Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Apr 2002
Posts: 135
? Offline OP
UGN Member
OP Offline
UGN Member
Joined: Apr 2002
Posts: 135
nmap has this cool random search option that lets you scan random IP numbers. It can come if very handy if you are looking for a certain service or someplace to try out a new exploit.

nmap -sS -iR 0 -p 21

this will randomly search for FTP servers. Now, you are going to get a lot of servers that have the port closed or filtered and it's a pain in the [censored] going through the output looking for an open server. If you add the -oG option you can save the output to a grepable file but you still get all the closed hosts . This is where GLIPER comes in. you feed it a nmap logfile and it spits out a file of only the IP addresses which have the port open, which then can be used for further testing with tools like nessus etc. when you issue the nmap command jus specify a logfile and run it through GLIPER and you save yourself a whole lotta time.

nmap -sS -iR 0 -p 21 -oG logfile

I realize this will make a lot of script kiddies happy but hey, I needed somethin like this for myself and why not share it with the rest of the world. Here's the source, it's in Perl. Do what you want with it..


------------------cut ----------------------

#!/usr/bin/perl -w
#hope you like all the comments
#even your grand mother could make sense of this code


print "*************************************************\n";
print "\t\tGliper (v 0.1)\n";
print "Extracts IP addresses from Nmap grepable logfiles\n";
print "Issue nmap command with '-oG' option\n";
print "by: Damien (damienak1\@hotmail.com)\n";
print "*************************************************\n\n";


#open nmap logfile
print "Enter name of logfile: ";
chomp($logfile = <STDIN>);
open(LOG, $logfile) &#0124;&#0124; die;

#open a file for output
print "Enter name of output file: ";
chomp($output = <STDIN>);
open(OUTPUT, ">$output");

#array of lines from logfile
@lines = <LOG>;

#go through array looking for strings matching the regular expressions
foreach(@lines){
if (/Host: / && /open/){ #only lines starting with Host: that have an open port
s/Host:(\s)//; #delete the Host: string
s/(\s).{1,100}//; #delete anythin after white-space
print OUTPUT; #print IP address to the output file
}
}

#close both file-handles
close(OUTPUT);
close(LOG);


-----------------------------cut--------------------------------

p.s. I wasn't sure where to post this. we don't have a perl forum, perl and nmap are available on linux and windows, and the other programming section is about website programming, and this isn't. so if it's in the wrong forum somebody can move it.


I KNOW EVERYTHING. ASK ME.
Joined: Mar 2002
Posts: 1,041
I
UGN Elite Poster
Offline
UGN Elite Poster
I
Joined: Mar 2002
Posts: 1,041
Technically Perl is lumped in with the webdesign forum (see description). I don't really like that just cause I use Perl and it has nothing to do with webdesign wink

Nice little util though dak. But why not just 'cat logfile | grep open' ?

Infinite

Joined: Apr 2002
Posts: 135
? Offline OP
UGN Member
OP Offline
UGN Member
Joined: Apr 2002
Posts: 135
well, let say you want to to get a list of ftp servers and them run them through nessus. nessus (or any other program) doesn't understand all the other [censored] thats on the line. or if some evil hacker wanted to launch a worm, he could have this as part of his payload to make the hacked servers scan for more servers with the same service running an then try to exploit each one in the list,. there a bunch of application for this, none of them good. at least none that i can figure out. but hey, i wrote this while i was learning perl an it turned out kinda cool, so thats reason enough.


I KNOW EVERYTHING. ASK ME.
Joined: Jun 2002
Posts: 207
Member
Offline
Member
Joined: Jun 2002
Posts: 207
wouldn't this work? then just open up the "newlogfile" in nessus.
cat logfile | grep open > newlogfile
anyway, i realize you probably wrote this partly b/c you wanted to try out some perl scripting stuff, which is cool, so even if there is a simpler way, at least you learned something and made something you're proud of.
//


Unbodied unsouled unheard unseen
Let the gift be grown in the time to call our own
Truth is natural like a wind that blows
Follow the direction no matter where it goes
Let the truth blow like a hurricane through me
Joined: Dec 2003
Posts: 18
Junior Member
Offline
Junior Member
Joined: Dec 2003
Posts: 18
if you found that tool usefull then go to happy hacker.org

Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
It's the Web Design & Protocols forum... Mainly because they were the only two close enough to combine...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Jun 2002
Posts: 207
Member
Offline
Member
Joined: Jun 2002
Posts: 207
oh wow, i was just going over some older posts, and i realized how wrong i was, lol. sorry, i completely missed your point. but i did find out, the correct string of commands would be:

cat nmaplog.log | grep "open" | cut -d " " -f 2 > newlogfile

not that it matters much, but i just wanted to correct myself.//


Unbodied unsouled unheard unseen
Let the gift be grown in the time to call our own
Truth is natural like a wind that blows
Follow the direction no matter where it goes
Let the truth blow like a hurricane through me

Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5