Shell scripting is one of the very powerful language. There are many different kinds of shell scripting environment providing different features like Ksh, bash etc. In this article, we will be learning how to create scripts as a pen-tester / hacker/security researcher view. How scripting a little script can save your time. I’m providing here an example basic script which makes use of different tools in Kali operating system and creates a file to store the result of whois and nmap and check if the web server port is 80 is open or not on the target. This script will give you an idea about how things are done in the real world. The automated world. This is a basic script, a lot of things can be done with scripts.
> The code is reading the file name and creating the file given in $filepath.
> Target is entered after the filename and stored in the variable $t
> whois “$t” > $filepath : Performing whois lookup and storing the result in the $filepath
>For nmap, The default scan for this script is with flags -A -sV, which can be changed by user and different flags can be used
>nc -z $t 80, this is the nc command that will check if port 80 is open in the target or not. It will result out 0 when success [open] and 1 if failed[closed]
Code:
echo "***program to perform information gathering on the target machine passively and actively***"
echo "Enter the name of the file in which you want the results to be saved >"
filename= read filename
echo "Enter the target"
t= read t
filepath="/root/Desktop/"$filename
touch $filepath
echo "Path of your file is "$filepath
echo "target network: "$t
echo "whois lookup:"
whois "$t" > $filepath
echo "nmapping the" $t" with flags -A -sV \n,press Y to continue with current settings, and n to change it"
choice= read choice
if [ "$choice" == 'n' ] || [ "$choice" == 'N' ]
then
echo "Enter flags in the form \"-Pn -p 443\": "
flags= read flags
nmap ${flags} ${t} >> $filepath
echo "nmap performed"
else
nmap -A -sV ${t} >> $filepath
echo "nmap performed"
fi
if nc -z $t 80;
then
echo "Port 80 is open. Web server present"
else
echo "Port 80 is closed"
fi
OUTPUT: