Anyone speak Bash?Advanced Penetration Testing Course

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

Home Forums Courses Advanced Penetration Testing Course Anyone speak Bash?

Tagged: ,

This topic contains 8 replies, has 7 voices, and was last updated by  Syn/Ack 4 years, 8 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #28887

    Jeriko
    Participant

    I have already made a short little Bash script to ping for IP’s though the 192.168.1.0/25 subnet.
    for ip in $(seq 2 255); do ping -c 1 192.168.1.$ip | grep "bytes from" | cut -d ":" -f 1 & done
    Now, how do I make it so that for the IP’s it grabs, it runs an nmap script(I already know this part will be do nmap -sS -sV -Pn -O) on the IP’s it grepped?

    #28942

    Anonymous

    @cybercr33p Can’t you take advantage of NMAPs -iL <inputfilename> (Input from list) ?

    #28960

    oadominguez
    Participant

    You can use:

    for x in for ip in $(seq 2 255); do ping -c 1 192.168.1.$ip | grep "bytes from" | cut -d ":" -f 1 done
    do nmap -sS -sV -Pn -O $x
    done

    remember the return the execution to be reusable by another command, the output of the second for need to be like this:
    1.1.1.1
    2.2.2.2
    ….
    etc

    So you need to filter ONLY the IP

    PD: If you are making a Version Scan, you dont need to perform a SYN scan, it only make more packets in the network.

    Hope it helps.

    🙂

    #28961

    oadominguez
    Participant

    The post eliminate the commas, use the “execution commas” \\`

    #28993

    g00ey
    Participant

    Sorry for the numerous edits…….I can’t get the formatting right and remove the box around the code.

    The section in blocks are meant to have the backtick character ` at either end. I changed your cut command to cut out just the IP address and then the tr -d removes the floating ‘:’ from the end of it. This will return just a list of IP’s that are responding to ICMP which you can then call your nmap scan on.

    for ip in $(seq 2 255); do nmap -sS -sV -Pn -O ping -c 1 192.168.1.$ip | grep "bytes from" | cut -d " " -f4 | tr -d ':' ; done

    • This reply was modified 4 years, 9 months ago by  g00ey.
    • This reply was modified 4 years, 9 months ago by  g00ey.
    • This reply was modified 4 years, 9 months ago by  g00ey.
    • This reply was modified 4 years, 9 months ago by  g00ey.
    • This reply was modified 4 years, 9 months ago by  g00ey.
    • This reply was modified 4 years, 9 months ago by  g00ey.
    • This reply was modified 4 years, 9 months ago by  g00ey.
    #29023

    acetolyne
    Participant

    https://www.cybrary.it/forums/topic/anyone-here-speak-bash/

    you made duplicate topics you can see my solution here

    #32054

    Ketil
    Participant

    Why not just let nmap figure out the available servers?
    nmap -sS -sV -O 192.168.1.0/25

    #32110

    g00ey
    Participant

    The subnet should be 192.168.1.0/24 – a /25 notation will only scan the first 127 hosts. (Just to be correct)

    I agree with Ketil on one hand, simpler is usually better ……. However, it’s also just as important to experiment and find different ways of doing things, learn new skills etc. The main point to remember here in my opinion, is that the use of nmap was only the action to be carried out on each device within the subnet. It could have just as easily been a login script to make a configuration change, perform some update etc and learning to write scripts has many many uses in addition to the example. So keep on bashing out those scripts……….see what I did there?? 🙂

    #32167

    Syn/Ack
    Participant

    I agree that it wouldn’t be the preferred way to scan like this, since you would miss servers that don’t respond to ping. But you can’t go wrong with bash script excersises!
    I like your solution @g00ey. Simple and no nested loops required. *nice*

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel