Skip to content

update sed when ports scan #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
su2700 wants to merge 9 commits into
base: master
Choose a base branch
from
Open

update sed when ports scan #77

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
aebe839
sed: 1: "/PORT.*STATE.*SERVICE/, ...": bad flag in substitute command…
noahliukyiv Jul 24, 2024
46c748b
sed2
noahliukyiv Jul 24, 2024
05e5b4e
update sed
noahliukyiv Jul 24, 2024
c8df4fc
update sed and for macos
noahliukyiv Jul 25, 2024
ebeafdc
both path for arm and amd
su2700 Jul 30, 2024
7ba19fe
update to || or
Jul 30, 2024
e5bfc8c
1
su2700 Jul 30, 2024
a8e006f
2
su2700 Jul 30, 2024
885aba2
3
su2700 Jul 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added .DS_Store
View file
Open in desktop
Binary file not shown.
113 changes: 59 additions & 54 deletions nmapAutomator.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -185,21 +185,21 @@ header() {
assignPorts() {
# Set $commonPorts based on Port scan
if [ -f "nmap/Port_$1.nmap" ]; then
commonPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/Port_$1.nmap" | sed 's/.$//')"
commonPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/Port_$1.nmap" | gsed 's/.$//')"
fi

# Set $allPorts based on Full scan or both Port and Full scans
if [ -f "nmap/Full_$1.nmap" ]; then
if [ -f "nmap/Port_$1.nmap" ]; then
allPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/Port_$1.nmap" "nmap/Full_$1.nmap" | sed 's/.$//')"
allPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/Port_$1.nmap" "nmap/Full_$1.nmap" | gsed 's/.$//')"
else
allPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/Full_$1.nmap" | sed 's/.$//')"
allPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/Full_$1.nmap" | gsed 's/.$//')"
fi
fi

# Set $udpPorts based on UDP scan
if [ -f "nmap/UDP_$1.nmap" ]; then
udpPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/UDP_$1.nmap" | sed 's/.$//')"
udpPorts="$(awk -vORS=, -F/ '/^[0-9]/{print $1}' "nmap/UDP_$1.nmap" | gsed 's/.$//')"
if [ "${udpPorts}" = "Al" ]; then
udpPorts=""
fi
Expand Down Expand Up @@ -239,52 +239,57 @@ checkOS() {
# Add any extra ports found in Full scan
# No args needed
cmpPorts() {
extraPorts="$(echo ",${allPorts}," | sed 's/,\('"$(echo "${commonPorts}" | sed 's/,/,\\|/g')"',\)\+/,/g; s/^,\|,$//g')"
extraPorts="$(echo ",${allPorts}," | gsed 's/,\('"$(echo "${commonPorts}" | gsed 's/,/,\\|/g')"',\)\+/,/g; s/^,\|,$//g')"
}

# Print nmap progress bar
# $1 is $scanType, $2 is $percent, $3 is $elapsed, $4 is $remaining
progressBar() {
[ -z "${2##*[!0-9]*}" ] && return 1
[ "$(stty size | cut -d ' ' -f 2)" -le 120 ] && width=50 || width=100
fill="$(printf "%-$((width == 100 ? $2 : ($2 / 2)))s" "#" | tr ' ' '#')"
empty="$(printf "%-$((width - (width == 100 ? $2 : ($2 / 2))))s" " ")"
printf "In progress: $1 Scan ($3 elapsed - $4 remaining) \n"
printf "[${fill}>${empty}] $2%% done \n"
printf "\e[2A"
[ -z "${2##*[!0-9]*}" ] && return 1
[ "$(stty size | cut -d ' ' -f 2)" -le 120 ] && width=50 || width=100
fill="$(printf "%-${width}s" "#" | tr ' ' '#')"
fill="${fill:0:$((width * $2 / 100))}"
empty="$(printf "%-${width}s" " ")"
empty="${empty:0:$((width - ${#fill}))}"
printf "In progress: $1 Scan ($3 elapsed - $4 remaining) \n"
printf "[${fill}>${empty}] $2%% done \n"
printf "\e[2A"
}


# Calculate current progress bar status based on nmap stats (with --stats-every)
# $1 is nmap command to be run, $2 is progress bar $refreshRate
nmapProgressBar() {
refreshRate="${2:-1}"
outputFile="$(echo $1 | sed -e 's/.*-oN \(.*\).nmap.*/\1/').nmap"
tmpOutputFile="${outputFile}.tmp"

