«
»

bash script for nmap list scan

October 14th, 2009 by webstersprodigy

This is a stupid script to scan a class b network. I only wanted a detailed scan of hosts that exist (which I generated with a ping scan). I also wanted this information separated by file.

So this takes every class C within the class B and checks to see if there are any IPs in it. If there are, it nmaps the ones that exist and writes them to their own file.

Also, the IP range is 10.1, so change as needed.


#!/bin/bash
for i in {1..254}; do
  cat iplist_sorted.txt |grep "10[.]1[.]$i" > /dev/null
  #if there are hosts on this class C
  if [ $? -eq 0 ]; then
    echo "nmaping $i"
    cat iplist_sorted.txt |grep "10[.]1[.]$i[.]" > ./ip_tmplist_$i
    #of course, specific scans will vary
    nmap -iL ./ip_tmplist_$i -sS -T4 -n -A -v --top-ports 2000 -oN ./nmap_10.1.$i.Xscan max-rtt-timeout 200
    rm ./ip_tmplist_$i
  fi
done

Tags:

This entry was posted on Wednesday, October 14th, 2009 at 05:24 and is filed under GrayHat, Network, Programming. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “bash script for nmap list scan”

  1. mopey Says:
    October 14th, 2009 at 05:27

    Take this with a grain of salt. This is the largest network I’ve ever scanned, but this is the first thing that came to mind. That also means it’s probably not the most intelligent solution.

    Ping Scan -> bash to extract list of IPs -> this

  2. mopey Says:
    November 13th, 2009 at 23:58

    I’m kind of an idiot. Later, I discovered the -resume option and all was made right. Ignore this script.

Leave a Reply

No computers were harmed in the 0.175 seconds it took to produce this page.