-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathportscan.sh
More file actions
120 lines (99 loc) · 5.72 KB
/
Copy pathportscan.sh
File metadata and controls
120 lines (99 loc) · 5.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#!/usr/bin/bash
rustscan='docker run -it --rm --name rustscan rustscan/rustscan:2.0.0'
message () {
curl -X POST -H 'Content-type: application/json' --data "{\"text\":\"$alert$1\"}" https://hooks.slack.com/services/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 -s > /dev/null
}
# For color code you can use this link https://stackoverflow.com/questions/5947742/how-to-change-the-output-color-of-echo-in-linux
print() {
if [[ $1 == "v" ]]; then
echo -e "\033[32m[+] $2 \033[m"
message "[+] $2"
elif [[ $1 == "e" ]]; then
echo -e "\033[31m[-] $2 \033[m"
message "[-] $2"
elif [[ $1 == "w" ]]; then
echo -e "\033[33m[!] $2 \033[m"
message "[!] $2"
fi
}
scanned () {
cat $1 | sort -u | wc -l
}
print "v" "Running Port Scan..."
mkdir "$1"
gathering_ips(){
# collecting all IP from collected subdomains
print "v" "Getting all IP from subdomains"
if [[ ! -z $(which dnsx) ]]; then
cat $1/$1-final.txt | dnsx -silent -a -resp-only | sort -u > $1/$1-ipz.txt
ipcount=$(scanned $1/$1-ipz.txt)
print "v" "Almost $ipcount IP Collected in $1"
else
print "w" "Skipping dnsprobe Scanning"
fi
}
filter_cloud_ips(){
## segregating cloudflare IP from non-cloudflare IP
## non-sense if I scan cloudflare,sucuri,akamai and incapsula IP. :(
iprange="173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/12 172.64.0.0/13 131.0.72.0/22"
for ip in $(cat $1/$1-ipz.txt); do
grepcidr "$iprange" <(echo "$ip") >/dev/null && echo "[!] $ip is cloudflare" || echo "$ip" >> $1/$1-ip4.txt
done
ipz=$(scanned $1/$1-ip4.txt)
ip_old=$(scanned $1/$1-ipz.txt)
print "v" "$ipz non-cloudflare IPs has been $collected in $1 out of $ip_old IPs"
# print "v" "$ipz non-arvan IPs has been collected out of $ip_old IPs!"
rm $1/$1-ipz.txt
sleep 2
incapsula="199.83.128.0/21 198.143.32.0/19 149.126.72.0/21 103.28.248.0/22 45.64.64.0/22 185.11.124.0/22 192.230.64.0/18 107.154.0.0/16 45.60.0.0/16 45.223.0.0/16"
for ip in $(cat $1/$1-ip4.txt); do
grepcidr "$incapsula" <(echo "$ip") >/dev/null && echo "[!] $ip is Incapsula" || echo "$ip" >> $1/$1-ip3.txt
done
ipz=$(scanned $1/$1-ip3.txt)
ip_old=$(scanned $1/$1-ip4.txt)
print "v" "$ipz non-incapsula IPs has been $collected in $1 out of $ip_old IPs"
# print "v" "$ipz non-arvan IPs has been collected out of $ip_old IPs!"
rm $1/$1-ip4.txt
sleep 2
sucuri="185.93.228.0/24 185.93.229.0/24 185.93.230.0/24 185.93.231.0/24 192.124.249.0/24 192.161.0.0/24 192.88.134.0/24 192.88.135.0/24 193.19.224.0/24 193.19.225.0/24 66.248.200.0/24 66.248.201.0/24 66.248.202.0/24 66.248.203.0/24"
for ip in $(cat $1/$1-ip3.txt); do
grepcidr "$sucuri" <(echo "$ip") >/dev/null && echo "[!] $ip is Sucuri" || echo "$ip" >> $1/$1-ip2.txt
done
ipz=$(scanned $1/$1-ip2.txt)
ip_old=$(scanned $1/$1-ip3.txt)
print "v" "$ipz non-sucuri IPs has been $collected in $1 out of $ip_old IPs"
