aaronjwood / portauthority Goto Github PK

A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.

Home Page: https://play.google.com/store/apps/details?id=com.aaronjwood.portauthority.free

License: GNU General Public License v3.0

Java 81.02% Makefile 0.11% C 18.87%

android port-scanner tcp network-discovery security-scanner java dns-lookup wake-on-lan

portauthority's Introduction

Port Authority

Overview

A handy systems and security-focused tool, Port Authority is a very fast port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts.

One of the fastest port scanners with host discovery on the market! Host discovery is typically performed in less than 5 seconds. If the device you're scanning drops packets, it takes about 10 seconds to scan 1000 ports. If the device you're scanning rejects packets, it takes less than 30 seconds to scan all 65,535 ports!

Port Authority has no ads and will never have ads. It requires extremely limited permissions since it only needs to interact with your network. The internals are designed to take advantage of today's modern phones/tablets with multiple cores to ensure you can scan your network as fast as possible.

Features

Heavily threaded, no more waiting for results one at a time
LAN host discovery
Public IP discovery
MAC address vendor detection
LAN/WAN host TCP port scanning
Custom port range scans
Open discovered HTTP(S) services to browser
Lightweight service fingerprinting (SSH/HTTP(S) server type and version)
DNS record lookups supporting almost every record type
Wake-on-LAN for LAN hosts

How are scans so fast?

This application makes heavy use of threading. Because most of the operations performed are I/O bound a lot more threads can be used than the number of cores on a device. In fact, one of the most intensive parts of the application is updating the UI during scans. This has gone through many optimizations but still remains a bit of a hotspot.

How is my public IP discovered? I'm worried about my privacy

I now use my own service that's 100% open source! I decided to create and switch to this due to some concerns about the original service that was being used.

I have a lower end and/or older device, will this work?

Absolutely! Just lower the number of threads that are used for port scans in the settings. I'm always working on improving the efficiency and memory footprint of the application, and things have been greatly improved since the original version!

I keep getting crashes when scanning a large range of ports

The crash is most likely an out of memory exception that is occurring due to using too many threads. Lower your port scan thread count in the settings. The right value will be highly dependent on the device and its hardware.

I'm getting a warning that says this application is trying to send email

A few users have reported that a warning pops up on their device, warning them that this application is trying to send mail. This is caused by various security software so you can be assured (or just look at the code yourself) that I'm not sending mail.

Some security software looks at where traffic is coming and going from the device and takes certain actions for certain cases. If you're running any kind of port scan that includes port 25 (SMTP) this will most likely be flagged. Even though no data is being sent to that port the security software will see an outbound connection to an SMTP service and throw up a warning. Obviously this is a very bad check but some security tools are better than others and may actually look for data flowing out to port 25 to see if there's really anything happening.

I'm not finding some of the hosts/devices on my LAN

I've recently added in a setting to control the timeout for connections made to hosts on your LAN. If you're finding that some devices aren't responding in time you should increase the timeout, just be aware that it will cause host scans to take longer. In some cases it may be worth trading time for accuracy.

I'm not finding open ports that I know are truly open

You can now adjust the timeout for connections made to ports when performing either LAN or WAN scans. If you're scanning something over WAN (mobile network if you're using a cell phone) please be aware that scanning is best effort. Mobile carriers may detect that a real port scan is occurring and apply traffic shaping dynamically, or they may just start terminating the connections entirely. Additionally, if you happen to have poor signal or to not have 4G the quality of the network connection may be so poor that you'll need to have a fairly high timeout in order to tolerate latency spikes.

Note that increasing the connection timeout for either LAN or WAN scans will cause the port scan to take longer. Ideally you shouldn't need to increase the timeout for LAN scans but it might be needed for certain devices/environments.

Donate

Like the application and the work I put into it? Consider purchasing the donate version:

Contributing

Contributions of any kind are welcome! Please submit any pull requests to the development branch. This means that modifications need to be done either on a new branch based off of development or on the development branch directly.

Privacy

This app does not track, collect, or share any data it comes across with anyone or anything. There are no ads or analytics trackers in this software. The service used to determine your public IP address is open source and is 100% stateless.

portauthority's People

Contributors

Stargazers

Watchers

Forkers

septolum clare1806 fat-tire ocdtrekkie gelahcem jonathan727 sabrinalua cotsog terry2012 naofum vaginessa kidhanis dcwebapps bacall213 bartoloni venkatasudha rd-mobile-alex putaodoudou fqxp davedacoda acidburn0zzz thesaadarshad primekun ironpatriot zentech nileshrepo regisnogueira aossp darakshananwar13 mimikridev 12hemang maxto024 zhaohao007 pinklite gregory-k angeelgarr webstorage119 muhammadmahad udev2019 mimisworld17 joaopedrotaveira stratos42 kl3jvi rebeltat hongdongni ansuman87 baylee4 ets-android2 n1nj2 ambagasdowa global-localhost global19 global19-atlassian-net multiobj sarahi2849 0xrustlang bhavik-techark madmini zongou becauro adnanamin69 mita234 ilakkiyanilamaran winlover32 linchen00

portauthority's Issues

Better support for small screens

Related to #34, there could be more things done to improve the layout on small devices/screens.