# Run the nmap command
if [ ! -e "${outputFile}" ]; then
$1 --stats-every "${refreshRate}s" >"${tmpOutputFile}" 2>&1 &
fi
refreshRate="${2:-1}"
outputFile="$(echo $1 | gsed -e 's/.*-oN \(.*\).nmap.*/\1/').nmap"
tmpOutputFile="${outputFile}.tmp"

# Run the nmap command
if [ ! -e "${outputFile}" ]; then
$1 --stats-every "${refreshRate}s" >"${tmpOutputFile}" 2>&1 &
fi

# Keep checking nmap stats and calling progressBar() every $refreshRate
while { [ ! -e "${outputFile}" ] || ! grep -q "Nmap done at" "${outputFile}"; } && { [ ! -e "${tmpOutputFile}" ] || ! grep -i -q "quitting" "${tmpOutputFile}"; }; do
scanType="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | gsed -n -e '/elapsed/s/.*undergoing \(.*\) Scan.*/\1/p')"
percent="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | gsed -n -e '/% done/s/.*About \(.*\)\..*% done.*/\1/p')"
elapsed="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | gsed -n -e '/elapsed/s/Stats: \(.*\) elapsed.*/\1/p')"
remaining="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | gsed -n -e '/remaining/s/.* (\(.*\) remaining.*/\1/p')"
progressBar "${scanType:-No}" "${percent:-0}" "${elapsed:-0:00:00}" "${remaining:-0:00:00}"
sleep "${refreshRate}"
done
printf "\033[0K\r\n\033[0K\r\n"

# Print final output, remove extra nmap noise
if [ -e "${outputFile}" ]; then
gsed -n '/PORT.*STATE.*SERVICE/,/^# Nmap/{p;}' "${outputFile}" | awk '!/^SF(:|-).*$/' | grep -v 'service unrecognized despite'
else
cat "${tmpOutputFile}"
fi
rm -f "${tmpOutputFile}"
}

# Keep checking nmap stats and calling progressBar() every $refreshRate
while { [ ! -e "${outputFile}" ] || ! grep -q "Nmap done at" "${outputFile}"; } && { [ ! -e "${tmpOutputFile}" ] || ! grep -i -q "quitting" "${tmpOutputFile}"; }; do
scanType="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | sed -ne '/elapsed/{s/.*undergoing \(.*\) Scan.*/\1/p}')"
percent="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | sed -ne '/% done/{s/.*About \(.*\)\..*% done.*/\1/p}')"
elapsed="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | sed -ne '/elapsed/{s/Stats: \(.*\) elapsed.*/\1/p}')"
remaining="$(tail -n 2 "${tmpOutputFile}" 2>/dev/null | sed -ne '/remaining/{s/.* (\(.*\) remaining.*/\1/p}')"
progressBar "${scanType:-No}" "${percent:-0}" "${elapsed:-0:00:00}" "${remaining:-0:00:00}"
sleep "${refreshRate}"
done
printf "\033[0K\r\n\033[0K\r\n"

# Print final output, remove extra nmap noise
if [ -e "${outputFile}" ]; then
sed -n '/PORT.*STATE.*SERVICE/,/^# Nmap/H;${x;s/^\n\|\n[^\n]*\n# Nmap.*//gp}' "${outputFile}" | awk '!/^SF(:|-).*$/' | grep -v 'service unrecognized despite'
else
cat "${tmpOutputFile}"
fi
rm -f "${tmpOutputFile}"
}

