search

mrjackwills / havn

A fast configurable port scanner with reasonable defaults
MIT License
164 stars 5 forks source link

[NEW FEATURE] Support for scanning multiple machines at once #6

Open crabdancing opened 1 month ago

crabdancing commented 1 month ago

Is your feature request related to a problem? Please describe.

Often times, a network scanning problem takes the form 'I want to know which computers in such and such IP range are listening on this one port' or, 'Which computers are on the network?' nmap has some clunky solutions to this, but being able to use havn instead would be great.

Describe the solution you'd like

Instead of a single IP, accept range(s) of IPs that let the user hit multiple devices at once with a single scan operation.

Describe alternatives you've considered

Scripting. But when the application isn't optimized for bulk scanning, it's very very slow. For instance, I started it scanning my network in the background when I started typing this issue, on ports 1-1000, and it's still not gotten past 57.

Additional context

N/A

mrjackwills commented 1 month ago

Sounds interesting, how would you envision this to be executed, something like havn 123.123.134 234.234.234 www.google.com

and then what do you think the best way to show the results would be, could have a third column which lists which addresses, or more tables - either horizontally or vertically

crabdancing commented 1 month ago

Hmmm. A third column would be more compact, which is probably a priority given the use case of havn IMO! :3

As for supporting multiple host targets, I definitely agree that supporting a list of hostnames would be great!

It would also be great to support subnets, e.g. 192.168.0.1/24 for 192.168.0.1 to 192.168.0.255. This is a well established networking standard, and it's probably wise to support it in a tool like this to support scanning an entire subnet in a syntax that will be familiar to veterans.

Sadly, the typical subnetting standard is a leaky abstraction in my opinion (requires thinking about the binary representation of the IP address). It also lacks flexibility to concisely represent things like, e.g., 192.168.0.1 to 192.168.255.1, but not 192.168.0.255. So not the most friendly to newcomers, if that's a design goal.

I've been playing with the idea of supporting ranges of IP address segments instead in my own software. E.g., if you want to scan from 192.168.0.1 to 192.168.0.255, you'd do 192.168.0.1-255. Noting of course it should be possible to more concisely represent all IPs, maybe a single - by itself as the IP should be interpreted as such. And as for IPV6, I'm not sure what would be best.

I think if you wanted to just support subnets & lists and nothing else, that'd be understandable, though. It definitely simplifies the parsing and is probably less error prone!