#!/usr/bin/perl

# ---- 3scan.pl
# TCP port scanner, using fork(). faster than one process
# scanner. but nmap is the best choice as you know.
# 
# 					White_E <white_e@iname.com>
# 					http://ttj.virtualave.net/

use Socket;
($host,$start,$end) = @ARGV;
die "usage: $0 <host> <start port> <end port>\n" unless ($end);
die "start port must be smaller than end port.\n" if ($start >= $end);

$|=1;
$iaddr=inet_aton($host) || die "ERR: can't find $host\n";

$x = ($end-$start)/3;
@scan1=($start .. $start+$x);
@scan2=($start+$x+1 .. $start+$x*2);
@scan3=($start+$x*2+1 .. $end);

$pid1=fork();

if ($pid1 == 0) { # child 1
  foreach (@scan1) {
    socket(S1,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
    &c0nnect(\*S1,$_);
    close(S1);
  }
  exit;
} else { # parent 1
  $pid2=fork();
  if ($pid2 == 0) { # child 2
    foreach (@scan2) {
      socket(S2,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
      &c0nnect(\*S2,$_);
      close(S2);
    }
  exit;
  } else { # child 3 (&& parent 2)
    foreach (@scan3) {
      socket(S3,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
      &c0nnect(\*S3,$_);
      close(S3);
    }
    exit;
  }
  wait();
}
print "Done.\n";

sub c0nnect
{
  my $sock,$port,$paddr;
  $sock=$_[0];
  $port=$_[1];
  $paddr=sockaddr_in($port,$iaddr);
  select($sock);$|=1;select(STDOUT);
  print "$port: Open!\n" if (connect($sock,$paddr));
}