On 2/17/07, Marcin Antkiewicz <[EMAIL PROTECTED]> wrote: > On Sat, 17 Feb 2007, pagvac wrote: > > The following script might also help find Solaris telnet servers on > > your network. > > [...] > > > for IP in `cat $IPSFILE` > > do > > echo "Trying $IP ..."; > > if nmap -P0 -n -p23 -sS $IP | grep -i open > /dev/null > > then > > if nmap -P0 -n -p23 -sV $IP | grep -ie 'SunOS' -ie 'Solaris' > > then > > echo "$MESSAGE on $IP"; echo $IP >> > > $0.results; echo $IP | mail -s $MESSAGE $EMAIL > > fi > > fi > > done > > > The output would be too noisy on a large network. Few weeks ago I ran
Noisy only on the screen/email output. However, notice that *only* the IP addresses found running Solaris telnet servers are written to the results file ($0.results). Perhaps we should change it to the following so that only one email is sent with all the IP addresses found: #!/bin/bash # solaris-telnetd-audit.sh IPSFILE="./ips.lst"; # file containing IPs to scan MESSAGE="possible-Solaris-telnet-server-found"; EMAIL="[EMAIL PROTECTED]"; for IP in `cat $IPSFILE` do echo "Trying $IP ..."; if nmap -P0 -n -p23 -sS $IP | grep -i open > /dev/null then if nmap -P0 -n -p23 -sV $IP | grep -ie 'SunOS' -ie 'Solaris' > /dev/null then echo "$MESSAGE -> $IP"; echo $IP >> $0.results; fi fi done cat $0.results | mail -s $MESSAGE $EMAIL P.S.: I personally like using genip [http://www.bindshell.net/tools/genip] for generating lists of IP addresses. > something that would go like this: > > > ( echo "Sun bxes with telnet"; \ > nmap -n -P0 -iL list -p 23 -O -oG - | \ > grep -Ei 'Host.+open.+(Solaris|SunOS)' | \ > cut -d ' ' -f 2 \ > ) | mail -s "Check those" [EMAIL PROTECTED] > > > -- > Marcin Antkiewicz > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- pagvac [http://ikwt.com/] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/