Register
It is currently Tue Sep 30, 2014 3:56 pm

Random IP, single port scanner to filter in OPEN port IPs


All times are UTC - 6 hours


Post new topic Reply to topic  [ 9 posts ] 
Author Message
 PostPosted: Tue Jun 26, 2012 4:00 pm   

Joined: Tue Jun 26, 2012 2:55 pm
Posts: 7
Threw this together just a bit ago to make ease of scanning and filtering out the closed ports of any number of random IPs.. It's probably not the best coded script and would definitely LOVE to hear of other, more efficient ways to lay it out!

Some scrots..

Image

Image

Image

Code:
#!/bin/bash

clear
echo -e "\e[1;34m#########################################################################"
echo -e "#                                                                       #"
echo -e "#           \E[1;3;34mScanning utility to find open ports on random IPs\e[1;34m           #"
echo -e "#                                 \e[0;5;32m-n1x4\e[0m\e[1;34m                                 #"
echo -e "#########################################################################\e[0m"
echo ""
echo ""

function target {
echo -n -e  "\E[1;4;37mEnter the number of random IPs you wish to scan.\E[0m\n>"
read TARGETS
}

function port {
echo -n -e "\e[1;4;37mEnter the port you wish to scan for.\e[0m\n>"
read PRT
}

function filename {
echo -n -e "\e[1;4;37mEnter grepable filename.\e[0m\n>"
read FILE
}

target
echo ""
port
echo ""
filename
clear

function nmap1 {
     nmap  -Pn -p$PRT -iR $TARGETS -oG ~/nmap/$FILE &>/dev/null
}

echo -e "\E[0;5;31mScanning\E[0m\nPlease be patient."
nmap1
clear

function grep1 {
    grep -E '/open/' ~/nmap/$FILE | awk '{print $2}' >> ~/nmap/$FILE-open
}

grep1
clear

function open {
cat ~/nmap/$FILE-open | wc -l
}

if [ $(open) = 0 ]; then
   echo -e "There were \e[1;5;35mNO\e[0m open services found on port $PRT out of $TARGETS IPs."
   else
        cat ~/nmap/$FILE-open
        echo -e "Scanned $TARGETS IPs and found \e[1;4;31m$(open)\e[0m with open services."
fi

rm -r ~/nmap/$FILE
rm -r ~/namp/$FILE-open


Top
 Profile WWW  
 PostPosted: Wed Jun 27, 2012 3:41 am   

Joined: Mon Nov 30, 2009 4:06 am
Posts: 16
This gave the heading OK but the prompts did not show?
Didn't get a patient message either

Get 3 red lines which I enter on and then off it goes but no results

Maybe I'm not starting it right

./scanopenports.sh


Top
 Profile  
 PostPosted: Wed Jun 27, 2012 8:13 am   

Joined: Tue Jun 26, 2012 2:55 pm
Posts: 7
Did you copy/paste it right?

also,

I forgot to mention, I did a last minute change in this one.. Before you run it, make an nmap dir in home folder.
Code:
mkdir ~/nmap


Top
 Profile WWW  
 PostPosted: Wed Jun 27, 2012 3:02 pm   

Joined: Mon Nov 30, 2009 4:06 am
Posts: 16
Yep re-copied it to be sure
I dont understand a lot of the script but I should be getting prompts.
Running Puppy 5.31
here is a screen shot
(I moved the hashes (#) just a little )
Attachment:
screenofscanner.jpg


You do not have the required permissions to view the files attached to this post.


Top
 Profile  
 PostPosted: Wed Jun 27, 2012 3:42 pm   

Joined: Tue Jun 26, 2012 2:55 pm
Posts: 7
LOL..... It works just fine... Your terminal colors are getting in the way of the 'text'. The red line you see is the 'underlining' of the words. If you highlight them with your mouse you'll see. Try changing the terminal colors or changing the colors of text in the script.

