-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathscan.sh
380 lines (378 loc) · 14.6 KB
/
scan.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
#!/usr/bin/bash
#-*- encoding: utf-8 -*-
#------------COLOR ANT FONT AREA-------------@
lg1='\e[92m'
lg2='\e[102m'
lr1='\e[91m'
lr2='\e[101m'
lbl2='\e[104m'
def2='\e[49m'
black1='\e[30m'
lc1='\e[96m'
ly1='\e[93m'
ly2='\e[103m'
lm1='\e[95m'
w1='\e[0m'
defbl='\e[49m'
pur1 = '\e[0;35m'
#------------GRAPHICS AREA-------------@
#------------QUIT PROGRAM FUNCTION-------------@
quit()
{
echo -en $lg1"\a\n\n["$lr1"+"$lg1"]"$w1" QUIT [y/N]?: "
read quitz
case $quitz in
Y) echo -en $lg1"\a\n["$lr1"+"$lg1"]"$w1" GOODBYE..\n" ;;
y) echo -en $lg1"\a\n["$lr1"+"$lg1"]"$w1" GOODBYE..\n" ;;
N) clear
opening ;;
n) clear
opening ;;
esac
}
#------------Dependency check-------------@
command -v nmap > /dev/null 2>&1 || { echo >&2 'This program needs nmap. Please install it to use this tool.' ; exit 1; }
#------------OPENING SCREEN-------------@
opening()
{
clear
echo -en $lr1"\a\n"
echo -en " ▐ ▄ ▄▄▄ . ▄▄▄▄▄. ▄▄ · ▄▄· ▄▄▄· ▐ ▄ \n"
echo -en " •█▌▐█ ▀▄.▀· •██ ▐█ ▀. ▐█ ▌▪ ▐█ ▀█ •█▌▐█ \n"
echo -en " ▐█▐▐▌ ▐▀▀▪▄ ▐█.▪▄▀▀▀█▄ ██ ▄▄ ▄█▀▀█ ▐█▐▐▌\n"
echo -en " ██▐█▌ ▐█▄▄▌ ▐█▌·▐█▄▪▐█ ▐███▌ ▐█ ▪▐▌ ██▐█▌\n"
echo -en " ▀▀ █▪ ▀▀▀ ▀▀▀ ▀▀▀▀ · ▀▀▀ ▀ ▀ ▀▀ █▪ \n"
echo -en $black12$lr1"\nBy Yuma-Tsushima" $def2
echo -en $def2"\n"
echo -en $lg1"\n["$lr1"1"$lg1"]"$w1" SCRIPT ATTACK"
echo -en $lg1"\n["$lr1"2"$lg1"]"$w1" ALIVE HOST SCAN"
echo -en $lg1"\n\n["$lr1"+"$lg1"]"$w1" CHOOSE: "
read sell
case $sell in
1) scriptz ;;
2) echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ENTER BROADCAST: "
read broad
nmap -Pn -sV $broad
quit ;;
esac
}
scriptz()
{
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ENTER YOUR TARGET: "
read target
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" TARGET => "$lc1$target
echo " "
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" SCRIPTS MENU\n\n"
echo -en $lg1"["$lr1"1"$lg1"]"$w1" PORT ATTACKS\n"
echo -en $lg1"["$lr1"2"$lg1"]"$w1" ROUTER ATTACKS\n"
echo -en $lg1"["$lr1"3"$lg1"]"$w1" SQL DATA ATTACK\n"
echo -en $lg1"["$lr1"4"$lg1"]"$w1" IOS HACKING\n"
echo -en $lg1"["$lr1"5"$lg1"]"$w1" BRUTE FORCE\n"
echo -en $lg1"["$lr1"x"$lg1"]"$w1" QUIT...\n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" CHOOSE:"
read scans
}
opening
#------------PORT ATTACK OPTION-------------@
ports()
{
clear
echo -en $lr1"\a\n"
echo -en " ▄▄▄· ▄▄▄ ▄▄▄▄▄. ▄▄ · \n"
echo -en " ▐█ ▄█▪ ▀▄ █· •██ ▐█ ▀. \n"
echo -en " ██▀· ▄█▀▄ ▐▀▀▄ ▐█.▪▄▀▀▀█▄ \n"
echo -en " ▐█▪·▐█▌.▐▌▐█•█▌ ▐█▌·▐█▄▪▐█ \n"
echo -en " .▀ ▀█▄▀▪.▀ ▀ ▀▀▀ ▀▀▀▀ \n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" TARGET => "$lc1$target
