Friday, November 13, 2015

Open for business?




This is two scripts one to find and record machines on the system at the time and the second script is to find open ports on those systems below 1024.

alive.sh
[code]
#!/bin/bash
rm /tmp/goodips
is_alive_ping()
{
  ping -c 1 $1 > /dev/null
  [ $? -eq 0 ] && echo $i >> /tmp/goodips
}

for i in 192.168.1.{1..255}
do
is_alive_ping $i & disown
done
[/code]

/tmp/goodips

192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4

Now the second script.

scannet.sh
[code]
datafile="/tmp/goodips"
a=1
m="not done"
while read line
do fdata[$a]=$line
echo
echo $line
       let a=a+1
       for p in {1..1023};
       do
       (echo >/dev/tcp/$line/$p) >/dev/null 2>&1 && echo "$p open"
       done
done < $datafile
[/code]

results:
192.168.1.1
23 open
53 open
80 open

192.168.1.2
22 open
23 open
25 open
80 open
111 open
443 open
465 open
587 open

192.168.1.3
21 open
80 open
139 open
515 open

192.168.1.4
22 open
111 open

Vulnerabilities abound. Now would be a good time to install and run both chkrootkit and or rkhunter.

$ sudo apt-get install rkhunter chkrootkit

$ sudo  rkhunter --update
$ sudo  rkhunter -c

$ sudo chkrootkit

No comments:

Post a Comment