diff --git a/README.md b/README.md index e69de29..96f30fe 100644 --- a/README.md +++ b/README.md @@ -0,0 +1,17 @@ +## JupiterOne Query to Find a list of all external IP Addresses +``` +FIND aws_eip +``` +Download the above as a json file and run the following command to get a complete list of all external IP addresses and export them to a text file. + +```bash +jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 >> external_ips.txt +``` + +## Script Execution Instructions + +```bash +git clone {placeholder for git address} +chmod +x external_pentest.sh +./external_pentest.sh external_ips.txt +``` \ No newline at end of file diff --git a/external_pentest.sh b/external_pentest.sh index a9bf588..3f45e08 100644 --- a/external_pentest.sh +++ b/external_pentest.sh @@ -1 +1,100 @@ #!/bin/bash + + +if [ $# -eq 0 ]; then +echo "Usage: ./external_pentest.sh "; +echo ""; +exit 1; +fi +echo ""; +echo ""; +echo -e "\e[1;96m External Pentesting Start Script by Daniel Brown \e[0m"; +echo ""; +echo ""; + +# User Input of Information # +echo -n " Input the number of top TCP ports you would like to scan (recommended 1024) greater than 0 : "; +read topports + +if [ $topports -eq 0 ]; +then + echo -e "\e[34m Number must be greater than zero! \e[0m"; + exit 1; +fi + +#Folder where raw scan files are stored +mkdir raw_files + +#Variable storage +f1='raw_files'; + +## Pingable IP Check ## + +echo ""; +echo -e "\e[34m Checking for Ping on Hosts \e[0m"; +echo ""; +nmap -sP -iL $1 -PE -oG - | awk '/Up/{print $2}' > $f1/pingable_hosts.txt +echo ""; +echo -e "\e[34m Finished Checking for Ping \e[0m"; +echo ""; + +# Performs NMAP TCP Scans# +echo -e "\e[34m Starting NMAP TCP scans \e[0m"; +echo ""; +nmap -sT -Pn -n -iL $1 --top-ports=$topports -oA $f1/nmap-sT-Pn-n-top-$topports; +echo ""; +echo -e "\e[34m Finished NMAP TCP scans \e[0m"; +echo ""; + +##python parser ## + +python3 << EOF +import re,os +import tabulate +from sys import argv + +def help(): + print("\n " + "-" * 52) + print(" Nmap Parser v2.0, Daniel Brown (dbrow43@gmail.com) ") + print(" " + "-" * 52) + print("\n Usage: %s " % argv[0]) + print() + exit() + +def start(argv): + if len(argv) < 1: + help() + if not os.path.exists('open-ports'): + os.makedirs('open-ports') + + target_file = open(argv[-1]) + targett_file = target_file.read().split('\n') + + for line in targett_file: + ip_address = line[line.find(":")+2:line.find("(")-1] + pattern = '([0-9]+)/open/(tcp|udp)/' + find_pattern = re.findall(pattern, line) + + tcpwrapped_pattern = '([0-9]+)/open/tcp//tcpwrapped' + find_tcpwrapped = re.findall(tcpwrapped_pattern, line) + + if find_pattern: + for i in find_pattern: + if i in find_tcpwrapped: + continue + tcp_file = open('open-ports/%s.txt' % i[0],'a') + tcp_file.write("%s\n" % ip_address) + tcp_file.close() + target_file.close() + print("Done. Check the \"open-ports\" folder for results.") + +if __name__ == "__main__": + try: + # Construct the filename and pass it as an argument + filename = "$f1/nmap-sT-Pn-n-top-$topports.gnmap" + start([filename]) + except KeyboardInterrupt: + print("\nExiting. Closed by user (ctrl-c).") + except Exception as err: + print(err) +EOF diff --git a/open-ports/139.txt b/open-ports/139.txt new file mode 100644 index 0000000..497241c --- /dev/null +++ b/open-ports/139.txt @@ -0,0 +1 @@ +192.168.86.8 diff --git a/open-ports/22.txt b/open-ports/22.txt new file mode 100644 index 0000000..233f74a --- /dev/null +++ b/open-ports/22.txt @@ -0,0 +1,3 @@ +192.168.86.1 +192.168.86.8 +192.168.2.1 diff --git a/open-ports/443.txt b/open-ports/443.txt new file mode 100644 index 0000000..d34e11e --- /dev/null +++ b/open-ports/443.txt @@ -0,0 +1,6 @@ +192.168.86.1 +192.168.86.8 +192.168.2.1 +8.8.8.8 +1.1.1.1 +9.9.9.9 diff --git a/open-ports/445.txt b/open-ports/445.txt new file mode 100644 index 0000000..497241c --- /dev/null +++ b/open-ports/445.txt @@ -0,0 +1 @@ +192.168.86.8 diff --git a/open-ports/80.txt b/open-ports/80.txt new file mode 100644 index 