1N3 · July 6, 2015 00:32
diff --git a/Enumer8-v20150705 b/Enumer8-v20150705
 #!/bin/bash
 # Enumer8 by 1N3 v20150705
 # http://crowdshield.com
 #

 TARGET="$1"
 LHOST="192.168.1.132"
 LOOT_DIR="/pentest/loot"
 FINDSPLOIT_DIR="/pentest/findsploit"
 KEY_PATH="/pentest/linux/ssh/dsa/1024"
 ARACHNI_REPORT_DIR="/pentest/loot/arachni"
 CMSMAP="/pentest/web/CMSmap/cmsmap.py"
 USER_FILE="/pentest/lists/users/usernames/simple-users.txt"
 PASS_FILE="/pentest/lists/passwords/top_25_weakest_passwords.txt"
 DNS_FILE="/pentest/lists/dns/namelist.txt"
 THREADS="30"
 COLOR1='\033[1m\033[91m'
 COLOR2='\033[1m\033[92m'
 COLOR3='\033[1m\033[92m'
 RESET='\e[0m'

 if [ -z $TARGET ]; then
 	echo "+ -- --=[http://crowdshield.com"
 	echo "+ -- --=[Enumeration Script by 1N3"
 	echo "+ -- --=[Usage: enumerate <targetip>"
 	exit
 fi

 clear
 echo -e "$COLOR3################################### Enumerate Script by 1N3 ########################$RESET"
 echo -e "$COLOR3################################### Running NSLookup ###############################$RESET"
 nslookup $TARGET
 host $TARGET
 dig -x $TARGET
 whois $TARGET
 dnsenum $TARGET
 #knockpy -w /pentest/lists/dns/namelist.txt $TARGET
 dnsdict6 $TARGET $DNS_FILE -4 | awk '{print $1}' | sort -u | sed -r 's/.com./.com/g'
 echo ""
 echo -e "$COLOR3################################### Pinging host ###################################$RESET"
 ping -c 1 $TARGET
 echo ""
 echo -e "$COLOR3################################### Running port scan ##############################$RESET"
 nmap -sS -sV -T4 -A -O --open $TARGET -oX $LOOT_DIR/nmap/$TARGET.xml
 echo ""
 #echo -e "$COLOR3################################### Running recon ##################################$RESET"
 #theharvester -d $TARGET -b google
 #theharvester -d $TARGET -b bing
 #theharvester -d $TARGET -b linkedin
 #theharvester -d $TARGET -b people123
 #echo ""
 echo -e "$COLOR3################################### Running Intrusive Scans ########################$RESET"
 port_21=`grep 'portid="21"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_22=`grep 'portid="22"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_23=`grep 'portid="23"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_25=`grep 'portid="25"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_80=`grep 'portid="80"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_110=`grep 'portid="110"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_111=`grep 'portid="111"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_135=`grep 'portid="135"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_139=`grep 'portid="139"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_162=`grep 'portid="162"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_443=`grep 'portid="443"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_445=`grep 'portid="445"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_5432=`grep 'portid="5432"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_8000=`grep 'portid="8000"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_8080=`grep 'portid="8080"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 port_49152=`grep 'portid="49152"' $LOOT_DIR/nmap/$TARGET.xml | grep open`
 #export #hydra_PROXY=socks4://127.0.0.1:9050
 burpsuite_running=`ps -ef | grep /usr/bin/burpsuite | grep sh`
 openvas_running=`ps -ef | grep openvassd | grep waiting`
 metasploit_running=`ps -ef | grep metasploit | grep daemon`
 postgresql_running=`ps -ef | grep postgresql | grep conf`