Opened ports sometimes not visible

Some users have reported not being able to see the opened ports in the list (black text on black background). This seems to happen with the Nexus 5x. Probably an appcompat issue...

DNS lookups

Provide new features for looking up various DNS records.

Need "Clear result" button.

[Discover lan status][Clear all]<--- this

Port-Range / TCP/UDP

Hi there i've noticed a few things that would need a little enhancement if you ask me :)

Possibility to "type in" Port Range is there, but the app freezes rather quickly after having only scanned about 500-to-2000 ports of the possible 65535.
Possibility to select TCP/UDP (if it isnt already scanning for both)
Iam not sure if you conceptualized "Port-Authority" as an Intranet-only Port-Scanner but if not it would be really nice to be able to scan the own Server from the outside.

Other than that its a great tool which is extremly handy if you want to know the IP of the host(s) that are up on your local network ALTHOUGH the host name resolution is still kinda buggy (most networks except for the router are named "localhost")

Have a nice day! 👍

Consistent icons

Unicode icons are nice and easy but are not consistent across devices (and may not work on some!)

Support all private networks

AFAIK the app only supports 192.168.. at the moment, But not the other private networks. At least it failed in my 10...* net. More precisely it only scanned the first 255 hosts in the net.

Here a nice list of private networks in IPv4:
https://en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces

It would be great if the app would change the range of IP addresses according to the net.

Discovered Hosts

How about ascending or descending hosts? Would be great to get Hostname directly in the discover overview. How about opening port eighty directly to browser? Im missing this feature.

Screen real-estate on 848×480 device

I use an old device with 848×480 screen, on which Port Authority (1.7.2 from f-droid) works great, except that the latest release leaves very little space to display the list of devices found. The list of discovered hosts covers 21% of the screen height in portrait mode (and 0% in landscape mode). The status bar + title + "Discover hosts" button have 23%. The "Device info" section uses the rest (56%).
Would it be possible to either disable the "Device info" section when displaying the host list, or using standard font size (title, etc.), or using shorter labels/no line wrap in the "Device info" section ("MAC Address" is uselessly split in 2 lines, horizontal lines take a lot of space, etc.), in order to have a really suable list of devices found ?
TIA

crash on selecting hosts with "_" in hostname.

After scanning hosts, when tap on host with symbol "_" in hostname for ports scanning application crashed.
Android 5.0.1 Nexus 5.

Remove "External IP Address" access.

I just want a simple port checker app for my network.
I don't want any app to connect outside(Internet) without my permission.

Where does this app connect to check external IP?
Consider removing it or let user to disable it before connection.

Automatic updating of OUI database

Build in functionality to allow for users to update the MAC vendor DB themselves so that it doesn't need to be updated in a separate release.

Closely related to #41.

Show total number of discovered hosts

Display MAC address vendor for the discovered LAN hosts

I am sorry to bring this one up again, but it seems that I should have specified in my previous request.

#26

Can we please get the MAC address vendor for the: DISCOVERED LAN HOSTS
in the main device info page? The reason I ask is that sometimes the host name for some devices does not display on the main page. Instead it displays the internal IP address of the device. On a network with many of these said devices, having the MAC vendor will make it easier to know which device it is.

Checkbox is black in settings for some devices

Some devices aren't showing the checkboxes as they're colored black (black on black = invisible). Due to an AppCompat theme issue.

Attach APK to release?

Would you consider including the .apk file with the releases/ – for those running their devices "Google-free" and thus having no Play Store access? I'd then even include it here, so people can use the F-Droid client to stay updated automatically 😇 Thanks in advance!

Switch to Volley

Apache HTTP lib is deprecated.

Update the vendor database?

When was the last time it was updated? A lot of my devices show up as not in the database.

Option to disable MAC address lookup

Could occur at first app start (opt-in) and/or in a settings menu (opt-out). Some users may not want MAC info automatically shared invisibly with a third party.

port-range 1.5.2

in the file HostActivity in line 159 "if((startPort - stopPort >= 0)) {"

should be a "<=" because stopPort must be greater than startPort.
btw nice work

App hangs after ~4000 scanned ports

Theoretically, you should have also just received my feedback.

