Custom bash scripts used to automate various pentesting tasks.

[LeeRock]

This is a collection of bash scripts I have written that I would like to share with the community.
Designed for use with BackTrack 5 R3 gnome.

http://code.google.com/p/backtrack-scripts/

=================================================

Updates

March 12
* Added the following to the 'update' alias.

• apt-get autoremove and autoclean
• BeEF
• HexorBase
• Nessus
• Sqlninja
• WPScan

* Scrape > Active

• Fixed bug with email addresses not showing up.
• Added sub-domains to dnsrecon.

* Open multiple tabs in Firefox

• You can now specify a port.
• Port 21 will use ftp://IP
• Port 80 will use http://IP
• Port 443 will use https://IP
• Misc port will use http://IPort

March 5
* Added MetaGoofil to the 'update' alias.

Feb 28
* Added Reaver to the 'update' alias.
* Added WiFite to the 'update' alias.

Feb 19
* Scrape > Passive: added nmap scripts ip-geolocation-geobytes and whois.
* Scrape > Active: added nmap script http-email-harvest.

Feb 9
* Added Fern WiFi to the 'update' alias.
* Added Ghost Phisher to the 'update' alias.

Feb 1
* Added recon-ng to the 'update' alias.

Jan 27
* Added NSE ike-version.

Jan 26
* Added the SET git-hub repo to the 'update' alias.
* Combined part of setup.sh to the 'update' alias.

Jan 24
* Fixed bug - when using the 'tr' command.
* Changed how the scanner IP is determined.

Jan 23
* Added auxiliary/scanner/backdoor/energizer_duo_detect to the energizer-duo resource file.
* Added auxiliary/scanner/misc/java_rmi_server to the rmi resource file.
* Added auxiliary/scanner/oracle/tnslsnr_version to the oracle2 resource file.
* Added auxiliary/scanner/oracle/sid_enum to the oracle2 resource file.

Jan 16
* Fixed bug - forgot to set the global port number in oracle.rc.
* Tweaked the order of scanners in the following resource files: ftp, mssql, smb, smtp, snmp and telnet.
* Added auxiliary/admin/ftp/titanftp_xcrc_traversal to the ftp resource file.

Jan 7
* Removed Metasploit from setup.sh.
* Change the 'update' alias to reflect the new location of the Metasploit repo.

Jan 5, 2013
* Removed NSE ssh-hostkey.
* Added NSE http-methods.

Dec 28
* Added NSE rdp-vuln-ms12-020.

Dec 15
* Removed NSE smb-vuln-ms10-061.
* Feature request - created a file ssl.txt with the format IP: port. Ports include 21,25,443,465,993,995,8443. You should feed this file to the SSL Check option.

Dec 14
* Cleaned up NSE output for ports 23, 53, 111, 123, 137, 389, 445, 548, 1785, 3031, 5353, 5666, 5900, 60030
* Removed NSEs ftp-vuln-cve2010-4221, rdp-vuln-ms12-020, smtp-enum-users, smtp-vuln-cve2010-4344, smtp-vuln-cve2011-1764

Dec 13
* Removed NSE mysql-vuln-cve2012-2122. It was blowing up Snort.

Dec 12
* SSL Check - scanning a report cleanup.
* SSL Check - added a new check for Untrusted TLS/SSL server X.509 certificate.

Dec 11
* The Metasploit workspace is no longer deleted after the export.
* nmap.xml is now imported into the Metasploit workspace after the export.
* setup.sh and the alias 'update' have been changed to reflect the new git-hub location of nikto.

Dec 10
* Jon Villanti reported a bug and fix with robtext.com.

Dec 7
* Added additional 'update' alias entry to automatically set execute bit on .sh files in /opt/scripts (jta).

Dec 4
* Fixed bug - NSE wrong port number. 100,000 to 10,000.
* Fixed bug - forgot to create resource file telnet2.rc.
* Removed auxiliary/scanner/mysql/mysql_authbypass_hashdump from resource file mysql.rc.
* Removed auxiliary/scanner/http/tomcat_mgr_login from resource file tomcat.rc.