echo -en $lg1"\n\n["$lr1"1"$lg1"]"$w1" FTP HACKING\n"
echo -en $lg1"["$lr1"2"$lg1"]"$w1" SSH HACKING\n"
echo -en $lg1"["$lr1"3"$lg1"]"$w1" TELNET HACKING\n"
echo -en $lg1"["$lr1"4"$lg1"]"$w1" SMTP HACKING\n"
echo -en $lg1"["$lr1"5"$lg1"]"$w1" HTTP HACKING\n"
echo -en $lg1"["$lr1"6"$lg1"]"$w1" HTTPS HACKING\n"
echo -en $lg1"["$lr1"7"$lg1"]"$w1" SAMBA HACKING\n"
echo -en $lg1"["$lr1"8"$lg1"]"$w1" RTSP HACKING\n"
echo -en $lg1"["$lr1"9"$lg1"]"$w1" SNMP HACKING\n"
echo -en $lg1"["$lr1"x"$lg1"]"$w1" GO BACK >>\n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" CHOOSE: "
read portz
}
#------------ROUTER ATTACK OPTION-------------@
routers()
{
clear
echo -en $lr1"\a\n"
echo -en " ▄▄▄ ▄• ▄▌ ▄▄▄▄▄ ▄▄▄ .▄▄▄ .▄▄ · \n"
echo -en " ▀▄ █·▪ █▪ ██▌•██ ▀▄.▀·▀▄ █·▐█ ▀. \n"
echo -en " ▐▀▀▄ ▄█▀▄ █▌ ▐█▌ ▐█.▪▐▀▀▪▄ ▐▀▀▄ ▄▀▀▀█▄ \n"
echo -en " ▐█•█▌▐█▌.▐▌▐█▄█▌ ▐█▌·▐█▄▄▌ ▐█•█▌▐█▄▪▐█ \n"
echo -en " ▀ ▀ ▀█▄▀▪ ▀▀▀ ▀▀▀ ▀▀▀ . ▀ ▀ ▀▀▀▀ \n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" TARGET => "$lc1$target
echo -en $lg1"\n\n["$lr1"1"$lg1"]"$w1" CISCO\n"
echo -en $lg1"["$lr1"2"$lg1"]"$w1" DLINK\n"
echo -en $lg1"["$lr1"3"$lg1"]"$w1" TPLINK\n"
echo -en $lg1"["$lr1"x"$lg1"]"$w1" GO BACK >>\n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" CHOOSE: "
read routerz
}
#------------SQL DATA ATTACK OPTION-------------@
sql()
{
clear
echo -en $lc1"\a\n"
echo -en ".▄▄ · .▄▄▄ ▄▄▌ \n"
echo -en "▐█ ▀. ▐▀•▀█ ██• \n"
echo -en " ▄▀▀▀█▄ █▌·.█▌ ██▪ \n"
echo -en " ▐█▄▪▐█ ▐█▪▄█· ▐█▌▐▌ \n"
echo -en " ▀▀▀▀ · ▀▀█. . ▀▀▀ \n"
echo -en $lg1"\n"
echo -en " ·▄▄▄▄ ▄▄▄· ▄▄▄▄▄ ▄▄▄· \n"
echo -en " ██▪ ██ ▐█ ▀█ •██ ▐█ ▀█ \n"
echo -en " ▐█· ▐█▌▄█▀▀█ ▐█.▪▄█▀▀█ \n"
echo -en " ██. ██ ▐█ ▪▐▌ ▐█▌·▐█ ▪▐▌ \n"
echo -en " ▀▀▀▀▀• ▀ ▀ ▀▀▀ ▀ ▀ \n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" TARGET => "$lc1$target
echo -en $lg1"\n\n["$lr1"1"$lg1"]"$w1" AVAILABLE SCRIPTS\n"
echo -en $lg1"["$lr1"x"$lg1"]"$w1" GO BACK >>\n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" CHOOSE: "
read sql_select
}
ios_hack()
{
clear
echo -en $lg1"\a\n"
echo -en "▄▄▄▄▄ .▄▄ · \n"
echo -en "•██ ▪ ▐█ ▀. \n"
echo -en " ▐█.▪ ▄█▀▄ ▄▀▀▀█▄ \n"
echo -en " ▐█▌· ▐█▌.▐▌▐█▄▪▐█ \n"
echo -en "▀▀▀▀▀▀ ▀█▄▀▪ ▀▀▀▀ \n"
echo -en $ly1"\n"
echo -en " ▄ .▄ ▄▄▄· ▄▄· ▄ •▄ \n"
echo -en " ██▪▐█ ▐█ ▀█ ▐█ ▌▪█▌▄▌▪ \n"
echo -en " ██▀▐█ ▄█▀▀█ ██ ▄▄▐▀▀▄· \n"
echo -en " ██▌▐▀ ▐█ ▪▐▌▐███▌▐█.█▌ \n"
echo -en " ▀▀▀ · ▀ ▀ ·▀▀▀ ·▀ ▀ \n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" TARGET => "$lc1$target
echo -en $lg1"\n\n["$lr1"1"$lg1"]"$w1" AVAILABLE SCRIPTS\n"
echo -en $lg1"["$lr1"x"$lg1"]"$w1" GO BACK >>\n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" CHOOSE: "
read ios
}
brute_force()
