Solved

nmap 5.51 scripts scanner.bat and rdp.nse how to make them run with -iL  and also output clean ip's?

Posted on 2016-11-02
13
70 Views
Last Modified: 2016-11-26
I use nmap.5.51 becouse for this old version works perfect,ok so i found this 2 scripts on internet wich scans random ip's and filters clean Ip's

Scanner.bat
@echo off
for /l %%%x in (1,1,2) do (
start "rdp" /HIGH nmap -n -Pn -p T:3389 -T5 --script rdp.nse -iR 0
)
exit

Open in new window


The second script is RDP.NSE

description=[[
Checks if an RDP port is open.
]]
author = "ROleg"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "external", "intrusive"}
require "shortport"
portrule = shortport.portnumber(3389, "tcp", "open")
action = function(host, port)
	file = io.open ("results.txt","a+")
	file:write (host.ip.."\n")
	file:flush()
	file:close()
end

Open in new window


output:
120.1.20.30
120.10.50.120
etc...

-iR 0 which means, "Scan random IPs and i changed that,i added ''-iL Cidr.txt'' (wich means scan a list with many Cidr ip ranges,i.e.:: 3.4.128.0/19 ,i use 500 lines).
This is the change i made:
@echo off
for /l %%%x in (1,1,2) do (
start "rdp" /HIGH nmap -sS -Pn -n -p T:3389 -T4 -iL cidr.ips.txt --script rdp.nse
)
exit

Open in new window



Now i run the scripts and works well with first cidr-ip-range line then stops,anyone can modify the script to make it run with all -iL CIDR (500 lines) please?
0
Comment
Question by:john lambert
  • 7
  • 4
13 Comments
 

Author Comment

by:john lambert
Comment Utility
becouse he don't know the right answer, if i don't use the 2 scripts above and try this output ''-oN results.txt'' would look like this:

PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.1
Host is up.
PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.2
Host is up.
PORT     STATE    SERVICE
3389/tcp filtered ms-term-serv

Nmap scan report for x.x.128.3
Host is up (0.016s latency).
PORT     STATE  SERVICE
3389/tcp closed ms-term-serv

Open in new window


if i use RDP.NSE script,the output results.txt would look like this,clean IP's:
3.10,128.1
3.20,128.2
3.45.128.3

Open in new window

etc...
that's why i need that 2 scripts above to scan and filter clean Ip's

Working with this 2 syntaxes:

Random scan(works perfect):
nmap -n -Pn -p T:3389 -T5 --script rdp.nse -iR 0

Open in new window


Scan 1 single CIDR ip range(works perfect)
nmap -sS -Pn -n -p T:3389 -T4 5.2.128.0/19 --script rdp.nse

Open in new window


Not working with 500 Cidr-Ip-Range Lines :
This is what i want:
nmap -sS -Pn -n -p T:3389 -T4 -iL Cidr-ranges.txt  --script rdp.nse

Open in new window


Cidr-ranges.txt content:
3.20,128.2.0/10
3.20,130.10/28
3.21.150.0/100
etc

Open in new window

0
 

Author Comment

by:john lambert
Comment Utility
Ok i answer to him!!
1
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Aside of proper use of nmap, your for command syntax is (a) wrong - %% is correct, but you use %%% -  (b) questionable. You are just running the same scan twice. Why?
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Are the commas in your file example a typo?
1
 

Author Comment

by:john lambert
Comment Utility
yes twice !!I found this script on interent in  many places just search on google
https://junookyo.blogspot.com/2013/01/rdp-cracking-ip-list-maker-script.html

Can anyone modify the script? make it run well,please
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
Comment Utility
Just use
start "rdp" /HIGH nmap -sS -Pn -n -p T:3389 -T4 -iL cidr.ips.txt --script rdp.nse

Open in new window

without anything else, and make sure your cidr.ips.txt file is syntactically correct (no commas).
1
 

Author Comment

by:john lambert
Comment Utility
working fine with nmap5.5 older version (6 years ago) thank you this is very usefull hehe I was curious and did a test with the newest version nmap 7.12 for this version does not work :(
0
 

Author Closing Comment

by:john lambert
Comment Utility
thank you for helping me, all respect! God bless you!!but dear Qlemo can u make it work with 7.12 or 7.13 can u take a look please?
1
 

Author Comment

by:john lambert
Comment Utility
well i test again qlemo script and scans only the cidr with 5.xx.xx.xx  does not move to lines 31.xx.xx.xx
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
As we can't see your file, your comment doesn't make much sense. But probably there is a bug in nmap - I don't have any clue.
1
 

Author Comment

by:john lambert
Comment Utility
i solved the problem......thread closed, thank you Qlemo
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Several part series to implement Internet Explorer 11 Enterprise Mode
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now