-
Notifications
You must be signed in to change notification settings - Fork 4
/
nmap-scanner.sh
65 lines (51 loc) · 2.94 KB
/
nmap-scanner.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env bash
# accepts a range like eg. 10.10.0.0/16
# TODO add in checking to make sure the correct input is given. - Completed
# TODO figure out nmap performance options to get scans down to a better number
# TODO Fix script to handle ranges that have 3 digits like eg 10.100.x.x/16 this messes up the nmap scanning - Completed
# nmap scan commands from nexpose
#nmap --privileged -n -PE -PS21-23,25,53,80,88,110-111,113,135,139,143,220,264,389,443,445,449,524,585,63 6,993,995,1433,1521,1723,3306,3389,5900,8080,9100 -PU53,67-69,111,123,135,137-139,161-162,445,500,514,520,631,1434,1701,1900,4500 ,5353,49152 -sn --max-retries 3 --min-rtt-timeout 500ms --max-rtt-timeout 3000ms --initial-rtt-timeout 500ms --min-rate 450 --max-rate 15000 -oX - -v
# -PE does a ICMP ping sweep, with a privileged accnt
range="$1"
ping_sweep() {
/usr/bin/nmap -PE -sn --min-parallelism 100 --max-parallelism 256 --max-retries 3 --min-rtt-timeout 50ms --max-rtt-timeout 3000ms --initial-rtt-timeout 500ms --min-rate 450 --max-rate 15000 ${range} | egrep "scan report"|awk '{print $NF}'|tr -d '()' |tee -a ${range/\//.}.txt
}
service_version_scan() {
for i in $(cat ${range/\//.}.txt| cut -d'.' -f3|sort -n|uniq); do
echo "Number of ranges to scan: $(cat ${range/\//.}.txt| cut -d'.' -f3|sort -n|uniq|wc -l)"
echo "Starting scan of $(echo $range|cut -d'.' -f1,2).${i}.0/24"
/usr/bin/nmap -sV -sC --exclude-ports 9100-9107 --max-retries 3 --min-rtt-timeout 500ms --max-rtt-timeout 3000ms --initial-rtt-timeout 500ms --min-rate 450 --max-rate 15000 -vv $(echo $range|cut -d'.' -f1,2).${i}.0/24 -oA $(echo $range|cut -d'.' -f1,2).${i}.0.24
/usr/bin/xsltproc $(echo $range|cut -d'.' -f1,2).${i}.0.24.xml -o $(echo $range|cut -d'.' -f1,2).${i}.0.24.html; done
}
setup_webdir() {
mkdir -p /var/www/html/${range/\//.}/{nmap,gnmap,html,xml}
cp -vr ~/Documents/${range/\//.}/*.html /var/www/html/${range/\//.}/html/
cp -vr ~/Documents/${range/\//.}/*.gnmap /var/www/html/${range/\//.}/gnmap/
cp -vr ~/Documents/${range/\//.}/*.nmap /var/www/html/${range/\//.}/nmap/
cp -vr ~/Documents/${range/\//.}/*.xml /var/www/html/${range/\//.}/xml/
}
usage() {
# Verify the type of input and number of values
# Display an error message if the ip address (range) is not correct
# Exit the shell script with a status of 1 using exit 1 command.
[ $# -eq 0 ] && { echo "Usage: $0 ipaddress range eg. 10.10.0.0/16"; exit 1; }
}
main() {
echo $range| egrep '^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))?$' > /dev/null
retstat=$?
if [[ ! -z $range ]]; then
if [[ ${retstat} -eq 1 ]]; then
echo 'Please input a valid CIDR IP address value ex. 10.10.0.0/16'
else
echo "Starting nmap ping scan of $range"
ping_sweep
echo "Starting top 1k port scan of $range"
service_version_scan
echo "Building web directory structure"
setup_webdir
fi
else
usage
fi
}
main