PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : nmap wrapper



403
31.08.09, 19:34
Hi *,

das Ding ist gestern entstanden und mehr oder weniger sinnvoll, urspruenglich sollte es einem User hier im Forum geschickt werden,
aber ich vermute der ist jetzt fertig:



,pwd
/home/403/spargel/namp-:P
, cat nmap-wrapper
#!/bin/bash -
# $Id$
# simple nmap wrapper by 403, see man nmap for details on idle scanning
# ndiff results to yesterday, this has been written for Solarix in 2009

DATE=`date +%F`
IDLESCAN="10.0.0.1:80"
PORTRANGE="-p-"
SRCPORT="53"
# non discusable options
LOGMODE="-oX log --version-intensity=0"
# Net to index
NET=192.168.0/24
# Version detection
V="-O"

usage() {
echo "usage: ./`basename $0` <nr>"
echo ""
echo "valid types are:"
echo "1 idlescan"
echo "2 localhost scan"
echo "3 specify custom options"
echo "4 udp scan"
echo "5 ping scan"
echo "6 stealth scan"
echo "7 debug scan"
echo "8 show interfaces"
exit
}

fail() {
echo "$1"
exit 1
}

version() {
min=5
test -f /usr/local/bin/nmap >/dev/null||fail "nmap not a file"
test -x /usr/local/bin/nmap >/dev/null||fail "nmap not executable"
version=`/usr/local/bin/nmap|head -1|cut -b6`

[ $version -lt 5 ] && \
fail "Greetings $USER, please update \
your nmap! (version $version<$min)"
}


# check our args, print some friendly message
[ -z $1 ] && fail "Error: need a scan type, see --rtfm for details"

# all useful scans
case $1 in
--idle|1)
export SCANTYP=idle
SCANARGS="-sI $IDLESCAN -P0 -g $SRCPORT $LOGMODE $PORTRANGE -T3 $V $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--localhost|2)
export SCANTYP=tcp_localhost
SCANARGS="-sT $LOGMODE -p 80,22,25 -T2 localhost" &&
echo "using $SCANTYP scan with $SCANARGS";;
3)
export SCANTYP=custom
export SCANARGS=$@
SCANARGS=${SCANARGS/3/""}
echo "using $SCANTYP scan with \"${SCANARGS}\"";;
--usage|--help|-h|--rtfm)
usage;;
--udp|4)
export SCANTYP=udp
SCANARGS="-sU -P0 -g $SRCPORT $LOGMODE $PORTRANGE -T3 $V $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--ping|5)
export SCANTYP=ping
SCANARGS="-sP $LOGMODE -T3 $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--para|6)
export SCANTYP=stift-tester
SCANARGS="-sS -P0 --ttl=254 -g 22 $LOGMODE -T1 $V $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--debug|7)
export SCANTYP=debug NET=127.0.0.1
SCANARGS="-sS --packet-trace -vvvv --reason -d -P0 -g 22 $LOGMODE -T3 $V $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--iflist|8)
export SCANTYP=iflist
SCANARGS="--iflist -vvvv $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--protocol|9)
export SCANTYP=protocol
SCANARGS="-sO -v $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
--prost|10)
export SCANTYP=prost
SCANARGS="-sS --scanflags SYN,SYN,SYN,SYN -g beer -v $NET" &&
echo "using $SCANTYP scan with $SCANARGS";;
esac


[ -z ${SCANARGS} ] 2>/dev/null && fail "uhh, you need to tell me something :)"
[ -z ${LOGMODE} ] 2>/dev/null && fail "when using custom scan, make sure -oN is set, or use -oN /dev/stdout"

# quick check binaries
ls /usr/local/bin/{nmap,ndiff} 2> log 1>/dev/null

[ $? -ne 0 ] && \
echo "please install `sed 's/.*\///;s/:.*//' log|tr -s '\n' '\ '` first" &&
[ -f log ] && rm log && exit

version

/usr/local/bin/nmap ${SCANARGS}

[ "$SCANTYP" = 'iflist' ] && exit
[ ! -f log ] && fail "=> Warning: scan interrupted/logfile removed"
mv -f log log.${SCANTYP}.${DATE} 2>/dev/null

YESTERDAY=`date -v-1d +%F`
# set last scan to diff against
CUSTOM_NDIFF_YESTERDAY="n"
NDIFF_YESTERDAY="log.$SCANTYP.2003-12-25"

# diff against other dates
if [ $CUSTOM_NDIFF_YESTERDAY = 'y' ]; then
YESTERDAY=$NDIFF_YESTERDAY
fi

/usr/local/bin/ndiff log.${SCANTYP}.${YESTERDAY} log.${SCANTYP}.${DATE} 2>/dev/null



Bugs, Flames bitte per PM

Gruss
403

solarix
01.09.09, 07:50
Hallo Kollege, ist eine schoene Arbeit. :-)

403
01.09.09, 19:28
eigentlich hatte ich gehofft du postest deine Variante auch hier :-)

solarix
02.09.09, 11:19
Mach ich bestimmt noch . :)

403
03.09.09, 20:17
ich schick dir per cron jeden Tag eine freundliche Mail :P

403
26.10.11, 01:46
*edit* *edit* *edit*