SHARE
TWEET

nmap-parser

a guest Nov 8th, 2019 95 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. fname="ultimate-nmap-parser.sh"
  3. version="0.6"
  4. modified="08/06/2019"
  5.  
  6. # TO DO:
  7. # BUG: cant handle paths with spaces. so far the makcsv function doesnt appear to write to temp.csv
  8. #      **THINK I FIXED THIS -- Need lots more testing. go through and parse last projectes
  9. # --------------------
  10. # - 1. check if tcp,udp,unique,up and down files are empty - if empty then say
  11. # - 2. more check of input file and exit if cant find open it. if no inputfile - exit
  12. # - 3. better checks for Up/Down hosts
  13. # - add check to closed ports if no closed ports than say and dont make file liek the rest
  14. # - take in xml file do checks and make more vauge... maybe make it pickup from folder location in future
  15. # - make the output echo out each host file
  16. # - better processing output... show lines
  17. # - need to make the hosts files better .. dont like the output and the same port sometimes has multiple files
  18. # - lots more work needed on the output bit at the end  maybe use the ifs
  19. # - make like a log file - time stats. input swtichees used files es.. all stats ports est
  20. # - fix the output at the end
  21. # - better error handling
  22. # - need to check if there is nothing in the file then delete it and sate no hosts
  23. # - output stating what files been picked up ...list them out ?
  24. # - fix and check ssl function
  25. # - closed ports needs sorting
  26. # - sort the port files - tcp, udp, unique
  27. # - have a bit at the end to print the output of files
  28. # - use less temp files try and keep things consistant in oneliner
  29. # - tidy up the script make it organised
  30. # - give the functions desicriptions so know what they are doing
  31. # - renames the hosts services for indvidual port file ftp,telnet,ssl,web,http/https/ssl,mysql,oracle,mssql,smb,snmp....est so they are a bit bteer
  32. # - create some error checking. file checks for each function. main file checks. fix the switches
  33. # - test every switch and options
  34. # - stop reusing code. make functions for repeats
  35. # - better input checks. all runs first - giant if statemnt to check switches are valid first
  36. # - add useful features from OLD nmap-parser
  37. # - change the if statements so that there is an all function so it will set all the varibles on and create the folder. this needs testing too
  38. # - TEST TEST TEST TEST TEST and check the output with lots of different scans and make sure it is all accurate.
  39.  
  40.  
  41. #----------------------------------------------------------------- START OF SCRIPT -----------------------------------------------------------------
  42.  
  43.  
  44. # colours - https://misc.flogisoft.com/bash/tip_colors_and_formatting
  45. RED='\e[91m'
  46. RESETCOL='\e[39m'
  47.  
  48.  
  49. # doesnt seem to work that well so used version sort seems to be the best
  50. export sortip="sort -V"
  51. #export sortip="sort -t. -n -k1 | sort -t. -n -k2 | sort -t. -n -k3 | sort -t. -n -k4 | sort -u -V"
  52. #export sortip="sort -t. -k 1 -V | sort -t. -k 2 -V | sort -t. -k 3 -V | sort -t. -k 4 -V"
  53.  
  54.  
  55. #name of temp files
  56. inputtemp="temp.gnmap"
  57. csvtemp="temp.csv"
  58.  
  59.  
  60. #output folder
  61. createoutdir="N"    #change to Y - if you always want mkdir outdir
  62. outdir="parse"
  63. outhostsdir="hosts"
  64.  
  65.  
  66. #output file names
  67. outputcsvfile="parsed_nmap.csv"
  68. outputsummaryfile="summary.txt"
  69. outputclosedfile="closed-summary.txt"
  70. outputipfile="parsed_ipport.txt"
  71. outputupfile="hosts_up.txt"
  72. outputdownfile="hosts_down.txt"
  73. outputuniquefile="ports_unique.txt"
  74. outputtcpfile="ports_tcp.txt"
  75. outputudpfile="ports_udp.txt"
  76. outputsmbfile="smb.txt"
  77. outputwebfile="web-urls.txt"
  78. outputsslfile="ssl.txt"
  79. outputreport1file="report1.txt"
  80. outputclosedsummaryfile="closed-summary.txt"
  81.  
  82.  
  83. # Menu Switches
  84. men_all="N"
  85. men_csv="N"
  86. men_summary="N"
  87. men_uports="N"
  88. men_tcpports="N"
  89. men_udpports="N"
  90. men_uphosts="N"
  91. men_downhosts="N"
  92. men_ipport="N"
  93. men_smb="N"
  94. men_ssl="N"
  95. men_web="N"
  96. men_hostports="N"
  97. men_closed="N"
  98. men_report1="N"
  99. men_htmlreport="N"
  100.  
  101.  
  102. function header () {
  103. # header function  - used to print out the title of the script
  104. # need a better name i think
  105. echo -e "\e[1m  _  _ _    ___ _ _  _ ____ ___ ____    _  _ _  _ ____ ___  "  
  106. echo "  |  | |     |  | |\/| |__|  |  |___    |\ | |\/| |__| |__] "  
  107. echo "  |__| |___  |  | |  | |  |  |  |___    | \| |  | |  | |    "  
  108. echo "          ___  ____ ____ ____ ____ ____                   "                                    
  109. echo "          |__] |__| |__/ [__  |___ |__/                   "      
  110. echo "          |    |  | |  \ ___] |___ |  \                   "
  111. echo "                                                          "
  112. echo -e "\e[39m\e[0m\e[96mVersion: $version - $modified"                                                                                 
  113. echo -e "Created By: Shifty0g   https://github.com/shifty0g  \e[39m"
  114. echo ""
  115. }
  116.  
  117. function footer () {
  118. # footer to print out at the end of the script
  119. echo "--------------------------------------------------------------------------------------"
  120. echo "                         ___                           "
  121. echo "                _  _  .-'   '-.                        "
  122. echo "               (.)(.)/         \                       "
  123. echo "                /@@             ;                      "
  124. echo "               o_\\-mm-......-mm\`~~~~~~~~~~~~~~~~\`   "
  125. echo "                                                       "                                          
  126. echo
  127. }
  128.  
  129. function helpmenu () {
  130. # prints out the header and help menu when --help switch is selected to show the options to use
  131. header
  132. echo
  133. echo "[*] Usage: $fname [input] [options]"
  134. echo
  135. echo -e "\e[95m[input]:     Grepable nmap file(s) .gnmap - can have multiple\e[39m"
  136. echo
  137. echo -e "\e[93m[options]:"
  138. echo
  139. echo "  --help      Show this help menu"
  140. echo "  --all       Runs ALL options - **EXCLUDING: report1, --html**"
  141. echo "  --csv       Create .csv file - $outputcsvfile"
  142. echo "  --summary   Create host Summary report - $outputsummaryfile"
  143. echo "  --closed    Create Summary of hosts with CLOSED ports - $outputclosedfile"
  144. echo "  --unique    Parse open unique TCP & UDP ports - $outputuniquefile"
  145. echo "  --tcp       Parse open TCP ports - $outputtcpfile"
  146. echo "  --udp       Parse open UDP ports - $outputudpfile"
  147. echo "  --up        Parse 'Up' hosts - $outputupfile"
  148. echo "  --down      Parse 'Down' hosts - $outputdownfile"
  149. echo "  --ippport   Parse targets IP:PORT - $outputipfile"
  150. echo "  --smb       Generate smb paths smb://IP - $outputsmbfile"
  151. echo "  --web       Generate web URLS http://IP:PORT https://IP:PORT  - $outputwebfile"
  152. echo "  --ssl       Generate ssl/tls hosts list IP:PORT - $outputsslfile"
  153. echo "  --hostports Generate hosts/hosts_<PORT>-<PROTOCOL>-<SERVICE>.txt files"
  154. #echo " --html      Generates a .html report for each scan (uses xml file - will auto pickup from \$pwd)"
  155. echo "      --report1       Report - IP[PORT1,PORT2,PORT3, ] - parsip.pl"
  156. echo
  157. echo -e "\e[39m[*] Example:"
  158. echo
  159. echo "$fname *.gnmap --all"
  160. echo "$fname nmap_tcp_full.gnmp nmap_udp_def.gnmap --summary --unique"
  161. echo "$fname nmap_tcp_full.gnmp nmap_udp_def.gnmap --web"
  162. echo
  163. echo "--------------------------------------------------------------------------------------"
  164. echo
  165. }
  166.  
  167. function diagnostics () {
  168. # diagnostics function used to help figure out whats wrong - will delete this when release the script
  169. echo
  170. echo
  171. echo "################################[ DIAGNOSTICS ]########################################"
  172. echo "\$0 - "$0
  173. echo "\$1 - "$1
  174. echo "\$* - "$*
  175. echo "inpputfile - "$file
  176. echo "inputfilepath - "$inputfilepath
  177. echo "tempfile - "$tempfile
  178. echo "outpath - "$outpath
  179. echo "filecheck - "$filecheck
  180. echo "#######################################################################################"
  181. }
  182.  
  183. function mastercleanup () {
  184. # MASTER cleanup - lazy just to wipe the temp stuff before and after soo all fresh
  185. rm "${outpath}tempinput" "${outpath}ipptemp" "${outpath}closedtemp" "${outpath}summtemp" "${outpath}tempfile" "${outpath}tempfile2" "${outpath}$varTempFile2" "${outpath}inputfile" "${outpath}$varTempFile" "${outpath}$tempfile" "${outpath}$varSummTempFile" "${outpath}webtemp" "${outpath}webtemp2" "${hostportspath}hostptemp" "${outpath}$inputtemp" "${outpath}$inputtemp "${outputpath}$csvtemp > /dev/null 2>&1
  186. }
  187.  