Dec 3
* Added auxiliary/scanner/ntp/ntp_readvar to resource file ntp.rc.
* Added setg RPORT to most resource files.
* Fixed a bug in the parsing when running Ping Sweep. Some hosts reply with FQDN and IP, while others only reply with IP.
* Fixed a bug in the Voldemort NSE where it was reading from the wrong file.
* Removed port 587 tcp from all scans as it pertains to Gmail and not SMTP.
* Split NSE for SMTP into SMTP and SMTP/S.
* Split resource file db2.rc into two files, db2.rc for port 523 and db2-version.rc for port 50000.
* Split resource file oracle.rc into two files, oracle.rc for port 1158 and oracle2.rc for port 1521.
* Split resource file smtp.rc into two files, smtp.rc for port 25 and smtp-s.rc for port 465.
* Split resource file telnet.rc into two files, telnet.rc for port 23 and telnet2.rc for port 9999.

Nov 11
* Added a new menu option to reinstall nmap.
* Tweaked the alias 'update' for nmap.
* Tweaked the alias 'update' to update the locate database.
* Tweaked setup.sh for installing nmap.

Nov 1
* Added `JoomScan` to setup.sh and the alias 'update'
* Fix a problem with loading nmap scripts.

Oct 9
* Tweaked the alias 'update': added Exploit-db and removed Fast-Track.
* Added nmap scripts cassandra-info and msrpc-enum
* Added Metasploit auxiliary netdecision_tftp.
* Open Source Intelligence Gathering > Company: added ipinfodb, robtex, pastebin, Ultimate recon.
* Scrape > Passive: updated filters.

Sept 16
* Scrape > Passive: added a summary and updated filters.

Aug 20
* setup.sh: added jigsaw

Aug 19
* Scrape > Passive: added goofile.

July 29
* Added new menu option - `Crack WiFi`

July 27
* Nikto now takes a list of nmap greppable output.

July 25
* Added color to update alias and framework.

July 5
* Tweaked the alias 'update' and setup.sh to reflect the new hosted location of sqlmap.

June 28
* Scrape > Passive: updated filters.

June 20
* After testing Metasploitable 2 by doing a full port scan, I noticed there were some ports missing from my default scan. The following TCP ports have been added: 1524, 6697, 8787, 41364, 48992, 49663, 59034.

June 11
* Scrape now contains passive and active options.

June 5
* Check 'notes' for a To-Do list

June 4
* Added new menu option - Niktos

=================================================

1. Download scripts to the proper location.
svn co https://backtrack-scripts.googlecode.com/svn/ /opt/scripts

2. Set permissions.
chmod +x /opt/scripts/ -R

3. Run the setup script.
cd /opt/scripts/
./setup.sh

4. Exit Terminal and open a new one.
Run the new alias to update the distro and commonly used applications. This should be ran daily.
update

5. Run the main application.
./discover.sh

=================================================

RECON - Names, emails, URLs, whois, DNS, traceroute and load balancing.
1. Open Source Intelligence Gathering
2. Scrape

DISCOVER - Host discovery, port scanning, service enumeration and OS
identification using Nmap, Nmap scripts and Metasploit scanners.
3. Ping Sweep
4. Single IP, URL or Range
5. Local Area Network
6. List
7. CIDR Notation

WEB
8. Open multiple tabs in Firefox
9. Nikto
10. SSL Check

MISC
11. Crack WiFi
12. Reinstall nmap
13. Start a Metasploit listener
14. Exit

=================================================

Open Source Intelligence Gathering.

1. Company
2. Person
3. Previous menu

=================================================

Scrape

1. Passive
2. Active
3. Previous menu

=================================================

Open multiple tabs in Firefox with:

1. List containing IPs and/or URLs.
2. Directories from a domain's robot.txt.
3. Previous menu

[thorin]

I haven't had a chance to check them out yet but you might want to consider posting them to:
http://www.pentesterscripting.com/