-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathbashFunction.sh
214 lines (173 loc) · 12.5 KB
/
bashFunction.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
#add this functions to your bashrc file or source them when you want to operate your scanners and files
#you need to change the vultr API key here
#setup
function DistributedScan-Setup(){
wget https://raw.githubusercontent.com/royharoush/rtools/master/json2csv.py -O /usr/bin/json2csv.py && chmod +x /usr/bin/json2csv.py
apt-get install jq -y > /dev/null
apt-get install pv -y > /dev/null
apt-get install pssh -y >/dev/null
apt-get install cssh -y >/dev/null
printf "Finished ! "
}
export VULTRAPIKEY="ENTER YOUR VULTR API KEY HERE"
#enable SSH-Agent to start when terminal starts, leaving this function will disable automated data retreival.
eval $(ssh-agent)
#Vultr
function DistributedScan-vultrGetAllserversCSV(){
rm vulter-servers.csv
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json >> vulter-servers.csv && libreoffice vulter-servers.csv &
}
function DistributedScan-vultrGetAllserversPrint(){
rm vulter-servers.csv
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json >> vulter-servers.csv && cat vulter-servers.csv
}
function DistributedScan-vultrGetAllserversLight(){
rm vulter-servers.csv
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json | cut -d"," -f1,10,16
}
#function DistributedScan-vultrGetScannersIP(){
#curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep scan | cut -d "," -f10 > scanners_IP
#}
#function DistributedScan-vultrGetScannersSubID(){
#curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep scan | cut -d "," -f1 > scanners_subid
#}
function DistributedScan-vultrGetLocations(){
curl https://api.vultr.com/v1/regions/list | jq . > locations.json && json2csv.py locations.json
}
function DistributedScan-vultrGetLocations(){
curl https://api.vultr.com/v1/regions/list | jq . > locations.json && json2csv.py locations.json
}
function DistributedScan-vultrCreateBootScript(){
echo "Enter the name of the script (this is only a friendly name):"
read scriptname
echo "Enter the Designated Dnmap server to be pushed into the script:"
read dnmapserver
echo "Enter the Dnmap server's port:"
read dnmapport
echo "creating a script with "$dnmapserver" and "$dnmapport" as your dnmapserver"
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/startupscript/create --data "name="$scriptname"" --data "script=#!/bin/bash%0d%0asleep 5%0d%0aapt-key adv --keyserver pgp.mit.edu --recv-keys ED444FF07D8D0BF6%0d%0a> /etc/apt/apt.conf.d/01keep-debs%0d%0aprintf 'deb http://http.kali.org/kali kali-rolling main contrib non-free' > /etc/apt/sources.list%0d%0asleep 3%0d%0aexport DEBIAN_FRONTEND=noninteractive%0d%0aapt-get purge %0 apt-get update -y -q %0d%0asleep 3%0d%0aapt-get install screen -y%0d%0aapt-get install dnmap -y --force-yes --assume-yes %0d%0aapt-get install bash-completion -y --force-yes --assume-yes %0d%0acp /etc/skel/.bashrc ~/%0d%0asleep 3%0d%0aapt-get install nmap -y --force-yes --assume-yes %0d%0asleep 3%0d%0adnmap_client -s "$dnmapserver" -p "$dnmapport"" | grep SCRIPTID | cut -d":" -f2 | tr -d } > startupScriptId
echo "Your new script ID is $(cat startupScriptId)"
}
#vultr
#Data Retreival
function DistributedScan-vpsGetResults (){
ssh-add
echo "what is the project name:"
read project
echo "Creating a folder to place all the results in /root/projects/"$project
mkdir -p /root/projects/$project
cd /root/projects/$project
rm vulter-servers.csv
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json > servers.csv && cat servers.csv | cat servers.csv | grep scanmachine1| cut -d"," -f10 > scanners_IP
pssh -i -h /root/projects/$project/scanners_IP -x "-oStrictHostKeyChecking=no" ls
#install rsync on remote servers
pssh -i -h /root/projects/$project/scanners_IP -x "-oStrictHostKeyChecking=no" apt-get install rsync -y > /dev/null
pssh -i -h /root/projects/$project/scanners_IP -x "-oStrictHostKeyChecking=no" apt-get install rsync -y > /dev/null
for i in $(cat /root/projects/$project/scanners_IP); do rsync -avz --remove-source-files -e ssh root@$i:/nmap_output/* /root/projects/$project --rsync-path=/usr/bin/rsync & done
}
#data retreival
#Delete scanners
function DistributedScan-vultrDeleteScanners(){
echo "Make sure you don't have any more scans running on your scanners."