 #if [ -z "$postgresql_running" ]
 #then
 #        service postgresql start
 #fi

 #if [ -z "$metasploit_running" ]
 #then
 #	service metasploit start
 #fi

 #if [ -z "$burpsuite_running" ]
 #then
 #	su - nonxero -c 'java -jar /usr/bin/burpsuite' &
 #	sleep 10
 #fi

 if [ -z "$port_21" ]
 then
 	echo -e "$COLOR1Port 21 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 21 opened... running tests...$RESET"	
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET ftp -f
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "ftp" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=$LHOST RHOST=$TARGET RHOSTS=$TARGET RPORT=21 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#nmap -p 21 --script=ftp-* $TARGET
 	
 fi

 if [ -z "$port_22" ]
 then
 	echo -e "$COLOR1Port 22 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 22 opened... running tests...$RESET"
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET ssh -f 
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "ssh" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=22 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS KEY_PATH=$KEY_PATH VERBOSE=false E; done;
 	#nmap -p 22 --script=ssh-* $TARGET
 fi

 if [ -z "$port_23" ]
 then
 	echo -e "$COLOR1Port 23 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 23 opened... running tests...$RESET"
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET telnet -f 
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "telnet" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=$LHOST RPORT=23 RHOST=$TARGET RHOSTS=$TARGET USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	echo ""
 	#nmap -p 22 --script=telnet-* $TARGET
 	cisco-torch -A $TARGET
 fi

 if [ -z "$port_25" ]
 then
 	echo -e "$COLOR1Port 25 closed... skipping."
 else
 	echo -e "$COLOR1Port 25 opened... running tests..."	
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET smtp -f 
 	smtp-user-enum -M VRFY -U $USER_FILE -t $TARGET
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "smtp" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=25 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#nmap -p 25 --script=smtp-* $TARGET
 fi

 if [ -z "$port_80" ]
 then
 	echo -e "$COLOR1Port 80 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 80 opened... running tests...$RESET"
 	#php /pentest/web/inurlbr/inurlbr.php --dork 'filetype:jsp | filetype:bak | filetype:asp | filetype:php | filetype:cgi | filetype:sql | filetype:pl | filetype:py | filetype:aspx | filetype:rb | filetype:do inurl:'$TARGET' site:'$TARGET'' -s $TARGET-extensions.txt
 	#php /pentest/web/inurlbr/inurlbr.php --dork '(inurl:"redir=" AND inurl:"http") OR (inurl:"url=" AND inurl:"http") OR (inurl:"target=" AND inurl:"http") OR (inurl:"dst=" AND inurl:"http") OR (inurl:"src=" AND inurl:"http") OR (inurl:"redirect=" AND inurl:"http") AND site:'"$TARGET" -s $TARGET-openredirect.txt
 	#php /pentest/web/inurlbr/inurlbr.php --dork "'site:pastbin.com' $TARGET" -s $TARGET-pastebin.txt
 	# iceweasel "https://www.punkspider.org/#searchkey=url&searchvalue='$TARGET'&pagenumber=1&filterType=or&filters=bsqli,sqli,xss,trav,mxi,osci,xpathi" &
 	wafw00f http://$TARGET
 	echo ""
 	whatweb http://$TARGET
 	echo ""
 	nikto -C all -h http://$TARGET 
 	#arachni http://$TARGET --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
 	xsstracer $TARGET 80
 	#sqlmap -u http://$TARGET --crawl 3 --dbs --answer="redirect=Y" --batch 
 	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET -c10 --Cw=200 --auto --save --follow-redirects | egrep "Injection:|Final Results:|Injections:|Failed:|Successfull:|Accur:"
 	#wpscan --url http://$TARGET --batch
 	#python $CMSMAP -t http://$TARGET
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -f  -m /
 	
 fi

 if [ -z "$port_110" ]
 then
 	echo -e "$COLOR1Port 110 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 110 opened... running tests...$RESET"	
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET pop3 -f 
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "pop" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=110 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#nmap -p 110 --script=pop3-* $TARGET
 fi

 if [ -z "$port_111" ]
 then
 	echo -e "$COLOR1Port 111 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 111 opened... running tests..."
 	showmount -a -d -e $TARGET
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "nfs" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=111 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#nmap -p 111 --script=nfs-* $TARGET
 fi

 if [ -z "$port_135" ]
 then
 	echo -e "$COLOR1Port 135 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 135 opened... running tests...$RESET"
 	rpcinfo -p $TARGET
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "rpc" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=135 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "dce" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=135 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	nmap -p 135 --script=rpc* $TARGET
 fi

