mst.sh

1. #/bin/bash
2.  
3. # MST -- The Meta-Scan Tool
4. # This tool combines a few simple functions that need to
5. #  be done at every client into a single program.
6.  
7.  
8. # Make sure required files are in the current directory
9. if [ -f './networks' ] && [ -f './services_list' ]
10. then
11.   echo ""
12.   echo "**************************"
13.   echo "MST -- The Meta-Scan Tool"
14.   echo "**************************"
15.   echo ""
16.   echo "You are currently in the \"`pwd`\" directory."
17.   echo "Is that the directory you're supposed to be in?"
18.   sleep 2
19.   echo ""
20.   echo "Starting scan in 10 seconds..."
21.   sleep 1
22.   echo ""
23.   for i in `seq 1 10`
24.    do
25.       echo "$i ..."
26.       sleep 1
27.    done
28. else
29.   echo ""
30.   echo "Oops. Make sure you satisfy the following conditions:"
31.   echo ""
32.   echo "  1. You're in the proper client's directory (don't overwrite something you want)."
33.   echo "  2. You have a file in the current directory named: 'networks'"
34.   echo "  3. You have a file in the current directory named: 'services_list'"
35.   echo ""
36.   exit $error_nofile
37. fi
38.  
39. # Lay out the variables
40. num_args=$#
41. services=`cat ./services_list`
42. networks=./networks
43. error_nofile=66
44.  
45. # Check to make sure one (and only one) argument is given to scat
46. if [ $num_args -ne 0 ]
47.   then
48.     echo "Usage: mst"
49.   exit
50. fi
51.  
52.  
53. # Call Nmap for host discovery and write the output to a file called "hosts"
54. echo ""
55. echo "-----------------------------"
56. echo "1. Scanning for live hosts..."
57. echo "-----------------------------"
58. nmap -sP -PS21,22,23,25,80,88,139,389,445,3389 -iL $networks > hosts_tmp
59. cat hosts_tmp | grep is | grep up > hosts
60. ## Removed the comment out of the deletion of hosts_tmp file. This was originally added to aid in testing.
61. rm ./hosts_tmp
62. echo ""
63. echo "  Host discovery complete."
64. echo "  `wc -l hosts | awk '{print $1}'` hosts found."
65.  
66. # Sleep for two seconds
67. sleep 2
68.  
69. # Scan each network and make sessions for each in all Nmap formats
70. echo ""
71. echo "---------------------------"
72. echo "2. Performing Nmap scans..."
73. echo "---------------------------"
74. echo ""
75. sleep 1
76. for line in `cat $networks`
77. do
78.   echo "  Scanning $line ..."
79.   session=`echo $line | tr "/" "-"`
80.   nmap -vv -T4 -sV -O -PS21,22,23,25,80,88,139,389,445,3389 -pT:1-65535,U:53,135,137,138,139,161 -oA $session $line > /dev/null
81. done
82. echo ""
83. echo "  Nmap scans complete."
84.  
85. # Grep through the output to find the services available on each network
86. echo ""
87. echo "------------------------------------"
88. echo "3. Collecting service information..."
89. echo "------------------------------------"
90. for file in `ls | grep \.gnmap$`
91. do
92.   for service in $services
93.   do
94.     grep $service $file | cut -d" " -f2 >> `echo $file | sed  s/\.gnmap/""/`-SVC-$service
95.   done
96. done
97.  
98. # Consolidate the service information into single files
99. for service in $services
100. do
101.   cat *SVC-$service > SERVICE-$service
102. done
103.  
104. # Create a service summary file
105. for service in $services
106. do
107.   echo "There are `wc -l SERVICE-$service | awk '{print $1}'` $service servers." >> services_summary
108. done
109.  
110.  
111. # Create directory structure and organize results
112. echo ""
113. echo "----------------------------"
114. echo "4. Preparing your results..."
115. echo "----------------------------"
116.  
117. sleep 3
118.  
119. mkdir ./nmap 2> /dev/null
120. mkdir ./services 2> /dev/null
121.  
122. mv *.nmap ./nmap
123. mv *.xml ./nmap
124. mv *.gnmap ./nmap
125. mv *SVC* ./services
126. mv *SERVICE* ./services
127. mv ./services_summary ./services
128.  
129. # Farewell message
130. echo ""
131. echo "Process complete. Your content is ready."