Allow automatic updating of port database and custom labeling of ports.

The port database should be updated automatically from IANA, and users should be able to custom label higher ports. This will be useful for LAN auditing and allowing users to keep track of what services are where in their LAN.

Port scan does not show all open ports

Hello, I'm using Port Authority 1.5.0 (thank you) on a Nexus, 5 5.1.1.

When I run a port scan on a known host, not all open ports are shown.

Even if I use the Scan Port Range specifically covering the open ports, they do not show on the list, although I can see in the host (tshark) that it did SYN,ACK the probes.

For example, Scan Well Known Ports only gives me:
143 - imap
22 - ssh
25 - smtp
53 - domain
80 - http

Scan Port Range from 1 - 1024 results in the same list.

Nevertheless, I have more ports open as the nmap (from other host in the same subnet) shows:
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
143/tcp open imap
443/tcp open https
587/tcp open submission
993/tcp open imaps
3128/tcp open squid-http
3306/tcp open mysql
5222/tcp open xmpp-client
9090/tcp open zeus-admin
9091/tcp open xmltec-xmlmail

If I look at tshark on the target host, while doing for example a Port Authority scan in the range 9089-9092, I get this:

Capturing on 'eth1'
1 0.000000 192.168.168.30 -> 192.168.168.1 TCP 74 46612→9089 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM=1 TSval=13716725 TSecr=0 WS=64
2 0.000044 192.168.168.1 -> 192.168.168.30 TCP 54 9089→46612 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
3 0.000171 192.168.168.30 -> 192.168.168.1 TCP 74 60554→9091 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM=1 TSval=13716725 TSecr=0 WS=64
4 0.000216 192.168.168.1 -> 192.168.168.30 TCP 74 9091→60554 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=670147978 TSecr=13716725 WS=128
5 0.000556 192.168.168.30 -> 192.168.168.1 TCP 74 55836→9090 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM=1 TSval=13716725 TSecr=0 WS=64
6 0.000589 192.168.168.1 -> 192.168.168.30 TCP 74 9090→55836 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=670147978 TSecr=13716725 WS=128
7 0.000611 192.168.168.30 -> 192.168.168.1 TCP 74 35060→9092 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM=1 TSval=13716725 TSecr=0 WS=64
8 0.000638 192.168.168.1 -> 192.168.168.30 TCP 54 9092→35060 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
9 0.002448 192.168.168.30 -> 192.168.168.1 TCP 66 60554→9091 [ACK] Seq=1 Ack=1 Win=87616 Len=0 TSval=13716726 TSecr=670147978
10 0.002565 192.168.168.30 -> 192.168.168.1 TCP 66 55836→9090 [ACK] Seq=1 Ack=1 Win=87616 Len=0 TSval=13716726 TSecr=670147978
11 0.002807 192.168.168.30 -> 192.168.168.1 TCP 66 60554→9091 [FIN, ACK] Seq=1 Ack=1 Win=87616 Len=0 TSval=13716726 TSecr=670147978
12 0.002937 192.168.168.30 -> 192.168.168.1 TCP 66 55836→9090 [FIN, ACK] Seq=1 Ack=1 Win=87616 Len=0 TSval=13716726 TSecr=670147978
13 0.003144 192.168.168.1 -> 192.168.168.30 TCP 66 9090→55836 [FIN, ACK] Seq=1 Ack=2 Win=29056 Len=0 TSval=670147979 TSecr=13716726
14 0.005853 192.168.168.1 -> 192.168.168.30 TCP 66 9091→60554 [FIN, ACK] Seq=1 Ack=2 Win=29056 Len=0 TSval=670147979 TSecr=13716726
15 0.006044 192.168.168.30 -> 192.168.168.1 TCP 66 55836→9090 [ACK] Seq=2 Ack=2 Win=87616 Len=0 TSval=13716726 TSecr=670147979
16 0.007130 192.168.168.30 -> 192.168.168.1 TCP 66 60554→9091 [ACK] Seq=2 Ack=2 Win=87616 Len=0 TSval=13716726 TSecr=670147979

Server responded on ports 9090 and 9091, but they do not show on Port Authority as opened.

I can also access the server from the phone at port 9091 (Openfire administration web interface), so there is no blocking between them.

If you need any extra debugging info please let me know.

Best regards,
Joao S Veiga

Multistage host scanning

The ARP scan by itself does not seem to be reliable enough for some people and their networks. Implement a multistage scan where ICMP is used in addition to ARP.