echo "Run the Data Fetching function one last time and wait for it to finish."
echo -e " \e[91m \e[1;4m after you've made sure you retreived all the results and no new scans are running, run the following command:"
echo -e "\e[0mfor i in \$(cat scanners_subid);do curl -H "\"API-Key: "$VULTRAPIKEY"\"" https://api.vultr.com/v1/server/destroy --data 'SUBID='\$i'';done"
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep scan | cut -d "," -f1 > scanners_subid
}
}
##Create Evasive Command file
##Create very none evasive command file
function DistributedScan-commandFileCreate_1(){
if [[ -f ./targets ]];then
echo "Targets file exists"
echo "Enter the ports to scan, you can use "-p port-list,singleport" or "--top-ports XXX":"
read port
echo "Creating command file"
echo "This may take a while, please do not CTRL+C"
rm nmapTargets > /dev/nul
nmap -iL targets -sL -Pn -sn -n | grep "Nmap scan report"| sort -u | cut -d" " -f 5 | shuf | sort -R > nmapTargets
for ip in $(cat nmapTargets) ; do echo "nmap $ip -Pn $port -oA \"nmapResult_"$ip"_$port\"" ; done > nmapCommands-Evasion_1-$(echo $port | tr "," "_" | tr " " "_" )
rm nmapTargets
else
echo "targets file missing, please create it"
fi
}
function DistributedScan-commandFileCreateInfo(){
echo "Command files are the source files for Dnmapserver and they contain the nmap commands to be executed by the scanners."
echo "These commands will allow you to create command files using different types of techniques, using mainly 2 different evasion techniques:"
echo "1. randomizing the IP-Port pairs, so that hosts should not be scanned twice for the same port by the same scanner instance."
echo "2. randomizing traffic paramters, such as the TCP data length and the souce port."
echo "The commands creation time of creation varies based on how complex it is perform the randomization, as much randmoized scans will take longer to produce. "
echo "Below is an explaintion of the complexlity level for each commadn file creation function "
echo " "
echo "commandFileCreate_1: This function creates a command file very quickly, but will not randomize IP-Port pairs and will not randomize traffic parameters"
echo "commandFileCreate_2: This function creates a command file very fairly quick, but will not randomize randomize traffic parameters, it will randomize IP-Port pairs"
echo "commandFileCreate_3: This function creates a command file kinda slow and will randomize traffic parameters but will not randomize IP-Port pairs"
echo "commandFileCreate_4: This function creates a command file kinda very slowly and will randomize traffic parameters as well as IP-Port pairs"
echo "in short, the higher the number, the longer it will take to create the command file, but the more evasive it will be:"
}
# for ip in $(nmap -iL targets -sL -Pn -sn -n | grep "Nmap scan report"| sort -u |shuf | sort -R | cut -d" " -f 5 ); do printf "nmap $ip $port -Pn --source-port $( cat ./randomport | shuf | head -1) --data-length $( shuf -i 50-100 -n 1) -oA nmap_result_#$ip-$(echo $port |tr " " "_")\n";done > commandFile-$(echo $port |tr " " "_" | tr "," "-").txt
function DistributedScan-vultrCreateScanners(){
echo "If you are not sure what information you need to enter you should CTRL+C and read the documentation!"
