If result=0
    Else
      GetPorts_AlreadyCalled=-1
    EndIf
  EndIf
  
  QuerySizePtr=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,20)
  
  If QuerySizePtr=0:ProcedureReturn "":EndIf
  NtQuerySystemInformation_(16,QuerySizePtr,20,0)
  Size=(PeekL(QuerySizePtr)-1)*16+20
  GlobalFree_(QuerySizePtr)
  If Size<=4:ProcedureReturn "":EndIf
  
  Addr=GlobalAlloc_(#GMEM_FIXED|#GMEM_ZEROINIT,Size)
  If Addr=0:ProcedureReturn "":EndIf
  
  NtQuerySystemInformation_(16,Addr,Size,0)
  For Count=0 To Size-16 Step 16
    AppProcessID=PeekW(Addr+Count+4)&$FFFF
    Type=PeekB(Addr+Count+8)&$FF
    hSocket=PeekW(Addr+Count+10)&$FFFF
    
    If AppProcessID=ProcessID
      
      If Type=OSDepType
        
        Process=OpenProcess_(#PROCESS_DUP_HANDLE,0,ProcessID)
        If Process
          DuplicateHandle_(Process,hSocket,GetCurrentProcess_(),@hNewSocket,#STANDARD_RIGHTS_ALL|#GENERIC_ALL,0,0)
          If hNewSocket
            
            FileType=GetFileType_(hNewSocket)
            
            If FileType=3
              
              SockNameSize=SizeOf(sockaddr_in)
              If getsockname_(hNewSocket,SockName.sockaddr_in,@SockNameSize)=0
                
                If FoundPorts>0:Ports.s+",":EndIf
                FoundPorts+1
                Ports.s+Str(htons_(SockName\sin_port)&$FFFF)
              EndIf             
              
            EndIf           
            CloseHandle_(hNewSocket)
          EndIf
          CloseHandle_(Process)
        EndIf       
      EndIf     
    EndIf
    
  Next
  
  GlobalFree_(Addr)
  ProcedureReturn Ports.s
EndProcedure

If OpenLibrary(#LinkToKernel32Lib, "kernel32.dll")
  hSnapshot = CallFunction(#LinkToKernel32Lib, "CreateToolhelp32Snapshot", #TH32CS_SNAPPROCESS, 0)
  If hSnapshot
    Proc32.PROCESSENTRY32 
    Proc32\dwSize = SizeOf(PROCESSENTRY32)
    If CallFunction(#LinkToKernel32Lib, "Process32First", hSnapshot, @Proc32)
      AddElement(Process32())
      CopyMemory(@Proc32, @Process32(), SizeOf(PROCESSENTRY32))
      While CallFunction(#LinkToKernel32Lib, "Process32Next", hSnapshot, @Proc32)
        AddElement(Process32())
        CopyMemory(@Proc32, @Process32 (), SizeOf(PROCESSENTRY32))
      Wend
    EndIf   
    CloseHandle_(hSnapshot)
  EndIf
  CloseLibrary(#LinkToKernel32Lib)
EndIf

ResetList(Process32())

While NextElement(Process32())
  Debug PeekS(@Process32()\szExeFile)+" : "+GetUsedPorts(PeekL(@Process32()\th32ProcessID))
Wend

weiss einer warum?

ps :es geht mir nicht darum alle offenen ports zu finden sondern möchte ich wissen welches programm welchen port auf gemacht hat
weil meine ganzen offen ports kenne ich schon
80: Apache
135: Net BIOS
445: irgendwas fürs interne Microsoft Netzwerk
1048: glaube NET Services
5354: K.A.

Edit by NicTheQuick: Threadtitel geändert

Verfasst: **22.09.2005 19:59**

Oh ne habe schon den fehler gefunden ich muss noch InitNetwork() machen

[System Process] :
System :
smss.exe :
csrss.exe :
winlogon.exe :
services.exe :
lsass.exe :
svchost.exe :
svchost.exe :
svchost.exe :
svchost.exe :
svchost.exe :
explorer.exe :
spoolsv.exe :
sstray.exe :
razertra.exe :
rundll32.exe :
CTDVDDET.exe :
CTSysVol.exe :
rundll32.exe :
qttask.exe :
PDVDServ.exe :
razerhid.exe :
ctfmon.exe :
msmsgs.exe :
RcMan.exe :
CTDetect.exe :
TS-Shutdown.exe :
CTSVCCDA.EXE :
nvsvc32.exe :
MsPMSPSv.exe :
mDNSResponder.exe : 1044,5354,5353
alg.exe :
Steam.exe : 1122,27007
razerofa.exe :
jaPBe.exe :
PBCompiler-jaPBe.exe :
firefox.exe : 1210,1209
ntvdm.exe :
hh.exe :
OSDMenu.exe :
CTCMS.EXE :
xampp-control.exe :
Apache.exe : 443,80
mysqld.exe : 3306
Apache.exe : 80,443
PureBasic88433656.exe :
--------------------
edit: hä wo ist mein port 445 und 135?
und warum sind das jetzt so viele mit dem code:
InitNetwork()
For Port=1 To 16000
If OpenNetworkConnection("localhost", Port)
Debug Port
EndIf
Next
Debug "jetzt bin ich bei 16000"
waren das viel weniger

Verfasst: **23.09.2005 08:27**

Kennst Du den Befehl NETSTAT? NETSTAT -b macht genau das ,was Du willst. Zumindest kannst Du checken, ob Dein Programm richtig arbeitet.

PureBoard

Alle Programme mit offenen Ports auflisten

Alle Programme mit offenen Ports auflisten