Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

nmap 5.51 scripts scanner.bat and rdp.nse how to make them run with -iL  and also output clean ip's?

Posted on 2016-11-02
13
Medium Priority
?
533 Views
Last Modified: 2016-11-26
I use nmap.5.51 becouse for this old version works perfect,ok so i found this 2 scripts on internet wich scans random ip's and filters clean Ip's

Scanner.bat
@echo off
for /l %%%x in (1,1,2) do (
start "rdp" /HIGH nmap -n -Pn -p T:3389 -T5 --script rdp.nse -iR 0
)
exit

Open in new window


The second script is RDP.NSE

description=[[
Checks if an RDP port is open.
]]
author = "ROleg"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "external", "intrusive"}
require "shortport"
portrule = shortport.portnumber(3389, "tcp", "open")
action = function(host, port)
	file = io.open ("results.txt","a+")
	file:write (host.ip.."\n")
	file:flush()
	file:close()
end

Open in new window


output:
120.1.20.30
120.10.50.120
etc...

-iR 0 which means, "Scan random IPs and i changed that,i added ''-iL Cidr.txt'' (wich means scan a list with many Cidr ip ranges,i.e.:: 3.4.128.0/19 ,i use 500 lines).
This is the change i made:
@echo off
for /l %%%x in (1,1,2) do (
start "rdp" /HIGH nmap -sS -Pn -n -p T:3389 -T4 -iL cidr.ips.txt --script rdp.nse
)
exit

Open in new window



Now i run the scripts and works well with first cidr-ip-range line then stops,anyone can modify the script to make it run with all -iL CIDR (500 lines) please?
0
Comment
Question by:john lambert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
13 Comments
 

Author Comment

by:john lambert
ID: 41875216
becouse he don't know the right answer, if i don't use the 2 scripts above and try this output ''-oN results.txt'' would look like this:

PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.1
Host is up.
PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.2
Host is up.
PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.3
Host is up (0.016s latency).
PORT     STATE  SERVICE
3389/tcp closed ms-term-serv

Open in new window


if i use RDP.NSE script,the output results.txt would look like this,clean IP's:
3.10,128.1
3.20,128.2
3.45.128.3

Open in new window

etc...
that's why i need that 2 scripts above to scan and filter clean Ip's

Working with this 2 syntaxes:

Random scan(works perfect):
nmap -n -Pn -p T:3389 -T5 --script rdp.nse -iR 0

Open in new window


Scan 1 single CIDR ip range(works perfect)
nmap -sS -Pn -n -p T:3389 -T4 5.2.128.0/19 --script rdp.nse

Open in new window


Not working with 500 Cidr-Ip-Range Lines :
This is what i want:
nmap -sS -Pn -n -p T:3389 -T4 -iL Cidr-ranges.txt  --script rdp.nse

Open in new window


Cidr-ranges.txt content:
3.20,128.2.0/10
3.20,130.10/28
3.21.150.0/100
etc

Open in new window

0
 

Author Comment

by:john lambert
ID: 41875289
Ok i answer to him!!
1
 
LVL 71

Expert Comment

by:Qlemo
ID: 41875322
Aside of proper use of nmap, your for command syntax is (a) wrong - %% is correct, but you use %%% -  (b) questionable. You are just running the same scan twice. Why?
0
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

 
LVL 71

Expert Comment

by:Qlemo
ID: 41875332
Are the commas in your file example a typo?
1
 

Author Comment

by:john lambert
ID: 41875437
yes twice !!I found this script on interent in  many places just search on google
https://junookyo.blogspot.com/2013/01/rdp-cracking-ip-list-maker-script.html

Can anyone modify the script? make it run well,please
0
 
LVL 71

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 41875516
Just use
start "rdp" /HIGH nmap -sS -Pn -n -p T:3389 -T4 -iL cidr.ips.txt --script rdp.nse

Open in new window

without anything else, and make sure your cidr.ips.txt file is syntactically correct (no commas).
1
 

Author Comment

by:john lambert
ID: 41875565
working fine with nmap5.5 older version (6 years ago) thank you this is very usefull hehe I was curious and did a test with the newest version nmap 7.12 for this version does not work :(
0
 

Author Closing Comment

by:john lambert
ID: 41875604
thank you for helping me, all respect! God bless you!!but dear Qlemo can u make it work with 7.12 or 7.13 can u take a look please?
1
 

Author Comment

by:john lambert
ID: 41875906
well i test again qlemo script and scans only the cidr with 5.xx.xx.xx  does not move to lines 31.xx.xx.xx
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 41875943
As we can't see your file, your comment doesn't make much sense. But probably there is a bug in nmap - I don't have any clue.
1
 

Author Comment

by:john lambert
ID: 41876388
i solved the problem......thread closed, thank you Qlemo
0

Featured Post

Linux Academy Android App Now Supports Chromecast

We have some fantastic news for our Android fans. We’re so excited to announce that the Linux Academy Android app is now available with Chromecast support. That’s right – simply download the latest update of the Linux Academy App and start casting your favorite course videos!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question