#!/bin/sh
#
# $Id: mnap,v 0.12 2010/02/13 07:51:23 stef Exp $
#
# Harness script for nmap that will scan a network one IP address at a
# time, thus saving output seperately for each IP address. The scan will
# be slower but you'll know which host was scanned at what time. I'll
# also produce a short overview log.
#
# Copyright 2009-2010, Stefan Pettersson, http://www.bigpointyteeth.se/
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#

PATH="/bin:/usr/bin:/usr/local/bin"
me=$(basename $0)
opts="-n -d -PN -p 21,22,23,25,80,81,135-139,443,445,1080,1433,1521,1723,3306,3389"

usage() {
    echo "Usage: (1) $me <target spec> \"[nmap options]\""
    echo "       (2) $me <target file> \"[nmap options]\""
    echo ""
    echo "Default options:"
    echo "  $opts"
    echo ""
    echo "Example usage:"
    echo "  $me 10.0.0.192-224 \"-d -n -p 1-65535 -PN\""
    echo "  $me 10.0.0.0/24"
    echo "  $me allhosts.txt \"--top-ports 500\""
    echo "  nohup $me 10.0.0-1.1-255 \"-p-\" &"
}

error() { echo "$me: $1" 1>&2; }
log() { echo $1 >> $logfile; }

datestamp() { date +"%y%m%d"; }
timestamp() { date +"%H:%M:%S"; }
datetimestamp() { date +"%Y-%m-%d %H:%M:%S"; }

newname() {
    local name suffix
    name=$1
    if test -e $name; then
        suffix=1
        while test -e $name.$suffix; do
            suffix=$(($suffix+1))
        done
        echo $name.$suffix
    else
        echo $name
    fi

}

if test $# -lt 1; then
    error "bad number of arguments"
    usage
    exit 1
fi

# check if we have any user-specific options
if test -z "$2"; then
    # no, use default
    myopts=$opts
else
    myopts="$2"
fi

# here's where we gonna save our results
logfile=../$(newname mnap-$(datestamp).log)
logdir=$(newname mnap-$(datestamp))
mkdir $logdir && cd $logdir

trap "log '$(datetimestamp) Scan aborted by user.'; error 'user abort'; exit 1" 1 2 3 15

# check if we are given a file or a nmap target spec
if test -f $1; then
    ips=$(cat $1)
else
    ips=$(nmap -n -sL $1 | grep "scan report" | awk '{print $5}')
    if test ! $? -eq 0; then
        error "failed to generate '$1'"
        exit 1
    fi
fi

# start the scanning
log "Starting scan for at $(datetimestamp)."
log "Command line: $me $*"

for ip in $ips; do
    # log beginning and end of scan
    log "-n $(timestamp)"
    nmap $myopts -oA $ip $ip
    log "-$(timestamp) Found $(grep -c open $ip.nmap) open ports on $ip in $(grep seconds $ip.nmap | egrep -o '[0-9]+\.[0-9]+') seconds."
done

log "Scan finished at $(datetimestamp)."

exit 0
# eof