nightly-portscanner

1. #!/bin/bash
2. #==================================================
3. #
4. # This program is free software; you can redistribute it and/or modify
5. # it under the terms of the GNU General Public License as published by
6. # the Free Software Foundation; either version 3 of the License.
7. #
8. # This program is distributed in the hope that it will be useful,
9. # but WITHOUT ANY WARRANTY; without even the implied warranty of
10. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11. # GNU Library General Public License for more details.
12. #
13. # You should have received a copy of the GNU General Public License
14. # along with this program; if not, write to the Free Software
15. # Foundation, Inc., 51 Franklin Street, Fifth Floor Boston, MA 02110-1301, USA
16. #
17. # http://www.gnu.org/licenses/gpl.txt
18. #
19. #==================================================
20. # MegaSuperCool MultiParallel Portscanner
21. # Flip Hess Augustus 2012
22. # [email protected]
23. #
24. # Do me a favor and do not use this script for abuse!
25.  
26. # Global variables:
27. PATH='/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
28. SCRIPT_PATH="${0}"
29. ARGS="${#}"
30.  
31. # nmap location and options
32. NMAP="/usr/bin/nmap -r -p 1-65535"
33. RCPTS="[email protected]"
34.  
35. # directories
36. BASEDIR="/root/portscanner"
37. DATADIR="${BASEDIR}/data"
38. TMPDIR="${BASEDIR}/tmp"
39. DIFFDIR="${BASEDIR}/diffs"
40.  
41. # max nmap processes at the same time
42. MAXVALUE="10"
43. WAIT="1"
44.  
45. # ip adressen
46. IPFILE="${BASEDIR}/ip-addressen"
47.  
48. # redirect output
49. exec 2>&1
50.  
51. # Functions:
52.  
53.   # exit function
54.   function die()
55.   {
56.     echo -e "Error in ${SCRIPT_PATH}:\n${1}"
57.     exit 1
58.   }
59.  
60.   # Shows usage function.
61.   function fShowUsage()
62.   {
63.     echo -e "Usage: ${SCRIPT_PATH}
64.    Flipjes MegaSuperCool MultiParallel Portscanner\n
65.    To scan a range of ports using this script, create a file called ip-addressen with a list of all your ip's in ${BASEDIR}
66.    And rerun this script.\n
67.    Please use this script ethical!\n
68.    ---> Don't add ranges or ip addresses that are not managed by you! <---\n
69.    Flip Hess Augustus 2012"
70.     exit 0
71.   }
72.  
73.   # nice output
74.   function fBox() { T="$1xxxx";C=${2:-#}; echo ${T//?/$C}; echo "${C} ${1} ${C}"; echo ${T//?/$C}; }
75.  
76.   # check for.......
77.   function fCheck()
78.   {
79.     # script depends on:
80.      [ -x /usr/bin/nmap ] || die "This script depends on nmap"
81.      [ -x /usr/bin/diff ] || die "This script depends on diff"
82.  
83.     # user must be root:
84.      [ "$( whoami )" = root ] || die "User must be root!"
85.  
86.     # check ip file
87.      [ -f "${IPFILE}" ]  || fShowUsage
88.  
89.     # check for arguments:
90.      [ "${ARGS}" = 0 ]   || fShowUsage
91.  
92.     # check basedir
93.      [ -d "${BASEDIR}" ] || die "${BASEDIR} not found!"
94.  
95.     # check for dirs or create
96.      [ -d "${DATADIR}" ] || { echo "${DATADIR} not found, creating..." && { mkdir -p "${DATADIR}" || die "Failed to create ${DATADIR}";};}
97.      [ -d "${TMPDIR}" ]  || { echo "${TMPDIR} not found, creating..."  && { mkdir -p "${TMPDIR}"  || die "Failed to create ${TMPDIR}";};}
98.      [ -d "${DIFFDIR}" ] || { echo "${DIFFDIR} not found, creating..." && { mkdir -p "${DIFFDIR}" || die "Failed to create ${DIFFDIR}";};}
99.  
100.     # Remove old stuff if it exists
101.      find "${DIFFDIR}" -type f -delete  || die "Failed to empty ${DIFFDIR} directory"
102.      find "${TMPDIR}" -type f -delete   || die "Failed to empty ${TMPDIR} directory"
103.  
104.     # done
105.      return 0
106.   }
107.  
108.   # function fProcs()
109.   function fProcs()
110.   {
111.     TOTAL="$( ps -ef |grep nmap | grep -v grep | wc -l )"
112.  
