Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- brutus@blackt0p:~/.scripts$ cat nshtcp
- #!/bin/bash
- # nshtcp v 0.21
- #+ nmap single host tcp scan
- # assumptions:
- #+ stealth isn't required. This script uses -sT over -sS
- #+ you know the host is live (-Pn for speed)
- #+ you don't want to have to sudo to scan (no root needed)
- # what it does:
- #+ runs the the top hundred ports as fast as possible
- #+ feeds found open ports to a 'service scan'.
- #+ this should be enough information to start picking
- #+ runs a 'fast as possible' full tcp scan
- #+ tries to let you know how long it's going to take
- #+ if additional ports are found open, runs a service scan
- #+ otherwise ends.
- # why would i need this?
- #+ because when the enemy has tanks and heavy weaponry
- #+ and all you have is a sharpened stick
- #+ how fast you can run can make all the difference.
- # errorcodes
- noarg=1 # No arguement provided
- nores=11 # Name does not resolve
- nowrite=12 # No write access to dir
- nonmap=13 # Nmap not installed
- ## Prereq Tests ##
- if [ -z "$1" ]; then
- echo "[x] Usage : $(basename "$0") <target_name_or_ip>"
- exit $noarg
- fi
- if ! [ -w ./ ]; then
- echo "[x] Directory is not writable"
- exit $nowrite
- fi
- if ! [ -f "$(whereis -b nmap | cut -f 2 -d ' ')" ]; then
- echo "[x] Nmap is not installed"
- exit $nonmap
- fi
- ## as quick as possible scan ##
- echo "[*] Running 'as fast as possible' scan"
- echo
- nmap -sT -F -T5 $1 -oN quick -n -Pn --open &> /dev/null && \
- cat quick | grep PORT && cat quick | grep tcp
- ## set ports ##
- ports=$(cat quick | grep tcp | cut -d"/" -f1 | tr '\n' ',' | sed 's:.$::')
- ## quick identify scan (if needed) ##
- if [ -n "$ports" ]; then
- echo
- echo "[*] Ports set to $ports"
- echo "[*] Running 'quick identify' scan"
- echo
- nmap -sT -sV -T4 $1 -n -oN service -p $ports -Pn &> /dev/null && \
- cat service | grep PORT && cat service | grep tcp
- else
- echo "[x] No ports found!"
- rescheck=$(cat quick | grep resolve | sed 's:.$::')
- if [ -n "$rescheck" ]; then
- echo "[x] $rescheck"
- exit $nores
- fi
- fi
- ## full tcp scan - values speed over accuracy or stealth ##
- echo
- echo "[*] Running 'full tcp' scan"
- echo
- nmap -sT -T5 -p- $1 -oN full -n -Pn -v --open | grep remaining
- ## set fports ##
- fports=$(cat full | grep tcp | cut -d"/" -f1 | tr '\n' ',' | sed 's:.$::')
- ## Full Service Scan (if needed) ##
- if [ "$ports" = "$fports" ]; then
- echo
- echo "[x] Full scan found no new ports"
- else
- cat full | grep PORT && cat full | grep tcp
- echo
- echo "[*] Ports set to $fports"
- echo "[*] Service Scaning all ports"
- echo
- nmap -sT -sV -T3 $1 -n -oN fserv -p $fports -Pn -v | grep remaining
- cat fserv | grep PORT && cat fserv | grep tcp
- echo
- fi
- echo "[*] All Scans Completed"
- ## Cleanup time ##
- while true; do
- echo "[*] Would you like to clean up files?"
- read answ
- if [ "$answ" == "y" ] || [ "$answ" == "yes" ]; then
- rm -f ./quick ./full ./service ./fserv
- echo "[*] All files removed"
- elif [ "$answ" == "n" ] || [ "$answ" == "no" ]; then
- echo "[*] Scan files were left in the current directory"
- else
- echo "[x] Please answer yes or no"
- continue
- fi
- break
- done
- # Oxagast is a Based God
- exit $?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement