mgeeky-Penetration-Testing-.../networks/nmap-scan-all.sh

53 lines
1.7 KiB
Bash
Raw Permalink Normal View History

2018-03-08 14:46:02 +01:00
#!/bin/bash
if [ $# -lt 2 ]; then
echo "Usage: ./nmap-scan-all.sh <host> <output-file>"
exit 1
fi
if [ $EUID != 0 ]; then
echo "[!] This script must be launched as root."
exit 1
fi
HOST="$1"
shift
OUT="$1"
shift
eXTRA_PARAMS="$@"
COMMON_OPTS="-Pn -A -T4 --osscan-guess --fuzzy --version-all -vv --reason --min-rate 300"
SCRIPTS="not (dos or brute or http-sql-injection)"
SCRIPTS_ARGS="--script-args http.useragent=\"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/53.0 (KHTML, like Gecko) Chrome/64.0.32 Safari/53.0\""
echo "[+] Will scan: '$HOST' and store output to: '$OUT'"
nmap --script-updatedb > /dev/null
echo ""
echo "=========================================================================="
echo "SCAN 1: All TCP ports, SYN scan."
echo ""
echo "Scan using:"
echo -e "\tnmap $COMMON_OPTS -sS -p- --script \"$SCRIPTS\" $SCRIPTS_ARGS -oA \"$OUT.tcp-scan.log\" $HOST"
nmap $COMMON_OPTS -sS -p- --script "$SCRIPTS" $SCRIPTS_ARGS -oA "$OUT.tcp-scan.log" $HOST
echo ""
echo "=========================================================================="
echo "SCAN 2: SCTP INIT scan."
echo ""
echo "Scan using:"
echo -e "\tnmap $COMMON_OPTS -sZ -p- --script \"$SCRIPTS\" $SCRIPTS_ARGS -oA \"$OUT.sctp-init.log\" $HOST"
nmap $COMMON_OPTS -sZ -p- --script "$SCRIPTS" $SCRIPTS_ARGS -oA "$OUT.sctp-init.log" $HOST
echo ""
echo "=========================================================================="
echo "SCAN 3: UDP top 8192 ports."
echo ""
echo "Scan using:"
echo -e "\tnmap $COMMON_OPTS -sU --top-ports 8192 --script \"$SCRIPTS\" $SCRIPTS_ARGS -oA \"$OUT.tcp-scan.log\" $HOST"
nmap $COMMON_OPTS -sU --top-ports 8192 --script "$SCRIPTS" $SCRIPTS_ARGS -oA "$OUT.udp-scan.log" $HOST