  188. function makecsv () {
  189. # this is the main function which processes the inputfile and creates a csv file
  190. echo -e "\e[1m\e[93m[>]\e[0m Creating CSV File"
  191. while read line; do
  192.     checkport=$(echo $line | grep -e '/open/' -e '/closed')
  193.     if [ "$checkport" != "" ]; then
  194.         host=$(echo $line | awk '{print $2}')
  195.         lineports=$(echo $line | awk '{$1=$2=$3=$4=""; print $0}')
  196.         if [ -f "${outpath}"tempfile2"" ]; then rm "${outpath}"tempfile2""; fi
  197.         echo "$lineports" | tr "," "\n" | sed 's/^ *//g' >> "${outpath}"tempfile2""
  198.         # Read the per-host temp file to write each open port as a line to the CSV temp file
  199.         while read templine; do
  200.         # check for open port
  201.         checkport2=$(echo $templine | grep -e '/open/' -e '/closed')
  202.         if [ "$checkport2" != "" ]; then
  203.             port=$(echo $templine | awk -F '/' '{print $1}')
  204.             status=$(echo $templine | awk -F '/' '{print $2}')
  205.             protocol=$(echo $templine | awk -F '/' '{print $3}')
  206.             service=$(echo $templine | awk -F '/' '{print $5}')
  207.             version=$(echo $templine | awk -F '/' '{print $7}')
  208.             echo "$host,$port,$status,$protocol,$service,$version" >> "${outpath}$csvtemp"
  209.         fi
  210.         done < "${outpath}tempfile2"
  211.     fi
  212. done < "${outpath}$inputtemp"
  213.  
  214.  
  215.  
  216. # finalise and move the file if temp.csv
  217. if [ -f "${outpath}$csvtemp" ]; then
  218.    echo "HOST,PORT,STATUS,PROTOCOL,SERVICE,VERSION" > "${outpath}$outputcsvfile"
  219.    # sort by ip address - 1st.2nd.3rd.4th
  220.    cat "${outpath}"temp.csv"" | sort -t"," -n -k1 | $sortip >> "${outpath}$outputcsvfile"
  221.    echo "   - $outputcsvfile"
  222. fi
  223.  
  224. #cleanup
  225. rm "${outpath}$csvtemp" "${outpath}"tempfile2"" > /dev/null 2>&1
  226.  
  227. echo
  228. #end
  229. }
  230.  
  231. function checkcsv () {
  232. # checks if the makecsv fu nction has already ran and then sets the tempfile varible - stops repition as most other functions use the csv file
  233. if [ "$men_csv" == "Y" ]
  234. then
  235.     cp "${outpath}$outputcsvfile" "${outpath}$csvtemp"
  236. else
  237.     makecsv > /dev/null 2>&1
  238.     mv "${outpath}$outputcsvfile" "${outpath}$csvtemp"
  239. fi
  240.  
  241. # remove the head from the csv file
  242. sed -i -e "1d" "${outpath}$csvtemp"
  243.  
  244. # remove lines that have closed ports
  245. sed -i '/,closed,/d' "${outpath}$csvtemp"
  246.  
  247. export tempfile="$(realpath "${outpath}$csvtemp")"
  248.  
  249. # end
  250. }
  251.  
  252. function summary () {
  253. # creates the summary file of from the input of open ports
  254. echo -e "\e[1m\e[93m[>]\e[0m Creating Summary"
  255.  
  256. #check for csv file to process
  257. checkcsv
  258.  
  259. #clear any old file - fresh
  260. rm "${outpath}$outputsummaryfile" > /dev/null 2>&1
  261.  
  262. echo "+=========================================================================================+" >> "${outpath}$outputsummaryfile"
  263. printf "%-18s %-16s %-52.52s %-2s \n" "| HOST " "| PORT / PROTOCOL" " | SERVICE" "|" >> "${outpath}$outputsummaryfile"
  264. lasthost=""
  265. while read line; do
  266.     host=$(echo $line | awk -F ',' '{print $1}')
  267.     port=$(echo $line | awk -F ',' '{print $2}')
  268.     protocol=$(echo $line | awk -F ',' '{print $4}')
  269.     service=$(echo $line | awk -F ',' '{print $5}')
  270.     version=$(echo $line | awk -F ',' '{print $6}')
  271.     if [ "$host" != "$lasthost" ]; then echo "+=========================================================================================+" >> "${outpath}$outputsummaryfile"; fi
  272.     if [ "$version" = "" ]; then
  273.         version=""
  274.     else
  275.         version="- $version"
  276.     fi
  277.     printf "%-18s %-16s %-52.52s %-2s \n" "| $host " "| $port / $protocol " "  | $service $version" " |" >> "${outpath}$outputsummaryfile"
  278.     lasthost="$host"
  279. done < "$tempfile"
  280. echo "+=========================================================================================+" >> "${outpath}$outputsummaryfile"
  281.  
  282. echo "  - $outputsummaryfile"
  283. echo
  284.  
  285. #cleanup
  286. rm  "$tempfile" > /dev/null 2>&1
  287.  
  288. #end
  289. }
  290.  
  291. function ipport () {
  292. # creates a file of open ports IP:PORT
  293. echo -e "\e[1m\e[93m[>]\e[0m Creating IP Port file "
  294.  
  295. # check is csv is run and get a tempfile
  296. checkcsv
  297.  
  298. #clear any old file - fresh
  299. rm "${outpath}$outputipfile" > /dev/null 2>&1
  300.  
  301. # finalise the file and clean up
  302. cat "$tempfile"  | cut -d, -f1,2 | tr -d '"' | tr , : | $sortip > "${outpath}$outputipfile"
  303.  
  304. #cleanup
  305. rm  "$tempfile" > /dev/null 2>&1
  306.  
  307. echo "  - $outputipfile"
  308. echo
  309.  
  310. #end
  311. }
  312.  
  313. function uphosts () {
  314. # creates a file with IPs for hosts with Up Statues - needs further checks to be better
  315. echo -e "\e[1m\e[93m[>]\e[0m Parsing up hosts"
  316. cat "$inputfilepath" | grep -e 'Status: Up' -e '/open/' | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | sort -u -V  > "$outpath$outputupfile"
  317.  