# print "v" "$ipz non-arvan IPs has been collected out of $ip_old IPs!"
rm $1/$1-ip3.txt
sleep 2
akamai="104.101.221.0/24 184.51.125.0/24 184.51.154.0/24 184.51.157.0/24 184.51.33.0/24 2.16.36.0/24 2.16.37.0/24 2.22.226.0/24 2.22.227.0/24 2.22.60.0/24 23.15.12.0/24 23.15.13.0/24 23.209.105.0/24 23.62.225.0/24 23.74.29.0/24 23.79.224.0/24 23.79.225.0/24 23.79.226.0/24 23.79.227.0/24 23.79.229.0/24 23.79.230.0/24 23.79.231.0/24 23.79.232.0/24 23.79.233.0/24 23.79.235.0/24 23.79.237.0/24 23.79.238.0/24 23.79.239.0/24 63.208.195.0/24 72.246.0.0/24 72.246.1.0/24 72.246.116.0/24 72.246.199.0/24 72.246.2.0/24 72.247.150.0/24 72.247.151.0/24 72.247.216.0/24 72.247.44.0/24 72.247.45.0/24 80.67.64.0/24 80.67.65.0/24 80.67.70.0/24 80.67.73.0/24 88.221.208.0/24 88.221.209.0/24 96.6.114.0/24"
for ip in $(cat $1/$1-ip2.txt); do
grepcidr "$akamai" <(echo "$ip") >/dev/null && echo "[!] $ip is Akamai" || echo "$ip" >> $1/$1-ip.txt
done
ipz=$(scanned $1/$1-ip.txt)
ip_old=$(scanned $1/$1-ip2.txt)
print "v" "$ipz non-akamai IPs has been $collected in $1 out of $ip_old IPs"
# print "v" "$ipz non-arvan IPs has been collected out of $ip_old IPs!"
rm $1/$1-ip2.txt
sleep 2
arvan="185.143.232.0/22 92.114.16.80/28 2.146.0.0/28 46.224.2.32/29 89.187.178.96/29 195.181.173.128/29 89.187.169.88/29 188.229.116.16/29 83.123.255.56/31 164.138.128.28/31 94.182.182.28/30 185.17.115.176/30 89.45.48.8/29 5.213.255.36/31 188.122.68.224/29 188.122.83.176/29 5.200.14.8/29 213.179.197.16/29 213.179.217.16/29 185.179.201.192/29 138.128.139.144/29 43.239.139.192/29 109.200.214.248/29 213.179.213.16/29 162.244.52.120/29 188.122.78.136/29 213.179.211.32/29 185.50.105.136/29 213.179.201.192/29 103.194.164.24/29 138.128.141.16/29 188.122.80.240/29 109.200.195.64/29 109.200.199.224/29 185.228.238.0/28 94.182.153.24/29 94.101.182.0/28 37.152.184.208/28 78.39.156.192/28 158.255.77.238/31 81.12.28.16/29 176.65.192.202/31"
for ip in $(cat $1/$1-ip2.txt); do
grepcidr "$arvan" <(echo "$ip") >/dev/null && echo "[!] $ip is arvan cloud" || echo "$ip" >> $1/$1-ipz.txt
done
ipz=$(scanned $1/$1-ipz.txt)
ip_old=$(scanned $1/$1-ip.txt)
print "v" "$ipz non-arvan IPs has been $collected in $1 out of $ip_old IPs"
#print "v" "$ipz non-arvan IPs has been collected out of $ip_old IPs!"
rm $1/$1-ip.txt
sleep 2
}
port_scan(){
print "v" "starting rustscan and nmap"
mkdir -p "$1/ip-scan-result"
for ip in $(cat $1/$1-ipz.txt); do
$rustscan -a $ip | tail -n +13 > "$1/ip-scan-result/$ip.txt"
done
print "v" "rustscan and nmap scan is done :)"
}
gathering_ips $1
filter_cloud_ips $1
port_scan $1