 if [ -z "$port_139" ]
 then
 	echo -e "$COLOR1Port 139 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 139 opened... running tests...$RESET"
 	enum4linux $TARGET
 	samrdump.py $TARGET
 	nbtscan $TARGET
 	for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "smb" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=139 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS VERBOSE=false E; done;
 	nmap --script=/usr/share/nmap/scripts/smb-check-vulns.nse --script=/usr/share/nmap/scripts/smb-os-discovery.nse --script=/usr/share/nmap/scripts/smb-enum-domains.nse --script=/usr/share/nmap/scripts/smb-server-stats.nse --script=/usr/share/nmap/scripts/smb-ls.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-054.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-061.nse --script=/usr/share/nmap/scripts/smb-system-info.nse --script=/usr/share/nmap/scripts/smb-enum-shares.nse --script=/usr/share/nmap/scripts/smb-enum-users.nse --script=/usr/share/nmap/scripts/smbv2-enabled.nse --script=/usr/share/nmap/scripts/smb-mbenum.nse --script-args=unsafe=1 -p 139 $TARGET
 fi

 if [ -z "$port_162" ]
 then
 	echo -e "$COLOR1Port 162 closed... skipping."
 else
 	echo -e "$COLOR1Port 162 opened... running tests..."
 	for a in `cat /pentest/lists/wordlist-common-snmp-community-strings.txt`; do snmpwalk $TARGET -c $a; done;
 	for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "snmp" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=162 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	nmap -p 162 --script=snmp-* $TARGET
 fi

 if [ -z "$port_443" ]
 then
 	echo -e "$COLOR1Port 443 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 443 opened... running tests...$RESET"
 	#php /pentest/web/inurlbr/inurlbr.php --dork 'filetype:jsp | filetype:bak | filetype:asp | filetype:php | filetype:cgi | filetype:sql | filetype:pl | filetype:py | filetype:aspx | filetype:rb | filetype:do inurl:'$TARGET' site:'$TARGET'' -s $TARGET-extensions.txt
 	#php /pentest/web/inurlbr/inurlbr.php --dork '(inurl:"redir=" AND inurl:"http") OR (inurl:"url=" AND inurl:"http") OR (inurl:"target=" AND inurl:"http") OR (inurl:"dst=" AND inurl:"http") OR (inurl:"src=" AND inurl:"http") OR (inurl:"redirect=" AND inurl:"http") AND site:'"$TARGET" -s $TARGET-openredirect.txt
 	#php /pentest/web/inurlbr/inurlbr.php --dork "'site:pastbin.com' $TARGET" -s $TARGET-pastebin.txt
 	# iceweasel "https://www.punkspider.org/#searchkey=url&searchvalue='$TARGET'&pagenumber=1&filterType=or&filters=bsqli,sqli,xss,trav,mxi,osci,xpathi" &	
 	wafw00f https://$TARGET
 	echo ""
 	whatweb https://$TARGET
 	echo ""
 	sslscan --no-failed $TARGET 
 	echo ""
 	nikto -C all -h https://$TARGET 
 	#arachni https://$TARGET --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
 	#sqlmap -u https://$TARGET --crawl 3 --dbs --answer="redirect=Y" --batch 
 	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u https://$TARGET -c10 --Cw=200 --auto --save --follow-redirects | egrep "Injection:|Final Results:|Injections:|Failed:|Successfull:|Accur:"
 	#wpscan --url https://$TARGET --batch
 	#python $CMSMAP -t https://$TARGET
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET https-head -f -m /
 fi

 if [ -z "$port_445" ]
 then
 	echo -e "$COLOR1Port 445 closed... skipping."
 else
 	echo -e "$COLOR1Port 445 opened... running tests..."
 	enum4linux $TARGET
 	samrdump.py $TARGET
 	nbtscan $TARGET
 	#smbclient -L $TARGET
 	for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "smb" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=445 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS VERBOSE=false E; done;
 	nmap --script=/usr/share/nmap/scripts/smb-check-vulns.nse --script=/usr/share/nmap/scripts/smb-os-discovery.nse --script=/usr/share/nmap/scripts/smb-enum-domains.nse --script=/usr/share/nmap/scripts/smb-server-stats.nse --script=/usr/share/nmap/scripts/smb-ls.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-054.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-061.nse --script=/usr/share/nmap/scripts/smb-system-info.nse --script=/usr/share/nmap/scripts/smb-enum-shares.nse --script=/usr/share/nmap/scripts/smb-enum-users.nse --script=/usr/share/nmap/scripts/smbv2-enabled.nse --script=/usr/share/nmap/scripts/smb-mbenum.nse --script-args=unsafe=1 -p 139 $TARGET
 fi

 if [ -z "$port_3306" ]
 then
 	echo -e "$COLOR1Port 3306 closed... skipping."
 else
 	echo -e "$COLOR1Port 3306 opened... running tests..."

 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "mysql" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=3306 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#nnmap --script=mysql* -p 3306 $TARGET
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET mysql
 fi

 if [ -z "$port_5432" ]
 then
 	echo -e "$COLOR1Port 5432 closed... skipping."
 else
 	echo -e "$COLOR1Port 5432 opened... running tests..."

 	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary | egrep "postgres" | egrep "scanner" | awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=5432 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
 	#nnmap --script=pgsql* -p 5432 $TARGET
 fi

 if [ -z "$port_8000" ]
 then
 	echo -e "$COLOR1Port 8000 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 8000 opened... running tests...$RESET"
 	wafw00f http://$TARGET:8000
 	echo ""
 	whatweb http://$TARGET:8000
 	echo ""
 	nikto -C all -h http://$TARGET:8000 
 	#arachni http://$TARGET:8000 --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
 	#sqlmap -u http://$TARGET:8000 --crawl 3 --dbs --answer="redirect=Y" --batch
 	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET:8000 -c10 --Cw=200 --auto --save --follow-redirects | egrep "Injection:|Final Results:|Injections:|Failed:|Successfull:|Accur:"
 	#wpscan --url http://$TARGET:8000 --batch
 	#python $CMSMAP -t http://$TARGET:8000
 	xsstracer $TARGET 8000
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -s 8000 -m /
 fi

 if [ -z "$port_8100" ]
 then
 	echo -e "$COLOR1Port 8100 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 8100 opened... running tests...$RESET"
 	wafw00f http://$TARGET:8100
 	echo ""
 	whatweb http://$TARGET:8100
 	echo ""
 	nikto -C all -h http://$TARGET:8100 
 	#arachni http://$TARGET:8100 --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
 	#sqlmap -u http://$TARGET:8100 --crawl 3 --dbs --answer="redirect=Y" --batch
 	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET:8100 -c10 --Cw=200 --auto --save --follow-redirects | egrep "Injection:|Final Results:|Injections:|Failed:|Successfull:|Accur:"
 	#wpscan --url http://$TARGET:8100 --batch
 	#python $CMSMAP -t http://$TARGET:8100
 	#xsstracer $TARGET 8100
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -s 8100 -m /
 fi

 if [ -z "$port_8080" ]
 then
 	echo -e "$COLOR1Port 8080 closed... skipping."
 else
 	echo -e "$COLOR1Port 8080 opened... running tests..."
 	wafw00f http://$TARGET:8080
 	echo ""
 	whatweb http://$TARGET:8080
 	echo ""
 	nikto -C all -h http://$TARGET:8080 
 	#arachni http://$TARGET:8080 --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
 	#sqlmap -u http://$TARGET:8080 --crawl 10 --dbs --answer="redirect=Y" --batch
 	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET:8080 -c10 --Cw=200 --auto --save --follow-redirects | egrep "Injection:|Final Results:|Injections:|Failed:|Successfull:|Accur:"
 	nmap -p 8080 --script=proxy-* $TARGET
 	#wpscan --url http://$TARGET:8080 --batch
 	#python $CMSMAP -t http://$TARGET:8080
 	xsstracer $TARGET 8080
 	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -s 8080 -m /
 fi

 if [ -z "$port_49152" ]
 then
 	echo -e "$COLOR1Port 49152 closed... skipping.$RESET"
 else
 	echo -e "$COLOR1Port 49152 opened... running tests...$RESET"
 	/pentest/scripts/web/supermicro_scan.sh $TARGET
 fi

 service postgresql stop 2> /dev/null
 service metasploit stop 2> /dev/null

 #echo -e "$COLOR3################################### Running Brute Force ############################$RESET"
 #brutex $TARGET
 echo ""
 echo -e "$COLOR3################################### Done! ###########################################$RESET"
 exit 0
	#!/bin/bash
	# Enumer8 by 1N3 v20150705
	# http://crowdshield.com
	#

