I know it's basic, but it works - I'd be very happy if someone could come up with a script that would accept a subnet in CIDR format and scan all IP's with that subnet. Something like "hbscan 172.16.1.0/24"
Step-by-step:
- Create a ~/heartbleed
- Copy the Heartbleed binary into the folder created at (1)
- Copy the script below into the ~/heartbleed direcotry and call it something like hbscan
- Make hbscan runnable (chmod 755 hbscan)
- Copy file(s) containing the IP addresses you wish to scan into ~/heartbleed
- Create a ~/heartbleed/scans directory
- Scan the networks using './hbscan filewithips'
Here's the script I used:
#!/bin/bash
E_BADARGS=65
logs=~/heartbleed/scans
today=`date +%F`
if [ -z "$1" ]; then
echo " Usage: `basename $0` list"
exit $E_BADARGS
fi
if [ ! -d $logs/$today ]; then
echo "[*] Creating $logs/$today"
mkdir $logs/$today
fi
hosts=$1
touch $logs/$today/$hosts
while read -r host
do
echo "[*] Scanning $host..."
~/heartbleed/Heartbleed $host 2>> $logs/$today/$hosts
done < $hosts
echo "[*] Scans completed."
That script was frankenstiened from:
http://www.commondork.com/2013/07/06/bash-script-to-scan-subnets-with-nmap/
No comments:
Post a Comment