Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#2327 - 12/02/03 05:28 AM GLIPER - Grepable Logifile IP ExtractoR  
Joined: Apr 2002
Posts: 135
? Offline
UGN Member
?  Offline
UGN Member

Joined: Apr 2002
Posts: 135
nmap has this cool random search option that lets you scan random IP numbers. It can come if very handy if you are looking for a certain service or someplace to try out a new exploit.

nmap -sS -iR 0 -p 21

this will randomly search for FTP servers. Now, you are going to get a lot of servers that have the port closed or filtered and it's a pain in the ass going through the output looking for an open server. If you add the -oG option you can save the output to a grepable file but you still get all the closed hosts . This is where GLIPER comes in. you feed it a nmap logfile and it spits out a file of only the IP addresses which have the port open, which then can be used for further testing with tools like nessus etc. when you issue the nmap command jus specify a logfile and run it through GLIPER and you save yourself a whole lotta time.

nmap -sS -iR 0 -p 21 -oG logfile

I realize this will make a lot of script kiddies happy but hey, I needed somethin like this for myself and why not share it with the rest of the world. Here's the source, it's in Perl. Do what you want with it..


------------------cut ----------------------

#!/usr/bin/perl -w
#hope you like all the comments
#even your grand mother could make sense of this code


print "*************************************************\n";
print "\t\tGliper (v 0.1)\n";
print "Extracts IP addresses from Nmap grepable logfiles\n";
print "Issue nmap command with '-oG' option\n";
print "by: Damien (damienak1\@hotmail.com)\n";
print "*************************************************\n\n";


#open nmap logfile
print "Enter name of logfile: ";
chomp($logfile = );
open(LOG, $logfile) || die;

#open a file for output
print "Enter name of output file: ";
chomp($output = );
open(OUTPUT, ">$output");

#array of lines from logfile
@lines = ;

#go through array looking for strings matching the regular expressions
foreach(@lines){
if (/Host: / && /open/){ #only lines starting with Host: that have an open port
s/Host:(\s)//; #delete the Host: string
s/(\s).{1,100}//; #delete anythin after white-space
print OUTPUT; #print IP address to the output file
}
}

#close both file-handles
close(OUTPUT);
close(LOG);


-----------------------------cut--------------------------------

p.s. I wasn't sure where to post this. we don't have a perl forum, perl and nmap are available on linux and windows, and the other programming section is about website programming, and this isn't. so if it's in the wrong forum somebody can move it.


I KNOW EVERYTHING. ASK ME.
Sponsored Links
#2328 - 12/02/03 05:56 AM Re: GLIPER - Grepable Logifile IP ExtractoR  
Joined: Mar 2002
Posts: 1,041
Infinite Offline
UGN Elite Poster
Infinite  Offline
UGN Elite Poster

Joined: Mar 2002
Posts: 1,041
Canada eh
Technically Perl is lumped in with the webdesign forum (see description). I don't really like that just cause I use Perl and it has nothing to do with webdesign

Nice little util though dak. But why not just 'cat logfile | grep open' ?

Infinite

#2329 - 12/02/03 06:15 AM Re: GLIPER - Grepable Logifile IP ExtractoR  
Joined: Apr 2002
Posts: 135
? Offline
UGN Member
?  Offline
UGN Member

Joined: Apr 2002
Posts: 135
well, let say you want to to get a list of ftp servers and them run them through nessus. nessus (or any other program) doesn't understand all the other shit thats on the line. or if some evil hacker wanted to launch a worm, he could have this as part of his payload to make the hacked servers scan for more servers with the same service running an then try to exploit each one in the list,. there a bunch of application for this, none of them good. at least none that i can figure out. but hey, i wrote this while i was learning perl an it turned out kinda cool, so thats reason enough.


I KNOW EVERYTHING. ASK ME.
#2330 - 12/04/03 06:46 AM Re: GLIPER - Grepable Logifile IP ExtractoR  
Joined: Jun 2002
Posts: 207
Gollum Offline
Member
Gollum  Offline
Member

Joined: Jun 2002
Posts: 207
US
wouldn't this work? then just open up the "newlogfile" in nessus.
cat logfile | grep open > newlogfile
anyway, i realize you probably wrote this partly b/c you wanted to try out some perl scripting stuff, which is cool, so even if there is a simpler way, at least you learned something and made something you're proud of.
//


Unbodied unsouled unheard unseen
Let the gift be grown in the time to call our own
Truth is natural like a wind that blows
Follow the direction no matter where it goes
Let the truth blow like a hurricane through me
#2331 - 12/10/03 02:23 AM Re: GLIPER - Grepable Logifile IP ExtractoR  
Joined: Dec 2003
Posts: 18
david_isis Offline
Junior Member
david_isis  Offline
Junior Member

Joined: Dec 2003
Posts: 18
if you found that tool usefull then go to happy hacker.org


This user is a complete and total dipshit and has been banned from the BBS. We're sorry for the inconveniance. - Gizmo
Sponsored Links
#2332 - 12/10/03 06:35 AM Re: GLIPER - Grepable Logifile IP ExtractoR  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
It's the Web Design & Protocols forum... Mainly because they were the only two close enough to combine...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2333 - 02/02/04 04:32 AM Re: GLIPER - Grepable Logifile IP ExtractoR  
Joined: Jun 2002
Posts: 207
Gollum Offline
Member
Gollum  Offline
Member

Joined: Jun 2002
Posts: 207
US
oh wow, i was just going over some older posts, and i realized how wrong i was, lol. sorry, i completely missed your point. but i did find out, the correct string of commands would be:

cat nmaplog.log | grep "open" | cut -d " " -f 2 > newlogfile

not that it matters much, but i just wanted to correct myself.//


Unbodied unsouled unheard unseen
Let the gift be grown in the time to call our own
Truth is natural like a wind that blows
Follow the direction no matter where it goes
Let the truth blow like a hurricane through me

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics46,798
Posts81,968
Average Daily Posts11
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 39,962
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)