#!/bin/bash

# --- Dependency Check ---

dependencies=("nmap" "python3" "awk" "amap")

for dependency in "${dependencies[@]}"; do
  if ! command -v "$dependency" &> /dev/null; then
    echo -e "\e[1;31mERROR: $dependency is not installed. Please install it before running this script.\e[0m"
    exit 1
  fi
done

# ... (Rest of your script) ...
if [ $# -eq 0 ]; then
echo "Usage: ./external_pentest.sh <IP list in NMAP friendly format>"
echo ""
exit 1;
fi
echo ""
echo ""
echo -e "\e[1;96m External Pentesting Start Script by Daniel Brown \e[0m"
echo ""
echo ""

# User Input of Information #
echo -n " Input the number of top TCP ports you would like to scan (recommended 1024) greater than 0 : "
read topports

if [ $topports -eq 0 ];
then
	echo -e "\e[34m Number must be greater than zero! \e[0m";
	exit 1
fi

#Folder where raw scan files are stored
mkdir raw_files

#Variable storage
f1='raw_files'

## Pingable IP Check ##

echo ""
echo -e "\e[34m Checking for Ping on Hosts \e[0m"
echo ""
nmap -sP -iL $1 -PE -oG - | awk '/Up/{print $2}' > $f1/pingable_hosts.txt
echo ""
echo -e "\e[34m Finished Checking for Ping \e[0m"
echo ""
sleep 5

# Performs NMAP TCP Scans#
echo -e "\e[34m Starting NMAP TCP scans this can take a very long time \e[0m"
echo "";
nmap -sS -Pn -n -iL $1 --top-ports=$topports -T4 -oA $f1/nmap-sT-Pn-n-top-$topports &>/dev/null
echo ""
echo -e "\e[34m Finished NMAP TCP scans \e[0m"
echo ""
sleep 2.5

##python parser ##

python3 << EOF
import re,os
import tabulate
from sys import argv

def help():
  print("\n " + "-" * 52)
  print(" Nmap Parser v2.0, Daniel Brown (dbrow43@gmail.com) ")
  print(" " + "-" * 52)
  print("\n Usage: %s <gnmap file>" % argv[0])
  print()
  exit()

def start(argv):
  if len(argv) < 1:
    help()
  if not os.path.exists('open-ports'):
    os.makedirs('open-ports')

  target_file = open(argv[-1])
  targett_file = target_file.read().split('\n')

  for line in targett_file:
    ip_address = line[line.find(":")+2:line.find("(")-1]
    pattern = '([0-9]+)/open/(tcp|udp)/'
    find_pattern = re.findall(pattern, line)

    tcpwrapped_pattern = '([0-9]+)/open/tcp//tcpwrapped'
    find_tcpwrapped = re.findall(tcpwrapped_pattern, line)

    if find_pattern:
      for i in find_pattern:
        if i in find_tcpwrapped:
          continue
        tcp_file = open('open-ports/%s.txt' % i[0],'a')
        tcp_file.write("%s\n" % ip_address)
        tcp_file.close()
  target_file.close()
  print("Done. Check the \"open-ports\" folder for results.")

if __name__ == "__main__":
  try:
    # Construct the filename and pass it as an argument
    filename = "$f1/nmap-sT-Pn-n-top-$topports.gnmap" 
    start([filename])  
  except KeyboardInterrupt:
    print("\nExiting. Closed by user (ctrl-c).")
  except Exception as err:
    print(err)
EOF

# Get the current date for archiving #

current_date=$(date +%Y-%m-%d)  # Get the date here
results_dir="results_$current_date" # Define the results directory name

echo -e "\e[33mArchiving results...\e[0m"

# Move the open-ports and raw_files directories into the results directory
mkdir $results_dir
mv open-ports "$results_dir"
mv raw_files "$results_dir"

echo -e "\e[32mResults archived in: $results_dir\e[0m"
echo ""

# --- Check for specific open ports ---

echo -e "\e[33mChecking for unexpected open ports...\e[0m"

# List of allowed ports
allowed_ports=$(cat << EOF
80
443
EOF
)

# Get a list of all files (ports) in the open-ports directory
found_ports=$(ls $results_dir/open-ports)

# Loop through each found port
for port in $found_ports; do
  # Remove the .txt extension from the filename
  port_number="${port%.txt}"

  # Check if the port is NOT in the allowed_ports list
  if ! echo "$allowed_ports" | grep -qw "$port_number"; then
    echo -e "\e[1;31mWARNING: Unexpected port $port_number is open on some hosts! See $results_dir/open-ports/$port.txt for details.\e[0m"
  fi
done

echo ""
echo -e "\e[1;34m Finished Running Script \e[0m"
echo ""