# Nmap scan for live hosts
networkScan() {
Expand All @@ -299,15 +304,15 @@ networkScan() {
# Discover live hosts with nmap
nmapProgressBar "${nmapType} -T4 --max-retries 1 --max-scan-delay 20 -n -sn -oN nmap/Network_${HOST}.nmap ${subnet}/24"
printf "${YELLOW}Found the following live hosts:${NC}\n\n"
cat nmap/Network_${HOST}.nmap | grep -v '#' | grep "$(echo $subnet | sed 's/..$//')" | awk {'print $5'}
cat nmap/Network_${HOST}.nmap | grep -v '#' | grep "$(echo $subnet | gsed 's/..$//')" | awk {'print $5'}
elif $pingable; then
# Discover live hosts with ping
echo >"nmap/Network_${HOST}.nmap"
for ip in $(seq 0 254); do
(ping -c 1 -${TW} 1 "$(echo $subnet | sed 's/..$//').$ip" 2>/dev/null | grep 'stat' -A1 | xargs | grep -v ', 0.*received' | awk {'print $2'} >>"nmap/Network_${HOST}.nmap") &
(ping -c 1 -${TW} 1 "$(echo $subnet | gsed 's/..$//').$ip" 2>/dev/null | grep 'stat' -A1 | xargs | grep -v ', 0.*received' | awk {'print $2'} >>"nmap/Network_${HOST}.nmap") &
done
wait
sed -i '/^$/d' "nmap/Network_${HOST}.nmap"
gsed -i '/^$/d' "nmap/Network_${HOST}.nmap"
sort -t . -k 3,3n -k 4,4n "nmap/Network_${HOST}.nmap"
else
printf "${YELLOW}No ping detected.. TCP Network Scan is not implemented yet in Remote mode.\n${NC}"
Expand Down Expand Up @@ -351,7 +356,7 @@ scriptScan() {

# Modify detected OS if Nmap detects a different OS
if [ -f "nmap/Script_${HOST}.nmap" ] && grep -q "Service Info: OS:" "nmap/Script_${HOST}.nmap"; then
serviceOS="$(sed -n '/Service Info/{s/.* \([^;]*\);.*/\1/p;q}' "nmap/Script_${HOST}.nmap")"
serviceOS="$(gsed -n '/Service Info/{s/.* \([^;]*\);.*/\1/p;q}' "nmap/Script_${HOST}.nmap")"
if [ "${osType}" != "${serviceOS}" ]; then
osType="${serviceOS}"
printf "${NC}\n"
Expand Down Expand Up @@ -398,7 +403,7 @@ fullScan() {
else
echo
echo
printf "${YELLOW}Making a script scan on extra ports: $(echo "${extraPorts}" | sed 's/,/, /g')\n"
printf "${YELLOW}Making a script scan on extra ports: $(echo "${extraPorts}" | gsed 's/,/, /g')\n"
printf "${NC}\n"
nmapProgressBar "${nmapType} -sCV -p${extraPorts} --open -oN nmap/Full_Extra_${HOST}.nmap ${HOST} ${DNSSTRING}" 2
assignPorts "${HOST}"
Expand Down Expand Up @@ -433,9 +438,9 @@ UDPScan() {
if [ -n "${udpPorts}" ]; then
echo
echo
printf "${YELLOW}Making a script scan on UDP ports: $(echo "${udpPorts}" | sed 's/,/, /g')\n"
printf "${YELLOW}Making a script scan on UDP ports: $(echo "${udpPorts}" | gsed 's/,/, /g')\n"
printf "${NC}\n"
if [ -f /usr/share/nmap/scripts/vulners.nse ]; then
if [ -f /usr/local/share/nmap/scripts/vulners.nse ]; then
sudo -v
nmapProgressBar "sudo ${nmapType} -sCVU --script vulners --script-args mincvss=7.0 -p${udpPorts} --open -oN nmap/UDP_Extra_${HOST}.nmap ${HOST} ${DNSSTRING}" 2
else
Expand Down Expand Up @@ -473,7 +478,7 @@ vulnsScan() {
fi

# Ensure the vulners script is available, then run it with nmap
if [ ! -f /usr/share/nmap/scripts/vulners.nse ]; then
if [ ! -f /opt/homebrew/share/nmap/scripts/vulners.nse ] && [ ! -f /usr/local/share/nmap/scripts/vulners.nse ]; then
printf "${RED}Please install 'vulners.nse' nmap script:\n"
printf "${RED}https://github.com/vulnersCom/nmap-vulners\n"
printf "${RED}\n"
Expand Down Expand Up @@ -524,9 +529,9 @@ recon() {
printf "${YELLOW}sudo apt install ${missingTools} -y\n"
printf "${NC}\n\n"