  318. # check if there are actually any IP addresses in the file - if not delete it no point
  319. if [ -z "$(cat "${outpath}$outputupfile" | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")" ]
  320. then
  321.       echo -e "$RED - no up hosts $RESETCOL"
  322.       rm "${outpath}$outputupfile" > /dev/null 2>&1
  323. else
  324.       echo "    - $outputupfile"
  325. fi
  326. echo
  327.  
  328.  
  329. #end
  330. }
  331.  
  332. function downhosts () {
  333. # creates a file with IPs for hosts with Down status
  334. echo -e "\e[1m\e[93m[>]\e[0m Parsing down hosts"
  335. cat "$inputfilepath" | grep 'Status: Down' | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | sort -u -V > "${outpath}$outputdownfile"
  336.  
  337. # check if there are actually any IP addresses in the file - if not delete it no point
  338. if [ -z "$(cat "${outpath}$outputdownfile" | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b")" ]
  339. then
  340.       echo -e "$RED - no down hosts $RESETCOL"
  341.       rm "${outpath}$outputdownfile" > /dev/null 2>&1
  342. else
  343.       echo "    - $outputdownfile"
  344. fi
  345. echo
  346.  
  347. #end
  348. }
  349.  
  350. function uniqueports () {
  351. # creates a file listing out uniquie open TCP and UDP ports
  352. echo -e "\e[1m\e[93m[>]\e[0m Parsing unique ports"
  353. cat "$inputfilepath" | grep -o -P '.{0,9}/open/' | awk '{ print $2}' | cut -d /  -f 1 | sort -u -V | paste -s -d, 2>&1 > "${outpath}$outputuniquefile";
  354.  
  355. # check for a number if the file has them then likely has ports in  
  356. if [ -z "$(cat "${outpath}$outputuniquefile" | grep '[0-9]')" ]
  357. then
  358.       echo -e "$RED - no Unique ports $RESETCOL"
  359.       rm "${outpath}$outputuniquefile" > /dev/null 2>&1
  360. else
  361.       echo "    - $outputuniquefile"
  362. fi
  363. echo
  364.  
  365. # end
  366. }
  367.  
  368. function tcpports () {
  369. # creates a file of unqiue open TCP ports - 22,23,80,443...
  370. echo -e "\e[1m\e[93m[>]\e[0m Parsing tcp ports"
  371. cat "$inputfilepath" | grep '/tcp/' | grep -o -P '.{0,9}/open/' | awk '{ print $2}' | cut -d /  -f 1 | sort -u -V | paste -s -d, 2>&1 > "${outpath}$outputtcpfile";
  372.  
  373. # check for a number if the file has them then likely has ports in  
  374. if [ -z "$(cat "${outpath}$outputtcpfile" |  grep '[0-9]')" ]
  375. then
  376.       echo -e "$RED - no TCP ports $RESETCOL"
  377.       rm "${outpath}$outputtcpfile" > /dev/null 2>&1
  378. else
  379.       echo "    - $outputtcpfile"
  380. fi
  381. echo
  382.  
  383.  
  384. # end  
  385. }
  386.  
  387. function udpports () {
  388. # creates a file of unqiue open UDP ports - 53,161...
  389. echo -e "\e[1m\e[93m[>]\e[0m Parsing udp ports"
  390. cat "$inputfilepath" | grep '/udp/'  | grep -o -P '.{0,9}/open/' | awk '{ print $2}' | cut -d /  -f 1 | sort -u -V | paste -s -d, 2>&1 > "${outpath}$outputudpfile"
  391.  
  392. # check for a number if the file has them then likely has ports in  
  393. if [ -z "$(cat "${outpath}$outputudpfile" | grep '[0-9]')" ]
  394. then
  395.       echo -e "$RED - no UDP ports $RESETCOL"
  396.       rm "${outpath}$outputudpfile" > /dev/null 2>&1
  397. else
  398.       echo "    - $outputudpfile"
  399. fi
  400. echo
  401.  
  402. # end
  403. }
  404.  
  405. function smb () {
  406. # createa file for URI smb://192.168.1.1
  407. # will only grab out OPEN 445 TCP
  408. echo -e "\e[1m\e[93m[>]\e[0m Creating smb paths"
  409. cat "$inputfilepath" | grep '445/open/tcp/' | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | sed -e 's/^/smb:\/\//' | sort -u | $sortip | sort -t'/' -k2 -V  > "${outpath}$outputsmbfile"
  410.  
  411. # check for a smb:// if the file has them then likely has ports in  
  412. if [ -z "$(cat "${outpath}$outputsmbfile" | grep 'smb://')" ]
  413. then
  414.     echo -e "$RED   - no SMB ports $RESETCOL"
  415.     rm "${outpath}$outputsmbfile" > /dev/null 2>&1
  416. else
  417.     echo "  - $outputsmbfile"
  418. fi
  419. echo
  420.  
  421. # end
  422. }
  423.  
  424. function web () {
  425. # make a file of URLS to use with tools like nikto wafwoof est
  426. echo -e "\e[1m\e[93m[>]\e[0m Creating web URLS"
  427.  
  428. # start fresh
  429. rm "${outpath}$webfinalname" "${outpath}webtemp2"  > /dev/null 2>&1
  430.  