{
clear
echo -en $lm1"\a\n"
echo -en " ▄▄▄▄· ▄▄▄ ▄• ▄▌ ▄▄▄▄ ▄▄▄▄ .\n"
echo -en " ▐█ ▀█▪▀▄ █·█▪ ██▌• ██ ▀▄.▀· \n"
echo -en " ▐█▀▀█▄▐▀▀▄ █▌ ▐█▌ ▐█.▪▐▀▀▪▄ \n"
echo -en " ██▄▪▐█▐█•█▌▐█▄█▌ ▐█▌·▐█▄▄▌ \n"
echo -en " ·▀▀▀▀ .▀ ▀ ▀▀▀ ▀▀▀ ▀▀▀ \n"
echo -en $lg1"\n"
echo -en " ·▄▄▄ ▄▄▄ ▄▄· ▄▄▄ . \n"
echo -en " ▐▄▄·▪ ▀▄ █·▐█ ▌▪▀▄.▀· \n"
echo -en " ██▪ ▄█▀▄ ▐▀▀▄ ██ ▄▄▐▀▀▪▄ \n"
echo -en " ██▌.▐█▌.▐▌▐█•█▌▐███▌▐█▄▄▌ \n"
echo -en " ▀▀▀ ▀█▄▀▪.▀ ▀·▀▀▀ ▀▀▀ \n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" TARGET => "$lc1$target
echo -en $lg1"\n\n["$lr1"1"$lg1"]"$w1" FTP BRUTE\n"
echo -en $lg1"["$lr1"2"$lg1"]"$w1" SSH BRUTE\n"
echo -en $lg1"["$lr1"3"$lg1"]"$w1" TELNET BRUTE\n"
echo -en $lg1"["$lr1"4"$lg1"]"$w1" SMTP BRUTE\n"
echo -en $lg1"["$lr1"5"$lg1"]"$w1" SNMP BRUTE\n"
echo -en $lg1"["$lr1"6"$lg1"]"$w1" HTTP BRUTE\n"
echo -en $lg1"["$lr1"7"$lg1"]"$w1" DNS BRUTE\n"
echo -en $lg1"["$lr1"8"$lg1"]"$w1" MYSQL BRUTE\n"
echo -en $lg1"["$lr1"9"$lg1"]"$w1" VNC BRUTE\n"
echo -en $lg1"["$lr1"10"$lg1"]"$w1" SMB BRUTE\n"
echo -en $lg1"["$lr1"x"$lg1"]"$w1" GO BACK >>\n"
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" CHOOSE: "
read force
}
case $scans in
1) ports
case $portz in
#------------FTP ATTACK OPTION-------------@
1) cd;cd ..;cd usr/share/nmap/scripts
ls | grep ftp
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 21 --script $scriptx $target
quit ;;
#------------SSH ATTACK OPTION-------------@
2) cd;cd ..;cd usr/share/nmap/scripts
ls | grep ssh
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 22 --script $scriptx $target
quit ;;
#------------TELNET ATTACK OPTION-------------@
3) cd;cd ..;cd usr/share/nmap/scripts
ls | grep telnet
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 23 --script $scriptx $target
quit ;;
#------------SMTP ATTACK OPTION-------------@
4) cd;cd ..;cd usr/share/nmap/scripts
ls | grep smtp
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 25 --script $scriptx $target
quit ;;
#------------HTTP ATTACK OPTION-------------@
5) cd;cd ..;cd usr/share/nmap/scripts
ls | grep http
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 80 --script $scriptx $target
quit ;;
#------------HTTPS ATTACK OPTION-------------@
6) cd;cd ..;cd usr/share/nmap/scripts
ls | grep https
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 443 --script $scriptx $target
quit ;;
#------------SMB ATTACK OPTION-------------@
7) cd;cd ..;cd usr/share/nmap/scripts
ls | grep smb
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 445 --script $scriptx $target
quit ;;
#------------RTSP ATTACK OPTION-------------@
8) cd;cd ..;cd usr/share/nmap/scripts
ls | grep rtsp
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 554 --script $scriptx $target