availableRecon="$(echo "${allRecon}" | tr " " "\n" | awk -vORS=', ' '!/'"$(echo "${missingTools}" | tr " " "|")"'/' | sed 's/..$//')"
availableRecon="$(echo "${allRecon}" | tr " " "\n" | awk -vORS=', ' '!/'"$(echo "${missingTools}" | tr " " "|")"'/' | gsed 's/..$//')"
else
availableRecon="$(echo "${allRecon}" | tr "\n" " " | sed 's/\ /,\ /g' | sed 's/..$//')"
availableRecon="$(echo "${allRecon}" | tr "\n" " " | gsed 's/\ /,\ /g' | gsed 's/..$//')"
fi

secs=30
Expand Down Expand Up @@ -594,7 +599,7 @@ reconRecommend() {
printf "${NC}\n"
printf "${YELLOW}SMTP Recon:\n"
printf "${NC}\n"
echo "smtp-user-enum -U /usr/share/wordlists/metasploit/unix_users.txt -t \"${HOST}\" | tee \"recon/smtp_user_enum_${HOST}.txt\""
echo "smtp-user-enum -U /users/share/wordlists/metasploit/unix_users.txt -t \"${HOST}\" | tee \"recon/smtp_user_enum_${HOST}.txt\""
echo
fi

Expand Down Expand Up @@ -629,11 +634,11 @@ reconRecommend() {
echo "nikto -host \"${urlType}${HOST}:${port}\" | tee \"recon/nikto_${HOST}_${port}.txt\""
fi
if type ffuf >/dev/null 2>&1; then
extensions="$(echo 'index' >./index && ffuf -s -w ./index:FUZZ -mc '200,302' -e '.asp,.aspx,.html,.jsp,.php' -u "${urlType}${HOST}:${port}/FUZZ" 2>/dev/null | awk -vORS=, -F 'index' '{print $2}' | sed 's/.$//' && rm ./index)"
echo "ffuf -ic -w /usr/share/wordlists/dirb/common.txt -e '${extensions}' -u \"${urlType}${HOST}:${port}/FUZZ\" | tee \"recon/ffuf_${HOST}_${port}.txt\""
extensions="$(echo 'index' >./index && ffuf -s -w ./index:FUZZ -mc '200,302' -e '.asp,.aspx,.html,.jsp,.php' -u "${urlType}${HOST}:${port}/FUZZ" 2>/dev/null | awk -vORS=, -F 'index' '{print $2}' | gsed 's/.$//' && rm ./index)"
echo "ffuf -ic -w /users/share/wordlists/dirb/common.txt -e '${extensions}' -u \"${urlType}${HOST}:${port}/FUZZ\" | tee \"recon/ffuf_${HOST}_${port}.txt\""
else
extensions="$(echo 'index' >./index && gobuster dir -w ./index -t 30 -qnkx '.asp,.aspx,.html,.jsp,.php' -s '200,302' -u "${urlType}${HOST}:${port}" 2>/dev/null | awk -vORS=, -F 'index' '{print $2}' | sed 's/.$//' && rm ./index)"
echo "gobuster dir -w /usr/share/wordlists/dirb/common.txt -t 30 -ekx '${extensions}' -u \"${urlType}${HOST}:${port}\" -o \"recon/gobuster_${HOST}_${port}.txt\""
extensions="$(echo 'index' >./index && gobuster dir -w ./index -t 30 -qnkx '.asp,.aspx,.html,.jsp,.php' -s '200,302' -u "${urlType}${HOST}:${port}" 2>/dev/null | awk -vORS=, -F 'index' '{print $2}' | gsed 's/.$//' && rm ./index)"
echo "gobuster dir -w /users/share/wordlists/dirb/common.txt -t 30 -ekx '${extensions}' -u \"${urlType}${HOST}:${port}\" -o \"recon/gobuster_${HOST}_${port}.txt\""
fi
echo
fi
Expand All @@ -643,7 +648,7 @@ reconRecommend() {
cms="$(grep http-generator "nmap/Script_${HOST}.nmap" | cut -d " " -f 2)"
if [ -n "${cms}" ]; then
for line in ${cms}; do
port="$(sed -n 'H;x;s/\/.*'"${line}"'.*//p' "nmap/Script_${HOST}.nmap")"
port="$(gsed -n 'H;x;s/\/.*'"${line}"'.*//p' "nmap/Script_${HOST}.nmap")"

# case returns 0 by default (no match), so ! case returns 1
if ! case "${cms}" in Joomla | WordPress | Drupal) false ;; esac then
Expand Down