  431. #check that the csv file has been created
  432. checkcsv
  433.  
  434. for line in $(cat "$tempfile"); do
  435.     host=$(echo $line | awk -F ',' '{print $1}')
  436.     port=$(echo $line | awk -F ',' '{print $2}')
  437.     service=$(echo $line | awk -F ',' '{print $5}')
  438.     version=$(echo $line | awk -F ',' '{print $6}')
  439.    
  440.     # a little overboard with the checks just to make sure all web ports are collected
  441.     if [ "$port" = "80" ]; then echo "http://${host}:$port/" >> "${outpath}webtemp2"; fi
  442.     if [ "$port" = "443" ]; then echo "https://${host}:$port/" >> "${outpath}webtemp2"; fi
  443.         if [ "$port" = "8080" ]; then echo "http://${host}:$port/" >> "${outpath}webtemp2"; fi
  444.         if [ "$port" = "8443" ]; then echo "https://${host}:$port/" >> "${outpath}webtemp2"; fi
  445.     if [ "$service" = "http" ]; then echo "http://${host}:$port/" >> "${outpath}webtemp2"; fi
  446.     if [[ "$service" == *"ssl"* ]]; then echo "https://${host}:$port/" >> "${outpath}webtemp2"; fi
  447.     if [[ "$version" == *"Web"* ]]; then echo "http://${host}:$port/" >> "${outpath}webtemp2"; fi
  448.     if [[ "$version" == *"web"* ]]; then echo "http://${host}:$port/" >> "${outpath}webtemp2"; fi
  449. done
  450.  
  451. # if webtemp2 exists then sort it
  452. if [ -f "${outpath}webtemp2" ]; then
  453.     sort -u "${outpath}webtemp2" | $sortip | sort -t'/' -k2 -V  > "${outpath}$outputwebfile" 2>&1
  454.     echo "  - $outputwebfile"
  455. else
  456.     echo -e "$RED   - no ports found $RESETCOL"
  457.     rm "${outpath}$outputwebfile" > /dev/null 2>&1
  458. fi
  459.  
  460. #cleanup
  461. rm "${outpath}webtemp2" "$tempfile"  > /dev/null 2>&1
  462.  
  463. echo
  464.  
  465. #end
  466. }
  467.  
  468. function ssl () {
  469. echo -e "\e[1m\e[93m[>]\e[0m Creating ssl/tls list"
  470.  
  471. # start fresh
  472. rm "${outpath}$outputsslfile" "${outpath}ssltemp2" > /dev/null 2>&1
  473.  
  474. #check that the csv file has been created
  475. checkcsv
  476.  
  477. for line in $(cat "$tempfile"); do
  478.     host=$(echo $line | awk -F ',' '{print $1}')
  479.     port=$(echo $line | awk -F ',' '{print $2}')
  480.     service=$(echo $line | awk -F ',' '{print $5}')
  481.     version=$(echo $line | awk -F ',' '{print $6}')
  482.    
  483.     # a little overboard again - just to get anything with ssl or tls in
  484.     if [[ "$port" -eq "443" ]]; then echo "${host}:$port" >> "${outpath}ssltemp2"; fi
  485.     if [[ "$service" == *"ssl"* ]]; then echo "${host}:$port" >> "${outpath}ssltemp2"; fi
  486.     if [[ "$version" == *"ssl"* ]]; then echo "${host}:$port" >> "${outpath}ssltemp2"; fi
  487.     if [[ "$service" == *"tls"* ]]; then echo "${host}:$port" >> "${outpath}ssltemp2"; fi
  488.     if [[ "$version" == *"tls"* ]]; then echo "${host}:$port" >> "${outpath}ssltemp2"; fi
  489.  
  490. done
  491.  
  492.  
  493. # if webtemp2 exists then sort it
  494. if [ -f "${outpath}ssltemp2" ]; then
  495.     sort -u "${outpath}ssltemp2" | $sortip > "${outpath}$outputsslfile" 2>&1
  496.     echo "  - $outputsslfile"
  497. else
  498.     echo -e "$RED   - no ports found $RESETCOL"
  499.     rm "${outpath}$outputsslfile" > /dev/null 2>&1
  500. fi
  501.  
  502.  
  503. #clean up function
  504. rm "${outpath}ssltemp" "${outpath}ssltemp2" "$tempfile" > /dev/null 2>&1
  505.  
  506. echo
  507.  
  508. #end
  509. }
  510.  
  511. function hostports () {
  512. # will create a folder hosts and generate ip lists for each open ports for example 80 http will be hosts/hosts_80-tcp-http.txt
  513. # need to reqord some fo the service names to make them a little better
  514. echo -e "\e[1m\e[93m[>]\e[0m Generating host port files"
  515.  
  516. # fresh folder
  517. rm "${outpath}$outhostsdir" -rf > /dev/null 2>&1
  518.  
  519. # make folder - this can be spammy
  520. mkdir "${outpath}$outhostsdir" > /dev/null 2>&1
  521. hostportspath=$(realpath "$outpath$outhostsdir")
  522.  
  523. #check that the csv file has been created
  524. checkcsv
  525.  