Code:
\E[1;4;37m

translated.. Bold;Underline;White

try changing 37m to 31m
Code:
\E[1;4;31m


**EDIT**
A simple list of colors for ya
Code:
Black       0;30     Dark Gray     1;30
Blue        0;34     Light Blue    1;34
Green       0;32     Light Green   1;32
Cyan        0;36     Light Cyan    1;36
Red         0;31     Light Red     1;31
Purple      0;35     Light Purple  1;35
Brown       0;33     Yellow        1;33
Light Gray  0;37     White         1;37


Top
 Profile WWW  
 PostPosted: Wed Jun 27, 2012 11:55 pm   

Joined: Mon Nov 30, 2009 4:06 am
Posts: 16
Me think it mazing!


Top
 Profile  
 PostPosted: Thu Jun 28, 2012 7:51 am   

Joined: Tue Jun 26, 2012 2:55 pm
Posts: 7
Thanks man.

##########UPDATE##########

Added 'true open port' verification and banner grabbing (optional of course). 'True open port' meaning that the port is actually OPEN and receiving connections and doesn't just hang there with "Escape character is '^]'." As you can see from the pics, the first IP was not actually open so it didn't get displayed. The code is a little jarbbled atm but I'm really tired, I'll work on better extracting the banners with IPs in the AM. If any of you find any problems with it, please don't hesitate to let me know :P

You'll need netcat if not installed already. Also, it creates 2 files in ~/nmap/, one called 'list' and the other 'banners'. "list" has all the grabbed info from the scans and "banners" has the grepped info which is displayed. Like I said, it still needs some work.. :s

Image

Image

Zeh cood
Code:
#!/bin/bash
## Just some random, simple nmap bullshit brought to you from n1x4
clear
echo -e "\e[1;34m#########################################################################"
echo -e "#                                                                       #"
echo -e "#           \E[1;3;34mScanning utility to find open ports on random IPs\e[1;34m           #"
echo -e "#                                 \e[0;5;32m-n1x4\e[0m\e[1;34m                                 #"
echo -e "#########################################################################\e[0m"
echo ""
echo ""

function target {
echo -n -e  "\E[1;4;37mEnter the number of random IPs you wish to scan.\E[0m\n>"
read TARGETS
}

function port {
echo -n -e "\e[1;4;37mEnter the port you wish to scan for.\e[0m\n>"
read PRT
}

function filename {
echo -n -e "\e[1;4;37mEnter grepable filename.\e[0m\n>"
read FILE
}

target
echo ""
port
echo ""
filename
clear

function nmap1 {
     nmap  -Pn -p$PRT -iR $TARGETS -oG ~/nmap/$FILE &>/dev/null
}

echo -e "\E[0;5;31mScanning\E[0m\nPlease be patient."
nmap1
clear

function grep1 {
    grep -E '/open/' ~/nmap/$FILE | awk '{print $2}' >> ~/nmap/$FILE-open
}

grep1
clear

function open {
cat ~/nmap/$FILE-open | wc -l
}


######################### Banner grabbing stuff ####################################

function nca {
    echo $ip
    timeout 2 nc -T $ip $PRT; echo -e -n "\n"
}

function ncat2 {
    echo ''
    list=list
for ip in $(cat ~/nmap/$FILE-open); do
    nca
done >> ~/nmap/$list
}

function cat_ncat {
    cat ~/nmap/$list | wc -l
}

function grep_cat {
    grep -E -B4 'User|user|Login|login|Password|password|PASSCODE|passcode' ~/nmap/$list >> ~/nmap/banners
    cat ~/nmap/banners
}

function 23-serv {
    echo ''
    echo -n -e "\e[1;33mConfirm validity of open ports and attempt to grab banners?\e[0;m [y/n]\n>"
    read CONT
      if [ $CONT = y ]; then
      clear
      echo -n -e "\e[0;5;31mConfiming open port status and mapping out banners, if present.\e[0m"
      ncat2
      else
      echo -n -e "Bye.\n"
      rm -rf ~/nmap/$FILE ~/nmap/$FILE-open
      sleep 1s
      exit
fi
}

function grab {
    if [ $(cat_ncat) > 0 ]; then
      echo ''
      grep_cat
      else
      echo -n - "Nothing!\n"
fi
}