113.     if [ "${TOTAL}" -lt "${MAXVALUE}" ] ; then
114.        return 0
115.     else
116.        return 1
117.    fi
118.  
119.   }
120.  
121.  # function portscan
122.   function fPortscan()
123.   {
124.     for IP in $( cat "${IPFILE}" | grep -vE '(^$|^#|^[a-z])' )
125.     do
126.       fScanThem "${IP}"
127.     done
128.   }
129.  
130.   # function fScanThem
131.    function fScanThem()
132.    {
133.     local IP="${1}"
134.  
135.     # check args
136.     [ "${#}" = 1 ] || return 1
137.  
138.     # check procs
139.      fProcs
140.  
141.     # if ok
142.      if [ "${?}" = 0 ] ; then
143.        fScan "${IP}" &
144.      else
145.        sleep "${WAIT}"
146.        fProcs && fScanThem "${IP}"
147.      fi
148.  
149.     return 0
150.  
151.    }
152.  
153.   # function scan
154.   function fScan()
155.   {
156.     # set vars
157.      local IP="${1}"
158.      local TMPFILE="${TMPDIR}/${IP}"
159.      local DATAFILE="$DATADIR/${IP}"
160.      local DIFF="$TMPFILE.diff"
161.  
162.     # scan ip
163.     { ${NMAP} ${IP} > ${TMPFILE}; }
164.  
165.     # filter content
166.     if [ -f "${TMPFILE}" ]
167.     then
168.       # remove troep
169.        grep -Ev '(^$|Starting Nmap|Nmap done|ports.scanned.*closed|Interesting.ports|filtered|Starting.Nmap|run.completed|finished)' "${TMPFILE}" > "${TMPFILE}.${$}" && \
170.        mv "${TMPFILE}.${$}" "${TMPFILE}"
171.  
172.       # touch data file to create if not existent
173.        touch "${DATAFILE}"
174.  
175.       # Check if there are any differences
176.        if [ -e "${TMPFILE}" ]
177.        then
178.          # diff file
179.           diff -w -B -b  "${DATAFILE}" "${TMPFILE}" | grep -vE '^[0-9]+[a-z,][0-9,a-z]+' > "${DIFF}"
180.           local SIZE="$( ls -l "$DIFF" | awk '{print $5}' )"
181.           if [ "${SIZE}" -gt 0 ] ; then
182.             fBox "Open port differences for ${IP}" >> "${DIFFDIR}/${IP}"
183.             echo -e "\n" >> "${DIFFDIR}/${IP}"
184.             cat "$DIFF" >> "${DIFFDIR}/${IP}"
185.             echo -e "\n" >> "${DIFFDIR}/${IP}"
186.             mv "$TMPFILE" "$DATAFILE"
187.             rm -f "$DIFF" "$TMPFILE"
188.           fi
189.          # remove tempfile
190.           rm -f "$DIFF" "$TMPFILE"
191.        fi
192.     fi
193.  }
194.  
195.  # function notify
196.  function fNotify()
197.  {
198.    # wait till child procs are done
199.    while [ "$( ps -ef |grep nmap | grep -v grep | wc -l )" != 0 ];
200.    do
201.      sleep "${WAIT}"
202.    done
203.  
204.    # notify
205.     if ( find "${DIFFDIR}" -type f |grep -q "" )
206.     then
207.       # create mail to tech
208.        echo -e "
209. From: Port Scanner <[email protected]>
210. Subject: Portscanner\n
211. Hi,\nPorts on one or more boxen appear to have closed or opened up. Please
212. check the differences from the result of the portscan as shown below:\n\n" > "${TMPDIR}/mail"
213.  
214.       # fill with results
215.        for FILE in $( find "${DIFFDIR}" -type f  )
216.        do
217.          if ( cat ${FILE} | grep -vE '^$|All [0-9]+ scanned ports|^#|Host seems down' | grep -q "" ); then
218.               cat ${FILE} >> "${TMPDIR}/mail" || die "failed to create diffs mail!"
219.          fi
220.        done
221.  
222.       # send mail
223.        mail -s "PortScanner from $(hostname) $(date)" ${RCPTS} < "${TMPDIR}/mail" || die "Failed to send mail to root"
224.       # remove stalefile
225.        rm -f "${TMPDIR}/mail"
226.     fi
227.     return 0
228.   }
229.  
230.  # Start the program:
231.   fCheck && fPortscan && fNotify
232.  
233.  # Exit with previous return code:
234.   exit "${?}"