First shell script… COMPLETE.

Viewing 19 reply threads
  • Author
    Posts
    • #7940
      SephStorm
      Participant

      Well I just wrote my first shell script today and I wanted to share this experience with you all. Its an amazing feeling, jr. programming 101 or something to that effect. I figured i’d share this easy script with you guys, any comments, suggestions or improvements are appreciated and desired.

      I used this as my primary guide, I am still going through it, but that and some youtube videos so far gave me what I needed to build this script.

      #! /bin/bash
      # nmap ping scan
      # used to ping a subnet

      clear
      namp -sP 192.168.1.0/24 > /pentest/results/scans/pingscan.txt && echo scan complete.

      exit

      fairly simple, but useful I hope in future studies… >:)  One thing I wanted to do, not sure if it’s possible, but originally, I wanted “scanning…” or something to that effect to be displayed while the command was running, and then “scan complete” at the end. Can that be done without adding too much complexity?

      Also, many of the examples I saw used quotation marks around statements that were to be echoed. Based on what I found, quotes are used for variables or something to that effect, can someone explain them to me, and when they should/should not be used?

    • #50215
      ZeroOne
      Participant

      You might wanna change “namp” to “nmap”, also the gateway isn’t always 192.168.1.0, the script is good over all, but try replace 192.168.1.0 with localhost so you don’t have to change it every time when using different networks. Just like this:

      nmap -sP localhost/24 > /pentest/results/scans/pingscan.txt && echo scan complete.

      Thanks for sharing  🙂

    • #50216
      hayabusa
      Participant

      @ZeroOne wrote:

      You might wanna change “namp” to “nmap”, also the gateway isn’t always 192.168.1.0, the script is good over all, but try replace 192.168.1.0 with localhost so you don’t have to change it every time when using different networks. Just like this:

      nmap -sP localhost/24 > /pentest/results/scans/pingscan.txt && echo scan complete.

      Thanks for sharing  🙂

      localhost???  Network is 0, not gateway…  He’s scanning a network range.

    • #50217
      ZeroOne
      Participant

      Ops.. forget what I said apparently blanked out & got the whole thing wrong. I need some rest. Thanks hayabusa for embarrassing me. just joking  ;D

    • #50218
      hayabusa
      Participant

      No worries.  Wasn’t trying to embarrass anyone.  Just making sure we kept things straight.

      Cheers, ZeroOne!

    • #50219
      SephStorm
      Participant

      lol I was like “localhost… network ???!”

      but good catch on the namp…. luckily I rewrote that to post it, the orginal script spells it correctly.

    • #50220
      hayabusa
      Participant

      SephStorm – even before ‘prettying it up’ with your scanning message, might I suggest figuring out something you’ll find more useful –

      Work out how to pass in variables to your scripts, such that you can pass in a network address and subnet mask, from a command-line, so you could use it in other networks.  (This type of scripting will come in handy on pentests, when you can ‘modularize’ things and pass in variable data, for faster automation of scanning activity.)

    • #50221
      dynamik
      Participant

      I also like just including one/few-liners in my .bashrc as functions or aliases

    • #50222
      MaXe
      Participant

      Using arguments passed from command line is also relatively easy, you should play with this as well  ;D

      Example:
      echo Hi $1, you like $2 and you also like $3. The script name is $0.

      Usage:
      ./bashscript MaXe 0days knowledge

      Output:
      Hi MaXe, you like 0days and you also like knowledge. The script name is bashscript.

      You can also use more advanced things such as “getopts”. But that example I gave you, is very handy when you need a dynamic script quickly  🙂

    • #50223
      SephStorm
      Participant

      I dont think im at that level yet, i’ll get right on it. *hides*

    • #50224
      hayabusa
      Participant

      Nah.  I got confidence in you.  MaXe literally gave you all you need, in order to do it.  It really IS that easy!

    • #50225
      MaXe
      Participant

      I was surprised when I found out there was a way easier option than getopts  ;D Hence the reason I shared it hehe  🙂

    • #50226
      SephStorm
      Participant

      If i’m not mistaken, you are talking about variables here right?

      like this?

      http://tldp.org/LDP/abs/html/varsubn.html

    • #50227
      superkojiman
      Participant

      @SephStorm wrote:

      If i’m not mistaken, you are talking about variables here right?

      like this?

      http://tldp.org/LDP/abs/html/varsubn.html

      Yes. Arguments passed into the program are assigned to $1, $2, $3, $4, and so on, with $0 being the name of the program itself. It’s actually not that complicated, bash is a pretty easy thing to learn. If you check the manual for bash, you’ll see a lot of neat tricks and things you can incorporate into your script.

    • #50228
      SephStorm
      Participant

      I think I know what MaXe is saying here, instead of the arguments being defined explicitly in the script, I can specify them in my command string and have for instance:

      #! /bin/bash
      # nmap ping scan
      # used to ping a subnet

      clear
      nmap -sP $IP > /pentest/results/scans/$scanname.txt && echo scan complete.

      exit

      ./pingscan.sh 192.168.1.0/24 pingscan

      correct?

    • #50229
      MaXe
      Participant

      Exactly Seph, but you have to define $IP if you are going to use that. $1, $2, $3, $4, etc. are all predefined variables and is the same as sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4], etc. If I am not entirely mistaken.

      In PHP you would have to define $IP like:
      $IP = sys.argv[1]; // afaik, this may be wrong.
      system(‘clear’);
      $commandline = “nmap -sP $IP > /pentest/results/scans/$scanname.txt && echo scan complete.”
      system($commandline);

      Now I know this about shell scripting, but since I don’t know how to use getopts, even though it’s fairly simple as I read the “manual” not long ago, I thought that I would use PHP instead as an example as most programming languages translates universally somewhat.

    • #50230
      SephStorm
      Participant

      I read the relevant portion of the man page as suggested, and that helped me understand it. The PHP and sys.argv stuff is still out of reach for the moment.

      EDIT: ok, so i changed the script, and executed it, it worked!

    • #50231
      MaXe
      Participant

      Awesome, good to hear you read the manpage and understood everything  ;D It’s understandable you don’t want to dive into PHP or other scripting or programming languages at the moment, as it is easy to get lost if you dive into too many projects / languages at once.  🙂

    • #50232
      SephStorm
      Participant

      So at this point, i’m feeling pretty good about everything, i’ve written a total of 3 scripts, one for ping scanning, one for port scanning (though im sure this one will require some manual interaction), and one for banner grabbing using ncat. I cant wait to practice using ncat, I hope to practice some proxying and SSL tunneling maybe?

    • #50233
      hayabusa
      Participant

      Good work.  Now keep going.  There’s no end to what you can script up, during a pentest, and more often than not, you don’t have tons of time to do it, so practice, practice, practice, and get proficient at it.

      Try chaining tools and output together (calling one tool with output from another), reading from input / output files, etc.  Keep building on what you’ve accomplished, and you’ll grow by leaps and bounds.

      (And for your own benefit, learn to comment in your scripts, so you can reference them later, if you’ve forgotten something, or need a quick reminder.)

Viewing 19 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?