  526. # loop through and Create split hosts files for each protocol
  527. for line in $(cat "$tempfile"); do
  528.     host=$(echo $line | awk -F ',' '{print $1}')
  529.     port=$(echo $line | awk -F ',' '{print $2}')
  530.     proto=$(echo $line | awk -F ',' '{print $4}')
  531.     service=$(echo $line | awk -F ',' '{print $5}' | tr -d '-' | tr -d '?' | tr -d '|' )
  532.     # need to add better service names
  533.    
  534.     # check and tidy for consistancy
  535.     printout="Y"
  536.     if [ "$service" == "microsoftds" ]; then
  537.         service="smb"
  538.     elif [ "$port" == 161 ]; then
  539.         service="snmp"         
  540.     elif [ "$port" == 79 ]; then
  541.         service="finger"
  542.     elif [ "$port" == 25 ]; then
  543.         service="smtp
  544.     elif [ "$port" == 21 ]; then
  545.         service="ftp"  
  546.     elif [ "$port" == 2049 ]; then
  547.         service="nfs"
  548.     elif [ "$port" == 22 ]; then
  549.         service="ssh"
  550.     elif [ "$port" == 23 ]; then
  551.         service="telnet"
  552.     elif [ "$port" == 111 ]; then
  553.         service="rpc"
  554.     elif [ "$port" == 2049 ]; then
  555.         service="nfs"
  556.     elif [ "$port" == 3389 ]; then
  557.         service="rdp"
  558.     elif [ "$port" == 53 ]; then
  559.         service="dns"          
  560.     elif [ "$port" == 113 ]; then
  561.         service="nfs"
  562.     elif [ "$port" == 5432 ]; then
  563.         service="postgres
  564.     elif [ "$port" == 3306 ]; then
  565.         service="mysql"
  566.     elif [ "$port" == 1433 ]; then
  567.         service="mssql"        
  568.     elif [ "$port" == 443 ]; then
  569.         service="https"
  570.     elif [ "$port" == 80 ]; then
  571.         service="http"
  572.     elif [ "$port" == 636 ]; then
  573.         service="ldap"     
  574.     elif [ "$service" == "msrpc" ]; then
  575.         # dont print out msrpc ..pointless - stop the spam
  576.         printout="N"   
  577.     elif [ "$proto" == "udp" ] && [ "$service" == "unknown" ]; then
  578.         # dont udp + unknown ... cant really do much with this - stop spam
  579.         printout="N"       
  580.     elif [ -z "$service" ]; then
  581.         # dont udp + unknown ... cant really do much with this - stop spam
  582.         printout="N"   
  583.     fi
  584.    
  585.    
  586.     # print out the IP in port files
  587.     if [ "$printout" == "Y" ]; then
  588.         echo $host >> "$hostportspath"/"$proto"_"$port-$service.txt"       
  589.     fi 
  590. done
  591.  
  592. #function cleanup
  593. rm  "${hostportspath}/_-.txt" "$tempfile" > /dev/null 2>&1
  594.  
  595. echo "  - "${outhostsdir}"/[PROTOCOL]_[PORT]-[SERVICE].txt"
  596. echo
  597. #end
  598. }
  599.  
  600. function closedsummary() {
  601. # creates a little report of hosts with closed ports
  602. echo -e "\e[1m\e[93m[>]\e[0m Generating  Closed Ports Summary"
  603.  
  604. rm "${outpath}$outputclosedsummaryfile" > /dev/null 2>&1
  605. for host in $(cat "$inputfilepath" | grep "Host:" | grep "\/closed\/" | awk '{ print $2}'| sort --unique); do # will go through each host
  606.    echo "Closed Ports For Host: $host " >> "${outpath}$outputclosedsummaryfile"
  607.     echo -n "   " >> "${outpath}$outputclosedsummaryfile"
  608.    for port in $(cat "$inputfilepath" | grep -w $host | grep -o -P '.{0,10}/closed/' | awk '{ print $2}' | cut -d /  -f 1 | sort --unique); do # go through ports
  609.         echo -n $port", " >> "${outpath}$outputclosedsummaryfile"
  610.    done # end ports loop
  611.     echo -e "\n " >> "${outpath}$outputclosedsummaryfile"
  612. done # end hosts loop
  613.  
  614. # old oneliner
  615. #cat $inputfilepath |awk '/closed/{ s = ""; for (i = 5; i <= NF-4; i++) s = s substr($i,1,length($i)-4) "\n"; print $2 " " $3 "\n" s}' |grep -v open |grep -v "-" |sed "s/[/].*//" | grep -e '[[:digit:]]*\|"\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"' |sed 's/(//' |sed 's/)//' |sed "s/[a-zA-Z']/ /g" |sed -r '/^\s*$/d' |sed 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/\nBREAK Closed Ports For Host: &\n/' |paste -s -d,| sed 's/Closed/\n&/g'|sed 's/^\(, ,\)*//' | sed 's/,*$//g' |sed  -e 's/, ,/-/g' |tr - '\n' |sed 's/BREAK/\'$'\n/g' | sed 's/,,$//' > ${outpath}$closedsummaryname
  616.  
  617. echo "  - "$outputclosedsummaryfile
  618. echo
  619.  
  620. #end
  621. }
  622.  
  623. function htmlreport () {
  624. # Experminetal and made just
  625. # creates a .html report from each .xml file in current directory - ignored the gnmap file input
  626. # uses https://github.com/honze-net/nmap-bootstrap-xsl
  627.  
  628. xmlfiles=$(ls | grep .xml)
  629.  
  630. while read line; do
  631.       # line is available for processing
  632.       cat $line    
  633. done < $xmlfiles
  634.  
  635.  
  636.  
  637. }
  638.  
  639. function report1() {
  640. # create a different type of report like  parsip - will produce same output as nmap-parse.py
  641.  
  642. echo -e "\e[1m\e[93m[>]\e[0m Generating Report1"
  643.  
  644. # start fresh
  645. rm "${outpath}$outputreport1file" "${outpath}"reportemp"" > /dev/null 2>&1
  646.  
  647. for host in $(cat $inputfilepath | grep "Host:" | grep "\/open\/" | awk '{ print $2}'| sort --unique); do # will go through each host
  648.     echo -n $host  "[" >> "${outpath}"reportemp""
  649.     for port in $(cat $inputfilepath | grep -w $host | grep -o -P '.{0,10}/open/' | awk '{ print $2}' | cut -d /  -f 1 | sort --unique); do # go through ports
  650.         echo -n $port", " >> "${outpath}"reportemp""
  651.     done # end ports loop
  652.     echo  "]" >> "${outpath}"reportemp""
  653. done # end hosts loop
  654. cat "${outpath}"reportemp"" | $sortip | grep -v "\[\]"  >  "${outpath}$outputreport1file"
  655.  
  656. echo "  - "$outputreport1file
  657. echo
  658.  
  659. #end
  660. }
  661.  
  662. function printresults() {
  663. # will print out the files generated at the end
  664.  
  665. # if yes will print the output - maybe flip this around so ENTER is for yes
  666. echo
  667. read -p "[-] Display Output? <ENTER = YES / Anything else = NO> : " prompt
  668. echo
  669. if [ -z "$prompt" ]
  670. then
  671.     if [ $men_all == "Y" ]
  672.     then
  673.         more "${outpath}"*.txt
  674.         more "${hostportspath}"/*_*.txt
  675.     else
  676.         if [ "$men_csv" == "Y" ]; then cat "${outpath}$outputcsvfile" 2> /dev/null; fi
  677.         if [ "$men_summary" == "Y" ]; then cat "${outpath}$outputsummaryfile" 2> /dev/null; fi
  678.         if [ "$men_ipport" == "Y" ]; then cat "${outpath}$outputipfile" 2> /dev/null; fi
  679.         if [ "$men_uports" == "Y" ]; then cat "${outpath}$outputuniquefile" 2> /dev/null; fi
  680.         if [ "$men_tcpports" == "Y" ]; then cat "${outpath}$outputtcpfile" 2> /dev/null; fi
  681.         if [ "$men_udpports" == "Y" ]; then cat "${outpath}$outputudpfile" 2> /dev/null; fi
  682.         if [ "$men_uphosts" == "Y" ]; then cat "${outpath}$outputupfile" 2> /dev/null; fi
  683.         if [ "$men_downhosts" == "Y" ]; then cat "${outpath}$outputdownfile"; fi
  684.         if [ "$men_smb" == "Y" ]; then cat "${outpath}$outputsmbfile" 2> /dev/null; fi
  685.         if [ "$men_web" == "Y" ]; then cat "${outpath}$outputwebfile" 2> /dev/null; fi
  686.         if [ "$men_ssl" == "Y" ]; then cat "${outpath}$outputsslfile" 2> /dev/null; fi
  687.         if [ "$men_closed" == "Y" ]; then cat "${outpath}$outputclosedsummaryfile" 2> /dev/null; fi
  688.         if [ "$men_report1" == "Y" ]; then cat "${outpath}$outputreport1file" 2> /dev/null; fi
  689.         if [ "$men_hostports" == "Y" ]; then more "${hostportspath}"/*_*.txt 2> /dev/null; fi
  690.     fi
  691. fi
  692. #end
  693. }
  694.  
  695.  
  696. ########################
  697. # MAIN
  698. ########################
  699.  
  700. #cleanup
  701. mastercleanup
  702.  