echo "Make sure you've updated the correct SSH key and starup script in this script"
curl https://api.vultr.com/v1/regions/list | jq . > locations.json && json2csv.py locations.json
echo "Where do you want to create your scanners?(enter a location ID from the above list)"
#echo "(if you are not sure you need to check the DCID in using DistributedScan-vultrGetLocations):"
read dcid
#echo $VULTRAPIKEY
echo "How many instances to create:"
read number
#for i in $(seq 1 $number); do date ;done
echo "Creating" $number "scanners in location" $dcid
for i in $(seq 1 $number); do curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/create --data 'VPSPLANID=29' --data 'OSID=193' --data 'SCRIPTID=18661' --data 'SSHKEYID=578f78ece9844' --data "DCID="$dcid"" --data "label=scanmachine1"; done;
echo "Finished Creating" $number "scanners in location" $dcid
}
#function DistributedScan-vultrCreateDnmapServer(){
#echo "If you are not sure what information you need to enter you should CTRL+C and read the documentation!"
#echo "Make sure you've updated the correct SSH key and starup script in this script"
#curl https://api.vultr.com/v1/regions/list | jq . > locations.json && json2csv.py locations.json
#echo "Where do you want to create your scanners?(enter a location ID from the above list)"
#echo "(if you are not sure you need to check the DCID in using DistributedScan-vultrGetLocations):"
#read dcid
#echo $VULTRAPIKEY
#echo "How many instances to create:"
#read number
#for i in $(seq 1 $number); do date ;done
#echo "Creating" $number "Dnmap Server in" $dcid
#for i in $(seq 1 $number); do curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/create --data 'VPSPLANID=29' --data 'OSID=194' --data 'SCRIPTID=18661' --data 'SSHKEYID=578f78ece9844' --data "DCID="$dcid"" --data "label=dnmapserver"; done;
#echo "Finished Creating" $number "Servers in location" $dcid
#}
function DistributedScan-vultrGetScannersInfo(){
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep scan | cut -d "," -f1 > scanners_subid
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep scan | cut -d "," -f10 > scanners_IP
}
function DistributedScan-vultrDnmapServerInfo(){
echo "in order to use a dnmap server build one and make sure the server works, as there seems to be an issue with the twisted library in later debian releaes"
echo "if you want to import this scripts functions into your dnmap server, run the below command"
echo "wget https://raw.githubusercontent.com/royharoush/DistributedScanning/master/bashFunction.sh && source bashFunction.sh"
}
#function DistributedScan-vultrGetDnmapServerInfo(){
#curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep dnmapserver | cut -d "," -f1 > DnmapServer_subid
#curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep dnmapserver | cut -d "," -f10 > DnmapServer_IP
#echo -e " \e[91m \e[1;4m LOG IN TO YOUR SERVER AND EXECUTE DNMAP TO ALLOW CONNETIONS FROM SCANNERS"
#}
function DistributedScan-vpsExecuteCommand(){
echo "enter the command you would like to execute:"
read command
ssh-add
if [[ -f ./scanners_IP ]];then
pssh -o ./ -i -h scanners_IP -x "-oStrictHostKeyChecking=no" "$command"
else
echo "Geting scanners IP file"
curl -H "API-Key: "$VULTRAPIKEY"" https://api.vultr.com/v1/server/list > servers.json && <servers.json jq '.' | sed s'/},/},\n/' > servers-json.json && json2csv.py servers-json.json |grep scan | cut -d "," -f10 > scanners_IP
pssh -o ./ -i -h scanners_IP -x "-oStrictHostKeyChecking=no" "$command"
fi
}
function DistributedScan-CheckScanProgress
if [ $# -lt 2 ]; then
echo "you need to provide the trace file and the corrosponding command file"
echo "example: DistributedScan-CheckScanProgress commandfile.dnmaptrace commandfile "
else
watch -n 1 " cat $1 | xargs -I '{}' grep -n '{}' $2 "
fi
##Distributed Scan Process ##