• ./MySQLscanner.sh
  • L in u X ba sics for h acke rs g e t t I n g s t a r t e d w I t h




    Download 7,3 Mb.
    Pdf ko'rish
    bet91/115
    Sana27.11.2023
    Hajmi7,3 Mb.
    #106243
    1   ...   87   88   89   90   91   92   93   94   ...   115
    Bog'liq
    linuxbasicsforhackers

    A Simple Scanner
    Before we write the script to scan public IPs across the internet, let’s take on 
    much a smaller task. Instead of scanning the globe, let’s first write a script to 
    scan for port 3306 on a local area network to see whether our script actually 
    works. If it does, we can easily edit it to do the much larger task.
    In your text editor, enter the script shown in Listing 8-3.
    u
    #! /bin/bash
    v
    # This script is designed to find hosts with MySQL installed
    nmap 
    w
    -sT 192.168.181.0/24 
    x
    -p 3306 
    y
    >/dev/null 
    z
    -oG MySQLscan
    {
    cat MySQLscan | grep open > MySQLscan2 
    |
    cat MySQLscan2
    Listing 8-3: The simplified scanner script
    We start with the shebang and the interpreter to use u. Let’s follow this 
    with a comment to explain what the script does v.


    88
    Chapter 8
    Now let’s use the 
    nmap
    command to request a TCP scan w on our LAN, 
    looking for port 3306 x. (Note that your IP addresses may differ; in your 
    terminal, use the 
    ifconfig
    command on Linux or the 
    ipconfig
    command on 
    Windows to determine your IP address.) The redirect symbol 
    >
    tells the 
    standard nmap output, which usually goes to the screen, to instead go to 
    /dev/null, which is simply a place to send output so that it disappears y. 
    We’re doing this on a local machine, so it doesn’t matter so much, but if you 
    were to use the script remotely, you’d want to hide the nmap output. We then 
    send the output of the scan to a file named MySQLscan in a grep-able format 
    z
    , meaning a format that grep can work on.
    The next line displays the MySQLscan file we stored the output in and 
    then pipes that output to 
    grep
    to filter for lines that include the keyword 
    open
    {. Then we put those lines into a file named MySQLscan2 |.
    Finally, you display the contents of the file MySQLscan2. This final file 
    should only include lines of output from nmap with hosts that have port 3306 
    open. Save this file as MySQLscanner.sh and give yourself execute permissions 
    with 
    chmod 755

    Execute the script, like so:
    kali >./MySQLscanner.sh
    Host: 192.168.181.69 () Ports: 3306/open/tcp//mysql///
    As we can see, this script was able to identify the only IP address on my 
    LAN with MySQL running. Your results may differ, depending on whether 
    any ports are running MySQL installations on your local network, of course.

    Download 7,3 Mb.
    1   ...   87   88   89   90   91   92   93   94   ...   115




    Download 7,3 Mb.
    Pdf ko'rish

    Bosh sahifa
    Aloqalar

        Bosh sahifa



    L in u X ba sics for h acke rs g e t t I n g s t a r t e d w I t h

    Download 7,3 Mb.
    Pdf ko'rish