|
| Joined: Apr 2002 Posts: 135 UGN Member | UGN Member Joined: Apr 2002 Posts: 135 | nmap has this cool random search option that lets you scan random IP numbers. It can come if very handy if you are looking for a certain service or someplace to try out a new exploit.
nmap -sS -iR 0 -p 21
this will randomly search for FTP servers. Now, you are going to get a lot of servers that have the port closed or filtered and it's a pain in the [censored] going through the output looking for an open server. If you add the -oG option you can save the output to a grepable file but you still get all the closed hosts . This is where GLIPER comes in. you feed it a nmap logfile and it spits out a file of only the IP addresses which have the port open, which then can be used for further testing with tools like nessus etc. when you issue the nmap command jus specify a logfile and run it through GLIPER and you save yourself a whole lotta time.
nmap -sS -iR 0 -p 21 -oG logfile
I realize this will make a lot of script kiddies happy but hey, I needed somethin like this for myself and why not share it with the rest of the world. Here's the source, it's in Perl. Do what you want with it..
------------------cut ----------------------
#!/usr/bin/perl -w #hope you like all the comments #even your grand mother could make sense of this code
print "*************************************************\n"; print "\t\tGliper (v 0.1)\n"; print "Extracts IP addresses from Nmap grepable logfiles\n"; print "Issue nmap command with '-oG' option\n"; print "by: Damien (damienak1\@hotmail.com)\n"; print "*************************************************\n\n";
#open nmap logfile print "Enter name of logfile: "; chomp($logfile = <STDIN>); open(LOG, $logfile) || die;
#open a file for output print "Enter name of output file: "; chomp($output = <STDIN>); open(OUTPUT, ">$output");
#array of lines from logfile @lines = <LOG>;
#go through array looking for strings matching the regular expressions foreach(@lines){ if (/Host: / && /open/){ #only lines starting with Host: that have an open port s/Host:(\s)//; #delete the Host: string s/(\s).{1,100}//; #delete anythin after white-space print OUTPUT; #print IP address to the output file } }
#close both file-handles close(OUTPUT); close(LOG);
-----------------------------cut--------------------------------
p.s. I wasn't sure where to post this. we don't have a perl forum, perl and nmap are available on linux and windows, and the other programming section is about website programming, and this isn't. so if it's in the wrong forum somebody can move it.
I KNOW EVERYTHING. ASK ME.
| | |
▼ Sponsored Links ▼
▲ Sponsored Links ▲
| | | Joined: Mar 2002 Posts: 1,041 UGN Elite Poster | UGN Elite Poster Joined: Mar 2002 Posts: 1,041 | Technically Perl is lumped in with the webdesign forum (see description). I don't really like that just cause I use Perl and it has nothing to do with webdesign Nice little util though dak. But why not just 'cat logfile | grep open' ? Infinite | | | | Joined: Apr 2002 Posts: 135 UGN Member | UGN Member Joined: Apr 2002 Posts: 135 | well, let say you want to to get a list of ftp servers and them run them through nessus. nessus (or any other program) doesn't understand all the other [censored] thats on the line. or if some evil hacker wanted to launch a worm, he could have this as part of his payload to make the hacked servers scan for more servers with the same service running an then try to exploit each one in the list,. there a bunch of application for this, none of them good. at least none that i can figure out. but hey, i wrote this while i was learning perl an it turned out kinda cool, so thats reason enough.
I KNOW EVERYTHING. ASK ME.
| | | | Joined: Jun 2002 Posts: 207 Member | Member Joined: Jun 2002 Posts: 207 | wouldn't this work? then just open up the "newlogfile" in nessus. cat logfile | grep open > newlogfile anyway, i realize you probably wrote this partly b/c you wanted to try out some perl scripting stuff, which is cool, so even if there is a simpler way, at least you learned something and made something you're proud of. //
Unbodied unsouled unheard unseen Let the gift be grown in the time to call our own Truth is natural like a wind that blows Follow the direction no matter where it goes Let the truth blow like a hurricane through me
| | | | Joined: Dec 2003 Posts: 18 Junior Member | Junior Member Joined: Dec 2003 Posts: 18 | if you found that tool usefull then go to happy hacker.org | | | | Joined: Feb 2002 Posts: 7,203 Likes: 11 Community Owner | Community Owner Joined: Feb 2002 Posts: 7,203 Likes: 11 | It's the Web Design & Protocols forum... Mainly because they were the only two close enough to combine... | | | | Joined: Jun 2002 Posts: 207 Member | Member Joined: Jun 2002 Posts: 207 | oh wow, i was just going over some older posts, and i realized how wrong i was, lol. sorry, i completely missed your point. but i did find out, the correct string of commands would be:
cat nmaplog.log | grep "open" | cut -d " " -f 2 > newlogfile
not that it matters much, but i just wanted to correct myself.//
Unbodied unsouled unheard unseen Let the gift be grown in the time to call our own Truth is natural like a wind that blows Follow the direction no matter where it goes Let the truth blow like a hurricane through me
| | |
Forums41 Topics33,840 Posts68,858 Members2,176 | Most Online3,253 Jan 13th, 2020 | | | |
|