How to do it...

The example that follows demonstrates how we can use the Bash scripting language to extract information from Nmap's greppable format. We then use that information to run Nikto against hosts running web services:

#! /bin/bash

if [ ! $1 ]; then echo "Usage: #./script <file>"; exit; fi
file=$1

for x in $(grep open $file | grep 80 | cut -d " " -f 2); 
do 
      echo "Nikto scanning the following host: $x" 
      nikto -h $x -F text -output /tmp/nikto-scans/$x.txt
done
  1. To ensure that the functionality of the script is understood, we will address each line in sequence:
    • The first few lines are similar to scripts that were discussed in previous recipes. The first line points to the Bash interpreter, the second line checks that arguments are provided, and the third line assigns input values to easily understood variable names.
    • A for loop is used to cycle through a list of IP addresses that is acquired by means of a grep function. The list of IP addresses output from the grep function corresponds to all systems that have a service running on TCP port 80.
    • For each of these IP addresses, we run a Nikto scan and output the results to the /tmp/nikto-scans/ directory.  
    • A different output report will be written for each host; to avoid naming conflicts, we'll name the output file with the IP address of the target machine. The only thing left to do is to create the nikto-scans directory:
  1. By executing the script without any arguments, the script will output the usage description. This description indicates that a filename of an existing Nmap greppable output file should be supplied. When the Nmap output file is supplied, the script quickly analyzes the file to find any systems with a service on TCP port 80, then runs Nikto scans on each of those systems, and writes the output to the terminal and the /tmp/nikto-scans/ directory:
  1. We can now navigate to the /tmp/nikto-scans/ directory and view the files created by Nikto for each host scanned:
  1. Examining the report for 172.16.669.128, we find Nikto's findings:
  1. In the example provided, the script is passed to the netscan.txt output file. After a quick analysis of the file, the script determines that four systems are running services on port 80. Each of these services is then scanned with Nikto and the results are output to the terminal and to a file for each host:
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset