Arduino Network Vulnerability Scanner
This Arduino code simulates a network reconnaissance system. When deployed, it scans the local network for vulnerable entry points by attempting to connect to specific target ports on each device within the network. The status of each port (open or closed) is monitored, and any changes are reported. This system provides a basic understanding of network security concepts and can be a starting point for building more advanced network monitoring and defense systems. You can integrate this functionality into your webpage to showcase how network scanning works and illustrate the importance of securing network devices.
This code is provided for educational purposes only. The primary intent of this code is to demonstrate basic networking concepts, such as port scanning, and to promote understanding of network security principles. The use of this code for any malicious, unauthorized, or illegal activities is strictly prohibited.
Any use of this code for unauthorized scanning, intrusion, or exploitation of networks or systems without proper authorization is unethical and may violate applicable laws and regulations.
By using this code, you agree to use it responsibly and legally, with proper authorization and consent from the network owner or administrator. The creators and contributors of this code shall not be held responsible for any misuse or unauthorized use of this code.
In the provided picture, the serial output from the Arduino code is displayed within the PuTTY application. The output shows the progress of the network scanning process and provides information about open ports detected on the local network.
Serial Output Messages: The serial output displays messages indicating various stages of the scanning process. These messages include:
Information about the target IP addresses and ports being scanned.
Notifications about successful or failed connections to specific ports on each IP address.
Reports on detected vulnerabilities (open ports) and restored security (closed ports).
Usage for Good:
Educational Tool: This program serves as an educational tool for understanding basic network security concepts such as port scanning and vulnerability assessment.
Network Monitoring: It can be used by network administrators to monitor their networks for unexpected open ports, potentially indicating unauthorized access or security vulnerabilities.
Security Testing: Ethical hackers and security professionals can utilize this program for conducting controlled penetration testing and vulnerability assessments on their own networks or systems.
Usage for Bad:
Malicious Exploitation: In the wrong hands, this program could be used for malicious purposes, such as:
Unauthorized Access: Scanning for open ports to identify potential entry points for unauthorized access to networks or systems.
Network Intrusion: Identifying vulnerabilities in network infrastructure to exploit and gain unauthorized access to sensitive information or resources.
Denial of Service (DoS) Attacks: Identifying and exploiting open ports to launch denial of service attacks against networked devices or services.
Illegal Activities: Using the program to conduct unauthorized scanning or exploitation of networks or systems without permission could lead to legal consequences.
Extensions and Improvements:
Enhanced Functionality: The program can be extended and improved in various ways, such as adding features for:
Service Identification: Identifying specific services running on open ports to provide more detailed information about potential vulnerabilities.
Reporting and Logging: Implementing mechanisms to log scan results and generate reports for further analysis and action.
Automated Response: Integrating automated response mechanisms to mitigate detected threats or vulnerabilities, such as blocking suspicious IP addresses or services.
User Interface: Developing a user-friendly interface for easier interaction and configuration of the scanning process.
Overall, while the program has the potential for both good and bad applications, it primarily serves as an educational tool for understanding network security principles and conducting responsible security testing. It's essential to use such tools ethically and legally, with proper authorization and consent.
Arduino code below with detailed comments explaining each part to someone who's new to programming
#include <SPI.h>
#include <EthernetV2_0.h>
#include <EthernetUdpV2_0.h>
const int greenLEDPin = 7; // Initiating stealth mode: Activating cloaking system...
const int redLEDPin = 8; // Initializing intruder alert system...
byte mac[] = {0xDE, 0xAD, 0xBE, 0xEF, 0xFE, 0xED}; // Deploying MAC spoofing protocol...
EthernetUDP Udp;
const int numPorts = 4;
int targetPorts[numPorts] = {21, 22, 23, 3389}; // Targeting critical infrastructure ports...
bool portStatus[numPorts];
void setup() {
Serial.begin(9600);
Serial.println("");
Serial.println("Deploying MAC spoofing protocol...0xDE, 0xAD, 0xBE, 0xEF, 0xFE, 0xED");
Serial.println("");
Serial.println(" _____ ");
Serial.println(" / \\");
Serial.println("| () () |");
Serial.println(" \\ ^ / ");
Serial.println(" ||||| ");
Serial.println(" ||||| ");
Serial.println(" \\___/ ");
Serial.println("");
Serial.println("Establishing Serial channel: Waiting for connection...");
while (!Serial) {
; // Establishing secure channel: Waiting for encrypted connection...
