#!/bin/sh # # $Id: mnap,v 0.12 2010/02/13 07:51:23 stef Exp $ # # Harness script for nmap that will scan a network one IP address at a # time, thus saving output seperately for each IP address. The scan will # be slower but you'll know which host was scanned at what time. I'll # also produce a short overview log. # # Copyright 2009-2010, Stefan Pettersson, http://www.bigpointyteeth.se/ # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # PATH="/bin:/usr/bin:/usr/local/bin" me=$(basename $0) opts="-n -d -PN -p 21,22,23,25,80,81,135-139,443,445,1080,1433,1521,1723,3306,3389" usage() { echo "Usage: (1) $me \"[nmap options]\"" echo " (2) $me \"[nmap options]\"" echo "" echo "Default options:" echo " $opts" echo "" echo "Example usage:" echo " $me 10.0.0.192-224 \"-d -n -p 1-65535 -PN\"" echo " $me 10.0.0.0/24" echo " $me allhosts.txt \"--top-ports 500\"" echo " nohup $me 10.0.0-1.1-255 \"-p-\" &" } error() { echo "$me: $1" 1>&2; } log() { echo $1 >> $logfile; } datestamp() { date +"%y%m%d"; } timestamp() { date +"%H:%M:%S"; } datetimestamp() { date +"%Y-%m-%d %H:%M:%S"; } newname() { local name suffix name=$1 if test -e $name; then suffix=1 while test -e $name.$suffix; do suffix=$(($suffix+1)) done echo $name.$suffix else echo $name fi } if test $# -lt 1; then error "bad number of arguments" usage exit 1 fi # check if we have any user-specific options if test -z "$2"; then # no, use default myopts=$opts else myopts="$2" fi # here's where we gonna save our results logfile=../$(newname mnap-$(datestamp).log) logdir=$(newname mnap-$(datestamp)) mkdir $logdir && cd $logdir trap "log '$(datetimestamp) Scan aborted by user.'; error 'user abort'; exit 1" 1 2 3 15 # check if we are given a file or a nmap target spec if test -f $1; then ips=$(cat $1) else ips=$(nmap -n -sL $1 | grep "scan report" | awk '{print $5}') if test ! $? -eq 0; then error "failed to generate '$1'" exit 1 fi fi # start the scanning log "Starting scan for at $(datetimestamp)." log "Command line: $me $*" for ip in $ips; do # log beginning and end of scan log "-n $(timestamp)" nmap $myopts -oA $ip $ip log "-$(timestamp) Found $(grep -c open $ip.nmap) open ports on $ip in $(grep seconds $ip.nmap | egrep -o '[0-9]+\.[0-9]+') seconds." done log "Scan finished at $(datetimestamp)." exit 0 # eof