Question about Code

Hello, I was just trying to understand code but I didnt get the part where u defined NUM_THREADS variable as 16 in ScanHostAsynTask.java. why is it 16? and also String parts[] = ip.split("."); in this line what exactly does this do ? thanks in advance. my eternal respect...

Potential Privacy issue

I saw the commit that will track ANRs, crashes, ect. Will this be an opt-in thing or at least optional as this is a privacy issue and I do not install apps that track and record any of my activity

15d16ec

Allow sorting of discovered hosts

Some users have expressed interest in being able to sort hosts ascending/descending. Related to #17 (comment)

Make socket timeouts configurable

Expose an option to allow users to tweak the timeout for host and port scans.

Force close on Android Lollipop

After starting the app it's closed. Here the logcat:

01-13 09:43:30.138 I/Timeline(14923): Timeline: Activity_launch_request id:com.aaronjwood.portauthority time:44255178
01-13 09:43:30.138 I/ActivityManager(2286): START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10000000 pkg=com.aaronjwood.portauthority cmp=com.aaronjwood.portauthority/.activity.MainActivity} from uid 10137 on display 0
01-13 09:43:30.198 I/ActivityManager(2286): Start proc com.aaronjwood.portauthority for activity com.aaronjwood.portauthority/.activity.MainActivity: pid=18992 uid=10332 gids={50332, 9997, 3003} abi=armeabi-v7a
01-13 09:43:30.328 E/AndroidRuntime(18992): Process: com.aaronjwood.portauthority, PID: 18992
01-13 09:43:30.328 E/AndroidRuntime(18992): at com.aaronjwood.portauthority.a.a.a(Unknown Source)
01-13 09:43:30.328 E/AndroidRuntime(18992): at com.aaronjwood.portauthority.a.a.doInBackground(Unknown Source)
01-13 09:43:30.338 W/ActivityManager(2286): Force finishing activity com.aaronjwood.portauthority/.activity.MainActivity
01-13 09:43:30.648 I/WindowManager(2286): Screenshot max retries 4 of Token{ed04fb8 ActivityRecord{39cd021b u0 com.aaronjwood.portauthority/.activity.MainActivity t1400 f}} appWin=Window{1ff42e82 u0 com.aaronjwood.portauthority/com.aaronjwood.portauthority.activity.MainActivity} drawState=3
01-13 09:43:30.998 I/Timeline(2286): Timeline: Activity_windows_visible id: ActivityRecord{39cd021b u0 com.aaronjwood.portauthority/.activity.MainActivity t1400 f} time:44256044
01-13 09:43:31.908 I/ActivityManager(2286): Process com.aaronjwood.portauthority (pid 18992) has died
01-13 09:43:32.458 W/PackageManager(2483): Failure retrieving resources for com.aaronjwood.portauthority: Resource ID #0x0

Allow user-specified network range host discovery

Related to #5

Non RR types cause a crash

https://github.com/dnsjava/dnsjava/blob/master/org/xbill/DNS/Type.java#L362

Switch to discard protocol via UDP for host scans

Should help reduce the amount of network traffic required for host scans and slightly reduce load on the users device.

Show the service banners of open ports

How about reading service banners from connected sockets ?
Like: SSH-2.0-OpenSSH_6.7

MAC address lookup privacy

Does the MAC lookup send the entire MAC address? If so, that may be a security risk. Only the first three octets are needed to identify the vendor.

Crash on scanning host address (192.168.1.1)

The app crashes on scanning 192.168.1.1 OpenWRT router address.

Hostname support

Is it possible to add hostname support? It would be really useful, eg finding a specific computer that has a variable IP address

NIC Database

How about including the NIC database from http://download.lamatricexiste.info/nic.db.gz (with possibility to update it manually and/or automatically) and displaying the manufacturer of each network card in the scan list ?

LAN Host discovery

Hello,
your app doesn't use the subnet mask to scan all the devices in the subnet, apparently it only scans 255 (gateway + ip subnet of device) hosts.
i got a /20 subnet so it should theoretically ping 4096 devices...

kind regards

Martin

Netmask sometimes returns 0

https://github.com/aaronjwood/PortAuthority/blob/development/app/src/main/java/com/aaronjwood/portauthority/network/Wireless.java#L156

https://code.google.com/p/android/issues/detail?id=82477

Theme switcher

Some users have requested for the ability to switch between a dark and light theme.

Refine Error message

I run 1.4.0 from fdroid.

When i am not in a wifi network, but connected with mobile broadband the app throws an error.

Its something like "You are not connected to a network".

Which is wrong. You are connected to the mobile network.

"You are not connected to a wifi network" would be correct.

 Hostnam
 e

And for the name it would be handy if the app breaks at - and . In this case after "static".