Online Javascript LAN scanner

Background

I’ve really enjoyed making this tool, it started off as a port scanner then it evolved into a router scanner and now I’ve decided to accept any device on a LAN. The code now works on Firefox and IE7 (which was a pain), I haven’t managed to test it on any other browser so please leave a comment if you find any problems.

Technical details

The script now places images and iframes directly in the document to allow IE7 to use the onload handler, it wasn’t easy however because blank objects call the onload function so I had to create handlers for them. It basically sets a init flag when a image or iframe is ready to be used.

The scanner accesses a IFrame to perform a generic scan of the network for known default router IP’s, once a connection has been made it then passes the IP address and performs a lookup of routers/devices based on that address. The reason I have decided to do this is because I wanted the scanner to grab as many devices as possible because it will be impossible to finger print everything.

Once a IP address has been found it passes this to the finger printing function which uses a image object to make a connection to the device to see if the finger printing graphic is there.

Performance

IE7 is super quick to scan, I think this is because timed out connections don’t affect good connections but Firefox seems to take longer, this could be my code as I’ve not had a chance to make sure it is performing at it’s best.

I feel like a Javascript ninja now, I have trained well :)

See it in action

Javascript LAN scanner

4 Responses to “Online Javascript LAN scanner”

  1. Ronald van den Heetk writes:

    Good stuff Gareth! It redirected me to my router, which is cool. I think it’s about time to have a better router password :)

    btw I liked what you did with the blog, looks cool.

  2. Gareth Heyes writes:

    Thanks Ronald, yeah I think stronger passwords for routers are going to be needed. I’m not sure what the browsers could do to protect against this sort of thing.

    Maybe the only option is to remove iframes or at least the onload handler but that would break a lot of sites. Strict checking of images could also help e.g. preventing external domains accessing private IP’s.

    Glad you like the blog :)

  3. scott writes:

    very cool, good work. I’m very interested in this project and hope it will take off. I’ve been working on my own for some time now, let me know if you want to collaborate and share ideas.

  4. Gareth Heyes writes:

    Thanks Scott yeah definitely I’d love to share ideas. This project is a GPL one and I’ll take contributions from anyone who can suggest ideas to improve it.