0000000..2fcda74 --- /dev/null +++ b/open-ports/80.txt @@ -0,0 +1,4 @@ +192.168.86.1 +192.168.86.8 +192.168.2.1 +1.1.1.1 diff --git a/raw_files/nmap-sT-Pn-n-top-10.gnmap b/raw_files/nmap-sT-Pn-n-top-10.gnmap new file mode 100644 index 0000000..a07161f --- /dev/null +++ b/raw_files/nmap-sT-Pn-n-top-10.gnmap @@ -0,0 +1,38 @@ +# Nmap 7.95 scan initiated Mon Jan 13 14:06:42 2025 as: /usr/lib/nmap/nmap --privileged -sT -Pn -n -iL test.txt --top-ports=10 -oA raw_files/nmap-sT-Pn-n-top-10 +Host: 192.168.86.1 () Status: Up +Host: 192.168.86.1 () Ports: 21/closed/tcp//ftp///, 22/open/tcp//ssh///, 23/closed/tcp//telnet///, 25/closed/tcp//smtp///, 80/open/tcp//http///, 110/closed/tcp//pop3///, 139/closed/tcp//netbios-ssn///, 443/open/tcp//https///, 445/closed/tcp//microsoft-ds///, 3389/closed/tcp//ms-wbt-server/// +Host: 192.168.86.2 () Status: Up +Host: 192.168.86.2 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 192.168.86.8 () Status: Up +Host: 192.168.86.8 () Ports: 21/closed/tcp//ftp///, 22/open/tcp//ssh///, 23/closed/tcp//telnet///, 25/closed/tcp//smtp///, 80/open/tcp//http///, 110/closed/tcp//pop3///, 139/open/tcp//netbios-ssn///, 443/open/tcp//https///, 445/open/tcp//microsoft-ds///, 3389/closed/tcp//ms-wbt-server/// +Host: 192.168.2.2 () Status: Up +Host: 192.168.2.2 () Ports: 21/closed/tcp//ftp///, 22/closed/tcp//ssh///, 23/closed/tcp//telnet///, 25/closed/tcp//smtp///, 80/closed/tcp//http///, 110/closed/tcp//pop3///, 139/closed/tcp//netbios-ssn///, 443/closed/tcp//https///, 445/closed/tcp//microsoft-ds///, 3389/closed/tcp//ms-wbt-server/// +Host: 192.168.2.1 () Status: Up +Host: 192.168.2.1 () Ports: 21/closed/tcp//ftp///, 22/open/tcp//ssh///, 23/closed/tcp//telnet///, 25/closed/tcp//smtp///, 80/open/tcp//http///, 110/closed/tcp//pop3///, 139/closed/tcp//netbios-ssn///, 443/open/tcp//https///, 445/closed/tcp//microsoft-ds///, 3389/closed/tcp//ms-wbt-server/// +Host: 8.8.8.8 () Status: Up +Host: 8.8.8.8 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/open/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 1.1.1.1 () Status: Up +Host: 1.1.1.1 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/open/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/open/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 9.9.9.9 () Status: Up +Host: 9.9.9.9 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/open/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 54.148.131.38 () Status: Up +Host: 54.148.131.38 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 18.189.225.190 () Status: Up +Host: 18.189.225.190 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 44.194.63.231 () Status: Up +Host: 44.194.63.231 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 23.20.12.138 () Status: Up +Host: 23.20.12.138 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 44.197.59.112 () Status: Up +Host: 44.197.59.112 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 52.23.101.215 () Status: Up +Host: 52.23.101.215 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 3.210.66.140 () Status: Up +Host: 3.210.66.140 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 54.197.91.249 () Status: Up +Host: 54.197.91.249 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 54.164.86.146 () Status: Up +Host: 54.164.86.146 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +Host: 34.236.200.25 () Status: Up +Host: 34.236.200.25 () Ports: 21/filtered/tcp//ftp///, 22/filtered/tcp//ssh///, 23/filtered/tcp//telnet///, 25/filtered/tcp//smtp///, 80/filtered/tcp//http///, 110/filtered/tcp//pop3///, 139/filtered/tcp//netbios-ssn///, 443/filtered/tcp//https///, 445/filtered/tcp//microsoft-ds///, 3389/filtered/tcp//ms-wbt-server/// +# Nmap done at Mon Jan 13 14:06:43 2025 -- 18 IP addresses (18 hosts up) scanned in 1.54 seconds diff --git a/raw_files/nmap-sT-Pn-n-top-10.nmap b/raw_files/nmap-sT-Pn-n-top-10.nmap new file mode 100644 index 0000000..e1cd8fd --- /dev/null +++ b/raw_files/nmap-sT-Pn-n-top-10.nmap @@ -0,0 +1,272 @@ +# Nmap 7.95 scan initiated Mon Jan 13 14:06:42 2025 as: /usr/lib/nmap/nmap --privileged -sT -Pn -n -iL test.txt --top-ports=10 -oA raw_files/nmap-sT-Pn-n-top-10 +Nmap scan report for 192.168.86.1 +Host is up (0.00045s latency). + +PORT STATE SERVICE +21/tcp closed ftp +22/tcp open ssh +23/tcp closed telnet +25/tcp closed smtp +80/tcp open http +110/tcp closed pop3 +139/tcp closed netbios-ssn +443/tcp open https +445/tcp closed microsoft-ds +3389/tcp closed ms-wbt-server + +Nmap scan report for 192.168.86.2 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 192.168.86.8 +Host is up (0.0010s latency). + +PORT STATE SERVICE +21/tcp closed ftp +22/tcp open ssh +23/tcp closed telnet +25/tcp closed smtp +80/tcp open http +110/tcp closed pop3 +139/tcp open netbios-ssn +443/tcp open https +445/tcp open microsoft-ds +3389/tcp closed ms-wbt-server + +Nmap scan report for 192.168.2.2 +Host is up (0.00044s latency). + +PORT STATE SERVICE +21/tcp closed ftp +22/tcp closed ssh +23/tcp closed telnet +25/tcp closed smtp +80/tcp closed http +110/tcp closed pop3 +139/tcp closed netbios-ssn +443/tcp closed https +445/tcp closed microsoft-ds +3389/tcp closed ms-wbt-server + +Nmap scan report for 192.168.2.1 +Host is up (0.00061s latency). + +PORT STATE SERVICE +21/tcp closed ftp +22/tcp open ssh +23/tcp closed telnet +25/tcp closed smtp +80/tcp open http +110/tcp closed pop3 +139/tcp closed netbios-ssn +443/tcp open https +445/tcp closed microsoft-ds +3389/tcp closed ms-wbt-server + +Nmap scan report for 8.8.8.8 +Host is up (0.0045s latency). + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp open https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 1.1.1.1 +Host is up (0.0048s latency). + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp open http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp open https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 9.9.9.9 +Host is up (0.0045s latency). + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp open https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 54.148.131.38 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 18.189.225.190 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 44.194.63.231 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 23.20.12.138 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 44.197.59.112 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 52.23.101.215 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 3.210.66.140 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 54.197.91.249 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 54.164.86.146 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +Nmap scan report for 34.236.200.25 +Host is up. + +PORT STATE SERVICE +21/tcp filtered ftp +22/tcp filtered ssh +23/tcp filtered telnet +25/tcp filtered smtp +80/tcp filtered http +110/tcp filtered pop3 +139/tcp filtered netbios-ssn +443/tcp filtered https +445/tcp filtered microsoft-ds +3389/tcp filtered ms-wbt-server + +# Nmap done at Mon Jan 13 14:06:43 2025 -- 18 IP addresses (18 hosts up) scanned in 1.54 seconds diff --git a/raw_files/nmap-sT-Pn-n-top-10.xml b/raw_files/nmap-sT-Pn-n-top-10.xml new file mode 100644 index 0000000..1d2cbe6 --- /dev/null +++ b/raw_files/nmap-sT-Pn-n-top-10.xml @@ -0,0 +1,306 @@ + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + diff --git a/raw_files/pingable_hosts.txt b/raw_files/pingable_hosts.txt new file mode 100644 index 0000000..2b7c71c --- /dev/null +++ b/raw_files/pingable_hosts.txt @@ -0,0 +1,7 @@ +192.168.86.1 +192.168.86.8 +192.168.2.2 +192.168.2.1 +8.8.8.8 +1.1.1.1 +9.9.9.9 diff --git a/test.txt b/test.txt new file mode 100644 index 0000000..2b5b5c5 --- /dev/null +++ b/test.txt @@ -0,0 +1,18 @@ +192.168.86.1 +192.168.86.2 +192.168.86.8 +192.168.2.2 +192.168.2.1 +8.8.8.8 +1.1.1.1 +9.9.9.9 +54.148.131.38 +18.189.225.190 +44.194.63.231 +23.20.12.138 +44.197.59.112 +52.23.101.215 +3.210.66.140 +54.197.91.249 +54.164.86.146 +34.236.200.25