if [ $(open) = 0 ]; then
     echo -n -e "There were \e[1;5;35mNO\e[0m open services found on port $PRT out of $TARGETS IPs.\n"
     sleep 1s
     exit
else
     cat ~/nmap/$FILE-open
     echo -n -e "Scanned $TARGETS IPs and found \e[1;4;31m$(open)\e[0m with open services."
     echo -n -e ""
     23-serv
     grab
fi


rm -rf ~/nmap/$FILE
rm -rf ~/nmap/$FILE-open
#rm -rf ~/nmap/list
exit


Top
 Profile WWW  
 PostPosted: Fri Jun 29, 2012 9:32 pm   

Joined: Mon Nov 30, 2009 4:06 am
Posts: 16
I guess I must be doing something wrong .
I have tried this about 20 times with various choices 10000 ,100000
Various ports 443, 143, 110,79,53,25,22,21 and others

and I have not had one open port .
I do not ever get the "scanning please be patient" message
I am behind a firewall on a linux machine running Puppy linux 5.31

What am I doing wrong?

EDIT
Makes a difference when you install "nmap" program doesn't it


Last edited by tytower on Sat Jun 30, 2012 3:04 pm, edited 1 time in total.

Top
 Profile  
 PostPosted: Sat Jun 30, 2012 9:59 am   

Joined: Tue Jun 26, 2012 2:55 pm
Posts: 7
Ummm, it's hard telling man! Here, wrote this one last night, see if it works for you. It performs sanity checks and also creates the nmap dir if you haven't already... The usage is a little different too. Instead of the UI, just enter the options in the command line.. It's not totally done yet, still have some shit to work out on the -h flag but other than that, it works fine...

Usage:
Code:
scan.sh <number of IPs to scan> <port> <file>


Code:

#!/bin/bash
# New type of scanning device with sanity checks
# Declaration of variables
declare -rx nmap="/usr/bin/nmap"
declare -rx nc="/usr/bin/nc"

# Sanity check
if test -z $BASH ; then
    echo -e "$SCRIPT:$LINENO: please use this script with BASH shell.\n"
    exit 192
fi

if test ! -x $nmap ; then
    echo -e "$SCRIPT:$LINENO: $nmap is not available - aborting!\n"
    exit 192
fi

if test ! -x $nc ; then
    echo -e "$SCRIPT:$LINENO: $nc is not available - aborting!\n"
    exit 192
fi

#Define input variables
IP=$1
PORT=$2
FILE=$3
nmap_dir="$HOME/nmap"

#Check if nmap directory exists
if [ ! -d "$nmap_dir" ]; then
    mkdir $HOME/nmap
fi

#Defining actions with functions, looks cleaner.
function grep_data() {
    echo -e "Grepping.\n"
    grep -E '/open/' $nmap_dir/$FILE | awk '{print $2}' >> $nmap_dir/$FILE-open
    echo -e "Done.\n"
}

function open() {
    cat $nmap_dir/$FILE-open | wc -l
}

function open_check() {
    echo $ip
    timeout 2 nc -T $ip $PORT ; echo -e "\n"
}

function banner() {
    echo -e "Grabbing banners.\n"
    grep -E -B4 'User|user|Login|login|Password|password|PASSCODE|passcode' $nmap_dir/$list >> $nmap_dir/banners
    cat $nmap_dir/banners
}

function check() {
    list=list
for ip in $(cat $nmap_dir/$FILE-open); do
    #echo -e "Checking for open ports.\n"
    open_check
done >> $nmap_dir/$list

banner
}

#User input
case $1 in
   -h)
      echo -e "USAGE: 'script.sh' [number of random IPs] [Port to scan] [File to output data]\n";;
    *)
      clear
      echo -e "\e[0;5;31mScanning\e[0m\n"
      nmap -iR $IP -p$PORT -oG $nmap_dir/$FILE 2&>/dev/null
      clear;;
esac

grep_data
rm $nmap_dir/$FILE

if [ $(open) = 0 ]; then
    echo -e "Nothing!\n"
    rm $nmap_dir/$FILE-open
    exit
else
    check
    rm $nmap_dir/$list
fi

exit 0


Top
 Profile WWW  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 9 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: Google [Bot] and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron


BashScripts | Promote Your Page Too
Powered by phpBB © 2011 phpBB Group
© 2003 - 2011 USA LINUX USERS GROUP