Wednesday, October 28, 2009

Script for finding servers of a particular kind. IIS Apache or Otherwise.

For this script you need to have nmap installed. In the example script I made I am search for IIS servers but you can use it to search for any kind, just search for them in the format that nmap saves them as. So apache servers would change the variable to this:
my $webserver_type = qr!(Apache)!;

So this script saves all open servers to one file, all servers of a particular type to another file, and it saves all results to a file. You can cahnge where those files are by editing these variables:
my $hunt = "/root/serverhunt";
my $found = "/root/found";
my $open_file = "/root/open";

**Oh and it just appends to the file, so you can run it and it will never overwrite your progress, just add to it.**


This does scans randomly in increments of 100, you can change how many times you want it to loop by changing this variable:
my $howmanyloops = "1";
So if you wanted to do it twice you would put:
my $howmanyloops = "2";

Ok so before you get going with this you probably need to be aware of the legality of port scanning. Port scanning may attract unwanted attention. Talk to a lawyer before port scanning. I'm not liable for you using this script. Etc Etc....



use strict;
use warnings;

my $webserver_type = qr!(IIS)!;
my $open = qr!(open)!;
my $howmanyloops = "1";

my $hunt = "/root/serverhunt";
my $found = "/root/found";
my $open_file = "/root/open";

my $nmap_scan;
my @hunt_file;
my $line;
my $iter = 0;

while($iter < $howmanyloops){
$nmap_scan = `nmap -sV -iR 100 -P0 -p 80 -oG $hunt`;
open HUNT, $hunt;
@hunt_file = ;
close(HUNT);
open FOUND, ">>", $found;
open OPENFILE, ">>", $open_file;
foreach(@hunt_file){
$line = $_;
if($line =~ $webserver_type){
print FOUND $line;
}
if($line =~ $open){
print OPENFILE $line;
}
}
++$iter;
}
close(FOUND);

No comments: