CVE-2015-3306 массовый чек

Discussion in 'Песочница' started by traceme, 21 Aug 2015.

  1. traceme

    traceme Member

    Joined:
    11 Jun 2015
    Messages:
    34
    Likes Received:
    11
    Reputations:
    1
    Попробовал автоматизировать массовый чек CVE-2015-3306
    Не получается нормально прогнать цикл сканирования, пробовал немного другой вариант , выходил бесконечный цикл.
    Подскажите где ошибка в г*коде
    Code:
    #!/bin/bash
if [ "$EUID" -ne 0 ]
  then
  echo -e "\e[1;31m Run as root \e[0m"
  exit
fi
printf "\rEnter filename:"
read ip_addr_file
if [ ! -f "$ip_addr_file" ]
  then
  echo -e "\e[1;31m File $ip_addr_file does not exist \e[0m"
  exit
fi


do_masscan(){
  temp_count_=0
  exec 3<&0
  exec 0<$temp_name_cat
  while read line
  do
  temp_count_=$((++temp_count_))

  done
  exec 0<&3
  if [ "$temp_count_" -le "8000" ]
  then
  read_count=$temp_count_
  fi
  scan_result=$(cat $temp_name_cat |head -$read_count |grep '[0-9].[0-9].[0-9].[0-9]' | tr '\n' ',' | sed 's/.$//')
  sudo masscan $scan_result -p21 --source-port $free_port --rate 100000 --banners -oJ $temp_name_masscan > /dev/null 2>&1
  sed -i "1,$grep_" $temp_name_cat
  echo -e "\e[0;32m $read_count scanned of total $count_all \e[0m"
  if [ "$temp_count_" -le "0" ]
  then
  scan_finished
  else
  if [ "$temp_count_" -le "8000" ]
  then
  grep_=$((temp_count_))\d
  do_masscan
  fi
  fi
}

scan_finished(){
iptables -D INPUT -p tcp --dport $free_port -j DROP
rm $temp_name_cat
rm $temp_name_masscan
echo
echo -e "[ \e[0;32m Done \e[0m ]"
echo
echo -e "\e[0;32m Parsing output...  \e[0m"
cat $temp_name_masscan | grep 'ProFTPD 1.3.4a' | awk '{print $3}' | tr -d '",'>> $save_ass
cat $temp_name_masscan | grep 'ProFTPD 1.3.5rc3' | awk '{print $3}' | tr -d '",'>> $save_ass
while read -r save_ass
  do
  count_all=$((++count_total))
  done < $save_ass
echo -e "\e[0;32m Found $count_total hosts \e[0m"
}

printf "\rSave as:"
read save_ass
echo
printf "\rSpecify free port:"
read free_port
echo -e "\e[0;32m Preparing for scan... \e[0m"
count_all=0
count_total=0
trig=0
iptables -A INPUT -p tcp --dport $free_port -j DROP
temp_name_cat=$(echo $ip_addr_file | md5sum | sed 's/.........$//')
temp_name_masscan=$(echo $ip_addr_file | md5sum | sed 's/...$//')
cp $ip_addr_file $temp_name_cat
while read -r ip_addr_file
  do
  count_all=$((++count_all))
  done < $ip_addr_file
if [ "$count_all" -le "8000" ]
  then
  read_count=$count_all
  else
  read_count=8000
fi
grep_=$((read_count))\d
echo
echo -e "[ \e[0;32m Done \e[0m ]"
echo

echo -e "\e[0;32m Scan in progress...  \e[0m"
trig=$((++trig))
if [ "$trig" == "1" ]; then do_masscan; fi
     
    #1 traceme, 21 Aug 2015
    Last edited: 23 Aug 2015
  2. traceme

    traceme Member

    Joined:
    11 Jun 2015
    Messages:
    34
    Likes Received:
    11
    Reputations:
    1
    В итоге сам выявил в говнокоде ошибку, теперь нормально сканит, кому надо берите)
    Code:
    #!/bin/bash
if [ "$EUID" -ne 0 ]
  then
  echo -e "\e[1;31m Run as root \e[0m"
  exit
fi
printf "\rEnter filename:"
read ip_addr_file
if [ ! -f "$ip_addr_file" ]
  then
  echo -e "\e[1;31m File $ip_addr_file does not exist \e[0m"
  exit
fi



do_masscan(){
  temp_count_=0
  while read line
   do
    temp_count_=$((++temp_count_))

  done < $temp_name_cat
  if [ "$temp_count_" -le "8000" ]
  then
  read_count=$temp_count_
  grep_=$((temp_count_))\d
  fi
  scan_result=$(cat $temp_name_cat |head -$read_count |grep '[0-9].[0-9].[0-9].[0-9]' | tr '\n' ',' | sed 's/.$//')
  sudo masscan $scan_result -p21 --source-port $free_port --rate 100000 --banners -oJ $temp_name_masscan
  cat $temp_name_masscan | grep 'ProFTPD 1.3.4a' | awk '{print $3}' | tr -d '",'>> $save_ass
  cat $temp_name_masscan | grep 'ProFTPD 1.3.5rc3' | awk '{print $3}' | tr -d '",'>> $save_ass

  temp_file_sed=$(echo $temp_name_cat | md5sum | sed 's/...$//')
  sed -e "1,$grep_" $temp_name_cat >> $temp_file_sed
  mv $temp_file_sed $temp_name_cat
  echo -e "\e[0;32m $read_count scanned of total $count_all \e[0m"

  if [ "$temp_count_" -le "0" ]
  then
  scan_finished
  else
     do_masscan
  fi
}

scan_finished(){
iptables -D INPUT -p tcp --dport $free_port -j DROP
echo
echo -e "[ \e[0;32m Done \e[0m ]"
echo
while read -r save_ass
  do
  count_all=$((++count_total))
  done < $save_ass
echo -e "\e[0;32m Found $count_total hosts \e[0m"
rm $temp_name_cat
rm $temp_name_masscan
}

printf "\rSave as:"
read save_ass
echo
printf "\rSpecify free port:"
read free_port
echo -e "\e[0;32m Preparing for scan... \e[0m"
count_all=0
count_total=0
trig=0
iptables -A INPUT -p tcp --dport $free_port -j DROP
temp_name_cat=$(echo $ip_addr_file | md5sum | sed 's/.........$//')
temp_name_masscan=$(echo $ip_addr_file | md5sum | sed 's/...$//')
cp $ip_addr_file $temp_name_cat
while read -r ip_addr_file
  do
  count_all=$((++count_all))
  done < $ip_addr_file
if [ "$count_all" -le "8000" ]
  then
  read_count=$count_all
  else
  read_count=8000
fi
grep_=$((read_count))\d
echo
echo -e "[ \e[0;32m Done \e[0m ]"
echo

echo -e "\e[0;32m Scan in progress...  \e[0m"
trig=$((++trig))
if [ "$trig" == "1" ]; then do_masscan; fi
    Некорректно выводятся информационные сообщения, но работает
     
    #2 traceme, 23 Aug 2015
    binarymaster likes this.
  3. buybot

    buybot New Member

    Joined:
    23 Aug 2015
    Messages:
    1
    Likes Received:
    0
    Reputations:
    0
    Спс
     
    #3 buybot, 23 Aug 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - массовый
  1. zase

    массовый взлом сайтов

    zase, 25 Dec 2022, in forum: Песочница
    Replies:
    1
    Views:
    3,430
    lifescore
    14 Jan 2023
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.