quit ;;
#------------SNMP ATTACK OPTION-------------@
9) cd;cd ..;cd usr/share/nmap/scripts
ls | grep snmp
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 161 --script $scriptx $target
quit ;;
x) cd;cd scan
clear
./scan.sh ;;
esac ;;
#--------------------------@
2) routers
case $routerz in
#------------CISCO ATTACK OPTION-------------@
1) cd;cd ..;cd usr/share/nmap/scripts
ls | grep cisco
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV --script $scriptx $target
quit ;;
#------------DLINK ATTACK OPTION-------------@
2) cd;cd ..;cd usr/share/nmap/scripts
ls | grep dlink
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV --script $scriptx $target
quit ;;
#------------TPLINK ATTACK OPTION-------------@
3) cd;cd ..;cd usr/share/nmap/scripts
ls | grep tplink
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV --script $scriptx $target
quit ;;
x) cd;cd scan
clear
./scan.sh ;;
esac ;;
3) sql
case $sql_select in
1) cd;cd ..;cd usr/share/nmap/scripts
ls | grep sql
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 3306 --script $scriptx $target
quit ;;
x) cd;cd scan
clear
./scan.sh ;;
esac ;;
4) ios_hack
case $ios in
1) cd;cd ..;cd usr/share/nmap/scripts
ls | grep ios
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV --script $scriptx $target
quit ;;
x) cd;cd scan
clear
./scan.sh ;;
esac ;;
5) brute_force
case $force in
1) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 21 --script ftp-brute.nse $target
quit ;;
2) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 22 --script ssh-brute.nse $target
quit ;;
3) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 23 --script telnet-brute.nse $target
quit ;;
4) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 25 --script smtp-brute.nse $target
quit ;;
5) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 161 --script snmp-brute.nse $target
quit ;;
6) cd;cd ..;cd usr/share/nmap/scripts
ls | grep http-brute
ls | grep http-auth
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" YOUR SCRIPT: "
read scriptx
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 80 --script $scriptx $target
quit ;;
7) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 53 --script dns-brute.nse $target
quit ;;
8) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 3306 --script mysql-brute.nse $target
quit ;;
9) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 5900 --script vnc-brute.nse $target
quit ;;
10) cd;cd ..;cd usr/share/nmap/scripts
echo -en $lg1"\n["$lr1"+"$lg1"]"$w1" ATTACK STARTED..\n"
nmap -Pn -sV -p 445 --script smb-brute.nse $target
quit ;;
x) cd;cd scan
clear
./scan.sh ;;
esac ;;
x) quit ;;
esac