basic scan and functionality working.

2025-01-13 14:55:56 -05:00
parent 5c96bd7449
commit 7fefbcf225
16 changed files with 1244 additions and 637 deletions
--- a/external_pentest.sh
+++ b/external_pentest.sh
@@ -1,50 +1,63 @@
 #!/bin/bash

+# --- Dependency Check ---

+dependencies=("nmap" "python3" "awk" "amap")
+
+for dependency in "${dependencies[@]}"; do
+  if ! command -v "$dependency" &> /dev/null; then
+    echo -e "\e[1;31mERROR: $dependency is not installed. Please install it before running this script.\e[0m"
+    exit 1
+  fi
+done
+
+# ... (Rest of your script) ...
 if [ $# -eq 0 ]; then
-echo "Usage: ./external_pentest.sh <IP list in NMAP friendly format>";
-echo "";
+echo "Usage: ./external_pentest.sh <IP list in NMAP friendly format>"
+echo ""
 exit 1;
 fi
-echo "";
-echo "";
-echo -e "\e[1;96m External Pentesting Start Script by Daniel Brown \e[0m";
-echo "";
-echo "";
+echo ""
+echo ""
+echo -e "\e[1;96m External Pentesting Start Script by Daniel Brown \e[0m"
+echo ""
+echo ""

 # User Input of Information #
-echo -n " Input the number of top TCP ports you would like to scan (recommended 1024) greater than 0 : ";
+echo -n " Input the number of top TCP ports you would like to scan (recommended 1024) greater than 0 : "
 read topports

 if [ $topports -eq 0 ];
 then
 	echo -e "\e[34m Number must be greater than zero! \e[0m";
-	exit 1;
+	exit 1
 fi

 #Folder where raw scan files are stored
 mkdir raw_files

 #Variable storage
-f1='raw_files';
+f1='raw_files'

 ## Pingable IP Check ##

-echo "";
-echo -e "\e[34m Checking for Ping on Hosts \e[0m";
-echo "";
+echo ""
+echo -e "\e[34m Checking for Ping on Hosts \e[0m"
+echo ""
 nmap -sP -iL $1 -PE -oG - | awk '/Up/{print $2}' > $f1/pingable_hosts.txt
-echo "";
-echo -e "\e[34m Finished Checking for Ping \e[0m";
-echo "";
+echo ""
+echo -e "\e[34m Finished Checking for Ping \e[0m"
+echo ""
+sleep 5

 # Performs NMAP TCP Scans#
-echo -e "\e[34m Starting NMAP TCP scans \e[0m";
-echo "";
-nmap -sT -Pn -n -iL $1 --top-ports=$topports -oA $f1/nmap-sT-Pn-n-top-$topports;
-echo "";
-echo -e "\e[34m Finished NMAP TCP scans \e[0m";
+echo -e "\e[34m Starting NMAP TCP scans this can take a very long time \e[0m"
 echo "";
+nmap -sS -Pn -n -iL $1 --top-ports=$topports -T4 -oA $f1/nmap-sT-Pn-n-top-$topports &>/dev/null
+echo ""
+echo -e "\e[34m Finished NMAP TCP scans \e[0m"
+echo ""
+sleep 2.5

 ##python parser ##

@@ -98,3 +111,47 @@ if __name__ == "__main__":
  except Exception as err:
    print(err)
 EOF
+
+# Get the current date for archiving #
+
+current_date=$(date +%Y-%m-%d)  # Get the date here
+results_dir="results_$current_date" # Define the results directory name
+
+echo -e "\e[33mArchiving results...\e[0m"
+
+# Move the open-ports and raw_files directories into the results directory
+mkdir $results_dir
+mv open-ports "$results_dir"
+mv raw_files "$results_dir"
+
+echo -e "\e[32mResults archived in: $results_dir\e[0m"
+echo ""
+
+# --- Check for specific open ports ---
+
+echo -e "\e[33mChecking for unexpected open ports...\e[0m"
+
+# List of allowed ports
+allowed_ports=$(cat << EOF
+80
+443
+EOF
+)
+
+# Get a list of all files (ports) in the open-ports directory
+found_ports=$(ls $results_dir/open-ports)
+
+# Loop through each found port
+for port in $found_ports; do
+  # Remove the .txt extension from the filename
+  port_number="${port%.txt}"
+
+  # Check if the port is NOT in the allowed_ports list
+  if ! echo "$allowed_ports" | grep -qw "$port_number"; then
+    echo -e "\e[1;31mWARNING: Unexpected port $port_number is open on some hosts! See $results_dir/open-ports/$port.txt for details.\e[0m"
+  fi
+done
+
+echo ""
+echo -e "\e[1;34m Finished Running Script \e[0m"
+echo ""