Skip to content

Tag: Networking

Building a Port Sniffer with PowerShell

In the world of network monitoring and security, the ability to analyse traffic across multiple ports is crucial. Port sniffers are essential tools, enabling administrators to intercept and scrutinize data flow through specific ports.

In this code example, we’ll delve into an advanced PowerShell-based port sniffer, capable of monitoring a range of ports and engaging in bidirectional communication with clients. This enhanced version extends beyond traditional single-port monitoring, empowering users with comprehensive network analysis capabilities while facilitating dynamic interactions with connected clients.

PowerShell Port Sniffer Script:

# Define the range of ports to listen on
$startPort = 8000
$endPort = 8010
 
# Create TCP listener objects for each port in the range
$listeners = @()
try {
    for ($port = $startPort; $port -le $endPort; $port++) {
        $listener = [System.Net.Sockets.TcpListener] $port
        $listener.Start()
        $listeners += $listener
        Write-Host "Port Sniffer listening on port $port..."
    }
 
    # Infinite loop to continuously listen for connections on all ports
    while ($true) {
        foreach ($listener in $listeners) {
            if ($listener.Pending()) {
                $client = $listener.AcceptTcpClient()
                $clientIP = $client.Client.RemoteEndPoint.Address
                $clientPort = $listener.Server.LocalEndpoint.Port  # Corrected line
                Write-Host "Connection from: $clientIP on port $clientPort"
                 
                # Send a response to the client
                $stream = $client.GetStream()
                $response = [System.Text.Encoding]::ASCII.GetBytes("Hello from ScriptWizards.net!")
                $stream.Write($response, 0, $response.Length)
                 
                # Close the client connection
                $client.Close()
            }
        }
    }
}
finally {
    # Close all TCP listeners
    foreach ($listener in $listeners) {
        $listener.Stop()
    }
}

  • We define a range of ports using $startPort and $endPort.
  • In the loop, we create a TCP listener object for each port in the range and start listening on it.
  • Inside the infinite loop, we iterate through each listener and check if there’s any pending connection using $listener.Pending().
  • If a connection is pending, we accept the client connection, retrieve its IP address and connection port, and display it.
  • Then, we send a response back to the client, confirming the connection and providing a greeting message.
  • The TCP listeners are enclosed in a try-finally block. This ensures that even if an exception occurs, the finally block will execute, closing the TCP listeners.
  • In the finally block, all TCP listeners are explicitly stopped using the Stop() method.

Conclusion

In summary, this PowerShell port sniffer script continuously listens for incoming connections on a range of specified ports. When a connection is established, it acknowledges the connection by sending a response to the client. This two-way communication capability enhances the functionality of the port sniffer, making it a versatile tool for network monitoring and interaction.

© 2024 ScriptWizards.net - Powered by Coffee & Magic