	TARGET="$1"
	LHOST="192.168.1.132"
	LOOT_DIR="/pentest/loot"
	FINDSPLOIT_DIR="/pentest/findsploit"
	KEY_PATH="/pentest/linux/ssh/dsa/1024"
	ARACHNI_REPORT_DIR="/pentest/loot/arachni"
	CMSMAP="/pentest/web/CMSmap/cmsmap.py"
	USER_FILE="/pentest/lists/users/usernames/simple-users.txt"
	PASS_FILE="/pentest/lists/passwords/top_25_weakest_passwords.txt"
	DNS_FILE="/pentest/lists/dns/namelist.txt"
	THREADS="30"
	COLOR1='\033[1m\033[91m'
	COLOR2='\033[1m\033[92m'
	COLOR3='\033[1m\033[92m'
	RESET='\e[0m'

	if [ -z $TARGET ]; then
	echo "+ -- --=[http://crowdshield.com"
	echo "+ -- --=[Enumeration Script by 1N3"
	echo "+ -- --=[Usage: enumerate <targetip>"
	exit
	fi

	clear
	echo -e "$COLOR3################################### Enumerate Script by 1N3 ########################$RESET"
	echo -e "$COLOR3################################### Running NSLookup ###############################$RESET"
	nslookup $TARGET
	host $TARGET
	dig -x $TARGET
	whois $TARGET
	dnsenum $TARGET
	#knockpy -w /pentest/lists/dns/namelist.txt $TARGET
	dnsdict6 $TARGET $DNS_FILE -4 \| awk '{print $1}' \| sort -u \| sed -r 's/.com./.com/g'
	echo ""
	echo -e "$COLOR3################################### Pinging host ###################################$RESET"
	ping -c 1 $TARGET
	echo ""
	echo -e "$COLOR3################################### Running port scan ##############################$RESET"
	nmap -sS -sV -T4 -A -O --open $TARGET -oX $LOOT_DIR/nmap/$TARGET.xml
	echo ""
	#echo -e "$COLOR3################################### Running recon ##################################$RESET"
	#theharvester -d $TARGET -b google
	#theharvester -d $TARGET -b bing
	#theharvester -d $TARGET -b linkedin
	#theharvester -d $TARGET -b people123
	#echo ""
	echo -e "$COLOR3################################### Running Intrusive Scans ########################$RESET"
	port_21=`grep 'portid="21"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_22=`grep 'portid="22"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_23=`grep 'portid="23"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_25=`grep 'portid="25"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_80=`grep 'portid="80"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_110=`grep 'portid="110"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_111=`grep 'portid="111"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_135=`grep 'portid="135"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_139=`grep 'portid="139"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_162=`grep 'portid="162"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_443=`grep 'portid="443"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_445=`grep 'portid="445"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_5432=`grep 'portid="5432"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_8000=`grep 'portid="8000"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_8080=`grep 'portid="8080"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	port_49152=`grep 'portid="49152"' $LOOT_DIR/nmap/$TARGET.xml \| grep open`
	#export #hydra_PROXY=socks4://127.0.0.1:9050
	burpsuite_running=`ps -ef \| grep /usr/bin/burpsuite \| grep sh`
	openvas_running=`ps -ef \| grep openvassd \| grep waiting`
	metasploit_running=`ps -ef \| grep metasploit \| grep daemon`
	postgresql_running=`ps -ef \| grep postgresql \| grep conf`

	#if [ -z "$postgresql_running" ]
	#then
	# service postgresql start
	#fi

	#if [ -z "$metasploit_running" ]
	#then
	# service metasploit start
	#fi

	#if [ -z "$burpsuite_running" ]
	#then
	# su - nonxero -c 'java -jar /usr/bin/burpsuite' &
	# sleep 10
	#fi

	if [ -z "$port_21" ]
	then
	echo -e "$COLOR1Port 21 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 21 opened... running tests...$RESET"
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET ftp -f
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "ftp" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=$LHOST RHOST=$TARGET RHOSTS=$TARGET RPORT=21 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#nmap -p 21 --script=ftp-* $TARGET

