OSCP Day 3 A clean ship .. or better mapping that treasure Mate !! ARRRRRRRRRR

mate.jpg

 

After 2 days in the lab I was drowning in infos (see my last post ).

I stumbled over some problems:

1) The tools are picky about how they get their ip ranges. Some want X.X.X.1-254 some want a single IP, some want /24 etc. Annoying.

2) Some Tools have HUGE LOGS .. and searching through them for one server is annoying

3) I suck at naming files scan1.txt .. helpful.

So I made this stupid script. Each tool gets added and I can activate or deactivate the tools via editing that script without messing up my filesystem with stupid names.

#!/bin/bash

echo Making a IP list

nmap -sL $@ >./results/nmapiplist.txt

cat ./results/nmapiplist.txt |grep „Nmap sc“|cut -d “ “ -f 5 >./results/IP.txt

First stupid Hack …I “normalise” my IP input. Nmap is ok with any IP notation .. and the -sL option just converts that in a nice list. Grep etc and I have a nice file with all the IP. In this case I could do it in one line. But for other nmap scans I want to wait and have the nmap output. In this step I prepare my IP lists (more about that later).

#Folder

for word in $(cat ./results/IP.txt);do mkdir ./results/$word ; done

Now I create a folder for each host ….

#Tool 1 (etc)

for word in $(cat ./results/IP.txt);do TOOLNAME $word>./results/$word/$word-TOOLNAME.txt & done

This spawns a copy of the tool for each IP. Not the most efficient way of doing it. But I get a good speed by running a lot in parallel. And every Tool puts the output in the folder of the host.

BEWARE: Only caveat is that you need to make separate IP lists for some tools. You don’t want an output file just saying:”No Host found”. So maybe first check if your IP list is online. In reality I have a bunch of different IP-List generated after step 1 and feed the tools only the list of candidates. So I reduce the false positives.

sleep 120

Waiting for a while .. some tools are slow to write their files ….

And then I remove every empty folder. So I have (ok some folders with empty files are left, but manageable) a nice structure. Every output sorted by tool.

echo Removing Empty folder

find ./ -type d -empty -delete

So much for this moment. Happy sailing …

Greetings Ucki

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

Gravatar
WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden /  Ändern )

Google Foto

Du kommentierst mit Deinem Google-Konto. Abmelden /  Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden /  Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden /  Ändern )

Abbrechen

Verbinde mit %s