  703. # look trough and check inputfile and switches
  704. for word in $(echo $*); do
  705.     #echo $word
  706.     if [[ $word == *".gnmap"* ]]; then
  707.         #file+="$word "
  708.         cat "$(realpath $word)" | sort -V >> $inputtemp
  709.     fi
  710.     if [ $word == "--help" ]; then
  711.         helpmenu
  712.         switch+="$word"
  713.         exit
  714.     fi
  715.     if [ $word == "--csv" ]; then
  716.         men_csv="Y"
  717.         switch+="$word"
  718.     fi
  719.     if [ $word == "--summary" ]; then
  720.         men_summary="Y"
  721.         switch+="$word"
  722.     fi
  723.     if [ $word == "--unique" ]; then
  724.         men_uports="Y"
  725.         switch+="$word"
  726.     fi
  727.     if [ $word == "--up" ]; then
  728.         men_uphosts="Y"
  729.         switch+="$word"
  730.     fi
  731.     if [ $word == "--down" ]; then
  732.         men_downhosts="Y"
  733.         switch+="$word"
  734.     fi
  735.     if [ $word == "--ipport" ]; then
  736.         men_ipport="Y"
  737.         switch+="$word"
  738.     fi
  739.     if [ $word == "--smb" ]; then
  740.         men_smb="Y"
  741.         switch+="$word"
  742.     fi
  743.     if [ $word == "--web" ]; then
  744.         men_web="Y"
  745.         switch+="$word"
  746.     fi
  747.     if [ $word == "--ssl" ]; then
  748.         men_ssl="Y"
  749.         switch+="$word"
  750.     fi
  751.     if [ $word == "--tcp" ]; then
  752.         men_tcpports="Y"
  753.         switch+="$word"
  754.     fi
  755.     if [ $word == "--udp" ]; then
  756.         men_udpports="Y"
  757.         switch+="$word"
  758.     fi
  759.     if [ $word == "--hostports" ]; then
  760.         men_hostports="Y"
  761.         switch+="$word"
  762.     fi 
  763.     if [ $word == "--closed" ]; then
  764.         men_closed="Y"
  765.         switch+="$word"
  766.     fi     
  767.     if [ $word == "--report1" ]; then
  768.         men_report1="Y"
  769.         switch+="$word"
  770.     fi
  771.     if [ $word == "--html" ]; then
  772.         men_htmlreport="Y"
  773.         switch+="$word"
  774.     fi 
  775.     if [ $word == "--all" ]; then
  776.         #include
  777.         men_all="Y"
  778.         men_csv="Y"
  779.         men_summary="Y"
  780.         men_uports="Y"
  781.         men_tcpports="Y"
  782.         men_udpports="Y"
  783.         men_uphosts="Y"
  784.         men_downhosts="Y"
  785.         men_ipport="Y"
  786.         men_smb="Y"
  787.         men_ssl="Y"
  788.         men_web="Y"
  789.         men_hostports="Y"
  790.         men_closed="Y"
  791.        
  792.         #exclude
  793.         men_report1="N"
  794.         men_htmlreport="N"
  795.  
  796.         #Create $outdir to put all outout in - stop spam
  797.         createoutdir="Y"
  798.         switch+="$word"
  799.     fi 
  800. done
  801.  
  802.  
  803. # does some checks on the input file to make sure its .gnmap + inspects the file to see its finished and has the right output flags -oA or -oG 
  804. if [ -z "$(file "$(realpath $inputtemp)" | grep -o -e ASCII && head "$(realpath $inputtemp)" | grep -o -e "\-oA" -e "\-oG" && cat "$(realpath $inputtemp)")" ]; then
  805.     helpmenu
  806.     echo
  807.     echo -e "\e[1m\e[91m[X] No input files FOUND - \e[5m.gnmap \e[25mfilename required - Must be nmap grepable! [X]\e[0m"
  808.     echo
  809.     exit
  810. fi
  811.  
  812.  
  813.  
  814. # check valid switches
  815. if [ -z "$switch" ]
  816. then
  817.       helpmenu
  818.       echo
  819.      echo -e "\e[1m\e[91m[X] No Valid Switches FOUND - --csv, --all, etc.. [X]\e[0m"
  820.       echo
  821.       exit  
  822. fi
  823.  
  824. header
  825.                                      
  826. # if all is selected make the outdir folder - stop the spam
  827. if [ "$createoutdir" == "Y" ]
  828. then
  829.     export outpath="$(realpath $outdir)/"
  830.     mkdir $outdir > /dev/null 2>&1
  831.     #mv inputfile $outdir
  832.     mv temp.gnmap $outdir
  833.     export inputfilepath="$(realpath "$outdir/$inputtemp")"
  834. else
  835.     export outpath=$(pwd)"/"
  836.     export inputfilepath="$(realpath $inputtemp)"
  837. fi
  838.  
  839.  
  840. #1 -- make csv file
  841. if [ "$men_csv" == "Y" ]; then makecsv; fi
  842. #2 - summary (uses makecsv)
  843. if [ "$men_summary" == "Y" ]; then summary; fi
  844. # rest
  845. if [ "$men_ipport" == "Y" ]; then ipport; fi
  846. if [ "$men_uports" == "Y" ]; then uniqueports; fi
  847. if [ "$men_tcpports" == "Y" ]; then tcpports; fi
  848. if [ "$men_udpports" == "Y" ]; then udpports; fi
  849. if [ "$men_uphosts" == "Y" ]; then uphosts; fi
  850. if [ "$men_downhosts" == "Y" ]; then downhosts; fi
  851. if [ "$men_smb" == "Y" ]; then smb; fi
  852. if [ "$men_web" == "Y" ]; then web; fi
  853. if [ "$men_ssl" == "Y" ]; then ssl; fi
  854. if [ "$men_hostports" == "Y" ]; then hostports; fi
  855. if [ "$men_closed" == "Y" ]; then closedsummary; fi
  856. if [ "$men_report1" == "Y" ]; then report1; fi
  857. if [ "$men_htmlreport" == "Y" ]; then htmlreport; fi
  858.  
  859.  
  860.  
  861.  
  862. # print footer once completed
  863. footer
  864.  
  865. # if yet print the results
  866. printresults
  867.  
  868.  
  869. # remove comment to enable diagnostics function
  870. #diagnostics
  871.  
  872.  
  873. #cleanup
  874. mastercleanup
  875.  
  876. # exit
  877. exit 0
  878.  
  879.  
  880.  
  881. #----------------------------------------------------------------- END OF SCRIPT -----------------------------------------------------------------
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top