• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 817
  • Last Modified:

nmap 5.51 scripts scanner.bat and rdp.nse how to make them run with -iL and also output clean ip's?

I use nmap.5.51 becouse for this old version works perfect,ok so i found this 2 scripts on internet wich scans random ip's and filters clean Ip's

Scanner.bat
@echo off
for /l %%%x in (1,1,2) do (
start "rdp" /HIGH nmap -n -Pn -p T:3389 -T5 --script rdp.nse -iR 0
)
exit

Open in new window


The second script is RDP.NSE

description=[[
Checks if an RDP port is open.
]]
author = "ROleg"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "external", "intrusive"}
require "shortport"
portrule = shortport.portnumber(3389, "tcp", "open")
action = function(host, port)
	file = io.open ("results.txt","a+")
	file:write (host.ip.."\n")
	file:flush()
	file:close()
end

Open in new window


output:
120.1.20.30
120.10.50.120
etc...

-iR 0 which means, "Scan random IPs and i changed that,i added ''-iL Cidr.txt'' (wich means scan a list with many Cidr ip ranges,i.e.:: 3.4.128.0/19 ,i use 500 lines).
This is the change i made:
@echo off
for /l %%%x in (1,1,2) do (
start "rdp" /HIGH nmap -sS -Pn -n -p T:3389 -T4 -iL cidr.ips.txt --script rdp.nse
)
exit

Open in new window



Now i run the scripts and works well with first cidr-ip-range line then stops,anyone can modify the script to make it run with all -iL CIDR (500 lines) please?
0
john lambert
Asked:
john lambert
  • 7
  • 4
1 Solution
 
john lambertAuthor Commented:
becouse he don't know the right answer, if i don't use the 2 scripts above and try this output ''-oN results.txt'' would look like this:

PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.1
Host is up.
PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.2
Host is up.
PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.3
Host is up (0.016s latency).
PORT     STATE  SERVICE
3389/tcp closed ms-term-serv

Open in new window


if i use RDP.NSE script,the output results.txt would look like this,clean IP's:
3.10,128.1
3.20,128.2
3.45.128.3

Open in new window

etc...
that's why i need that 2 scripts above to scan and filter clean Ip's

Working with this 2 syntaxes:

Random scan(works perfect):
nmap -n -Pn -p T:3389 -T5 --script rdp.nse -iR 0

Open in new window


Scan 1 single CIDR ip range(works perfect)
nmap -sS -Pn -n -p T:3389 -T4 5.2.128.0/19 --script rdp.nse

Open in new window


Not working with 500 Cidr-Ip-Range Lines :
This is what i want:
nmap -sS -Pn -n -p T:3389 -T4 -iL Cidr-ranges.txt  --script rdp.nse

Open in new window


Cidr-ranges.txt content:
3.20,128.2.0/10
3.20,130.10/28
3.21.150.0/100
etc

Open in new window

0
 
john lambertAuthor Commented:
Ok i answer to him!!
1
 
QlemoDeveloperCommented:
Aside of proper use of nmap, your for command syntax is (a) wrong - %% is correct, but you use %%% -  (b) questionable. You are just running the same scan twice. Why?
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
QlemoDeveloperCommented:
Are the commas in your file example a typo?
1
 
john lambertAuthor Commented:
yes twice !!I found this script on interent in  many places just search on google
https://junookyo.blogspot.com/2013/01/rdp-cracking-ip-list-maker-script.html

Can anyone modify the script? make it run well,please
0
 
QlemoDeveloperCommented:
Just use
start "rdp" /HIGH nmap -sS -Pn -n -p T:3389 -T4 -iL cidr.ips.txt --script rdp.nse

Open in new window

without anything else, and make sure your cidr.ips.txt file is syntactically correct (no commas).
1
 
john lambertAuthor Commented:
working fine with nmap5.5 older version (6 years ago) thank you this is very usefull hehe I was curious and did a test with the newest version nmap 7.12 for this version does not work :(
0
 
john lambertAuthor Commented:
thank you for helping me, all respect! God bless you!!but dear Qlemo can u make it work with 7.12 or 7.13 can u take a look please?
1
 
john lambertAuthor Commented:
well i test again qlemo script and scans only the cidr with 5.xx.xx.xx  does not move to lines 31.xx.xx.xx
0
 
QlemoDeveloperCommented:
As we can't see your file, your comment doesn't make much sense. But probably there is a bug in nmap - I don't have any clue.
1
 
john lambertAuthor Commented:
i solved the problem......thread closed, thank you Qlemo
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now