Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Apr 2002
Posts: 135
?
Offline
UGN Member
?
UGN Member
Joined: Apr 2002
Posts: 135
nmap has this cool random search option that lets you scan random IP numbers. It can come if very handy if you are looking for a certain service or someplace to try out a new exploit.

nmap -sS -iR 0 -p 21

this will randomly search for FTP servers. Now, you are going to get a lot of servers that have the port closed or filtered and it's a pain in the [censored] going through the output looking for an open server. If you add the -oG option you can save the output to a grepable file but you still get all the closed hosts . This is where GLIPER comes in. you feed it a nmap logfile and it spits out a file of only the IP addresses which have the port open, which then can be used for further testing with tools like nessus etc. when you issue the nmap command jus specify a logfile and run it through GLIPER and you save yourself a whole lotta time.

nmap -sS -iR 0 -p 21 -oG logfile

I realize this will make a lot of script kiddies happy but hey, I needed somethin like this for myself and why not share it with the rest of the world. Here's the source, it's in Perl. Do what you want with it..


------------------cut ----------------------

#!/usr/bin/perl -w
#hope you like all the comments
#even your grand mother could make sense of this code


print "*************************************************\n";
print "\t\tGliper (v 0.1)\n";
print "Extracts IP addresses from Nmap grepable logfiles\n";
print "Issue nmap command with '-oG' option\n";
print "by: Damien (damienak1\@hotmail.com)\n";
print "*************************************************\n\n";


#open nmap logfile
print "Enter name of logfile: ";
chomp($logfile = <STDIN>);
open(LOG, $logfile) &#0124;&#0124; die;

#open a file for output
print "Enter name of output file: ";
chomp($output = <STDIN>);
open(OUTPUT, ">$output");

#array of lines from logfile
@lines = <LOG>;

#go through array looking for strings matching the regular expressions
foreach(@lines){
if (/Host: / && /open/){ #only lines starting with Host: that have an open port
s/Host:(\s)//; #delete the Host: string
s/(\s).{1,100}//; #delete anythin after white-space
print OUTPUT; #print IP address to the output file
}
}

#close both file-handles
close(OUTPUT);
close(LOG);


-----------------------------cut--------------------------------

p.s. I wasn't sure where to post this. we don't have a perl forum, perl and nmap are available on linux and windows, and the other programming section is about website programming, and this isn't. so if it's in the wrong forum somebody can move it.


I KNOW EVERYTHING. ASK ME.
Sponsored Links
▼ Sponsored Links ▼ ▲ Sponsored Links ▲
Joined: Mar 2002
Posts: 1,041
I
UGN Elite Poster
UGN Elite Poster
I Offline
Joined: Mar 2002
Posts: 1,041
Technically Perl is lumped in with the webdesign forum (see description). I don't really like that just cause I use Perl and it has nothing to do with webdesign wink

Nice little util though dak. But why not just 'cat logfile | grep open' ?

Infinite

Joined: Apr 2002
Posts: 135
?
Offline
UGN Member
?
UGN Member
Joined: Apr 2002
Posts: 135
well, let say you want to to get a list of ftp servers and them run them through nessus. nessus (or any other program) doesn't understand all the other [censored] thats on the line. or if some evil hacker wanted to launch a worm, he could have this as part of his payload to make the hacked servers scan for more servers with the same service running an then try to exploit each one in the list,. there a bunch of application for this, none of them good. at least none that i can figure out. but hey, i wrote this while i was learning perl an it turned out kinda cool, so thats reason enough.


I KNOW EVERYTHING. ASK ME.
Joined: Jun 2002
Posts: 207
Member
Member
Joined: Jun 2002
Posts: 207
wouldn't this work? then just open up the "newlogfile" in nessus.
cat logfile | grep open > newlogfile
anyway, i realize you probably wrote this partly b/c you wanted to try out some perl scripting stuff, which is cool, so even if there is a simpler way, at least you learned something and made something you're proud of.
//


Unbodied unsouled unheard unseen
Let the gift be grown in the time to call our own
Truth is natural like a wind that blows
Follow the direction no matter where it goes
Let the truth blow like a hurricane through me
Joined: Dec 2003
Posts: 18
Junior Member
Junior Member
Joined: Dec 2003
Posts: 18
if you found that tool usefull then go to happy hacker.org

Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
It's the Web Design & Protocols forum... Mainly because they were the only two close enough to combine...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Jun 2002
Posts: 207
Member
Member
Joined: Jun 2002
Posts: 207
oh wow, i was just going over some older posts, and i realized how wrong i was, lol. sorry, i completely missed your point. but i did find out, the correct string of commands would be:

cat nmaplog.log | grep "open" | cut -d " " -f 2 > newlogfile

not that it matters much, but i just wanted to correct myself.//


Unbodied unsouled unheard unseen
Let the gift be grown in the time to call our own
Truth is natural like a wind that blows
Follow the direction no matter where it goes
Let the truth blow like a hurricane through me

Link Copied to Clipboard
Member Spotlight
None yet
Forum Statistics
Forums41
Topics33,840
Posts68,858
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Dartur 1
Cyrez 1
Girlie 1
unreal 1
Powered by UBB.threads™ PHP Forum Software 8.0.0