}
pinMode(greenLEDPin, OUTPUT); // Activating surveillance beacon...
pinMode(redLEDPin, OUTPUT); // Initializing defense mechanism...
if (Ethernet.begin(mac) == 0) {
Serial.println("");
Serial.println("Failed to configure Ethernet using DHCP");
digitalWrite(redLEDPin, HIGH); // Triggering security breach protocol...
// No point in carrying on, so do nothing forevermore:
while (true) {
delay(10);
}
}
delay(1000);
Serial.print("DHCP Access granted: IP address is: ");
Serial.println(Ethernet.localIP()); // Covert operation established: Revealing IP address...
Serial.println("");
Serial.println("Initiating reconnaissance: Starting port scan..."); // Commencing network sweep...
digitalWrite(greenLEDPin, HIGH); // Disabling detection systems...
Serial.println("Light is green, Starting port scan..."); // Commencing network sweep...
}
void loop() {
// Conducting network infiltration: Scanning for vulnerable entry points...
for (int i = 0; i < numPorts; i++) {
for (int octet = 1; octet <= 254; octet++) {
IPAddress targetIP(Ethernet.localIP()[0], Ethernet.localIP()[1], Ethernet.localIP()[2], octet);
Serial.print("Executing probing sequence: Target IP: ");
Serial.print(targetIP); // Engaging target IP...
Serial.print(" Port: ");
Serial.println(targetPorts[i]); // Targeting specified port...
if (probePort(targetIP, targetPorts[i])) {
if (!portStatus[i]) {
Serial.print("Vulnerability detected: Port ");
Serial.print(targetPorts[i]);
Serial.print(" breached on IP address: ");
Serial.println(targetIP); // Intrusion successful: Port open...
portStatus[i] = true;
}
} else {
if (portStatus[i]) {
Serial.print("Security restored: Port ");
Serial.print(targetPorts[i]);
Serial.print(" secured on IP address: ");
Serial.println(targetIP); // Countermeasure activated: Port closed...
portStatus[i] = false;
}
}
}
}
delay(2000); // Tactical pause: Cooldown period...
}
bool probePort(IPAddress ip, int port) {
EthernetClient client;
if (client.connect(ip, port)) {
client.stop();
return true;
}
return false;
}
Now, let's go through each part:
Initialization:
The code starts by including necessary libraries for Ethernet communication and UDP.
Setup Function:
Initializes serial communication for debugging purposes.
Sets up pin modes for two LEDs, one for indicating successful scans (green LED) and the other for indicating failures or security breaches (red LED).
Attempts to configure Ethernet using DHCP (Dynamic Host Configuration Protocol) to obtain an IP address for the Arduino on the local network.
If Ethernet configuration fails, it triggers the red LED and enters an infinite loop, indicating a failure.
Upon successful Ethernet configuration, it prints the assigned IP address of the Arduino to the serial monitor.
It then starts scanning for open ports on the local network.
Loop Function:
The main loop continuously executes the port scanning process.
It iterates through each target port defined in the targetPorts array.
For each port, it iterates through the IP addresses in the local subnet (from 1 to 254 in the last octet).
It attempts to connect to each IP address and port using the probePort() function.
If a connection is successful, indicating an open port, it prints a message indicating a vulnerability detected and updates the port status.
If a connection fails, indicating a closed port, it prints a message indicating security restored and updates the port status.
After scanning all ports and IP addresses, it pauses for 2 seconds before starting the next scan cycle.
Probe Port Function:
The probePort() function attempts to connect to a given IP address and port using an Ethernet client object.
If the connection is successful, it returns true, indicating an open port.
If the connection fails, it returns false, indicating a closed port.
Serial Output:
Throughout the code, it provides detailed serial output messages to indicate the progress of the scanning process, including IP addresses, target ports, and scan results.
Donate
If you've enjoyed exploring my Arduino projects and want to see more amazing creations, your support can make a big difference! By contributing, you're helping me continue to innovate and bring even more exciting projects to life. Together, we can explore the endless possibilities of DIY electronics! Don't forget to like, subscribe, and follow for updates on the latest developments. Thank you for being a part of this journey!
Click here to make a difference with your donation today!