	fi

	if [ -z "$port_22" ]
	then
	echo -e "$COLOR1Port 22 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 22 opened... running tests...$RESET"
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET ssh -f
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "ssh" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=22 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS KEY_PATH=$KEY_PATH VERBOSE=false E; done;
	#nmap -p 22 --script=ssh-* $TARGET
	fi

	if [ -z "$port_23" ]
	then
	echo -e "$COLOR1Port 23 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 23 opened... running tests...$RESET"
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET telnet -f
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "telnet" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=$LHOST RPORT=23 RHOST=$TARGET RHOSTS=$TARGET USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	echo ""
	#nmap -p 22 --script=telnet-* $TARGET
	cisco-torch -A $TARGET
	fi

	if [ -z "$port_25" ]
	then
	echo -e "$COLOR1Port 25 closed... skipping."
	else
	echo -e "$COLOR1Port 25 opened... running tests..."
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET smtp -f
	smtp-user-enum -M VRFY -U $USER_FILE -t $TARGET
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "smtp" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=25 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#nmap -p 25 --script=smtp-* $TARGET
	fi

	if [ -z "$port_80" ]
	then
	echo -e "$COLOR1Port 80 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 80 opened... running tests...$RESET"
	#php /pentest/web/inurlbr/inurlbr.php --dork 'filetype:jsp \| filetype:bak \| filetype:asp \| filetype:php \| filetype:cgi \| filetype:sql \| filetype:pl \| filetype:py \| filetype:aspx \| filetype:rb \| filetype:do inurl:'$TARGET' site:'$TARGET'' -s $TARGET-extensions.txt
	#php /pentest/web/inurlbr/inurlbr.php --dork '(inurl:"redir=" AND inurl:"http") OR (inurl:"url=" AND inurl:"http") OR (inurl:"target=" AND inurl:"http") OR (inurl:"dst=" AND inurl:"http") OR (inurl:"src=" AND inurl:"http") OR (inurl:"redirect=" AND inurl:"http") AND site:'"$TARGET" -s $TARGET-openredirect.txt
	#php /pentest/web/inurlbr/inurlbr.php --dork "'site:pastbin.com' $TARGET" -s $TARGET-pastebin.txt
	# iceweasel "https://www.punkspider.org/#searchkey=url&searchvalue='$TARGET'&pagenumber=1&filterType=or&filters=bsqli,sqli,xss,trav,mxi,osci,xpathi" &
	wafw00f http://$TARGET
	echo ""
	whatweb http://$TARGET
	echo ""
	nikto -C all -h http://$TARGET
	#arachni http://$TARGET --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
	xsstracer $TARGET 80
	#sqlmap -u http://$TARGET --crawl 3 --dbs --answer="redirect=Y" --batch
	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET -c10 --Cw=200 --auto --save --follow-redirects \| egrep "Injection:\|Final Results:\|Injections:\|Failed:\|Successfull:\|Accur:"
	#wpscan --url http://$TARGET --batch
	#python $CMSMAP -t http://$TARGET
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -f -m /

	fi

	if [ -z "$port_110" ]
	then
	echo -e "$COLOR1Port 110 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 110 opened... running tests...$RESET"
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET pop3 -f
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "pop" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=110 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#nmap -p 110 --script=pop3-* $TARGET
	fi

	if [ -z "$port_111" ]
	then
	echo -e "$COLOR1Port 111 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 111 opened... running tests..."
	showmount -a -d -e $TARGET
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "nfs" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=111 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#nmap -p 111 --script=nfs-* $TARGET
	fi

	if [ -z "$port_135" ]
	then
	echo -e "$COLOR1Port 135 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 135 opened... running tests...$RESET"
	rpcinfo -p $TARGET
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "rpc" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=135 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "dce" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=135 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	nmap -p 135 --script=rpc* $TARGET
	fi

	if [ -z "$port_139" ]
	then
	echo -e "$COLOR1Port 139 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 139 opened... running tests...$RESET"
	enum4linux $TARGET
	samrdump.py $TARGET
	nbtscan $TARGET
	for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "smb" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=139 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS VERBOSE=false E; done;
	nmap --script=/usr/share/nmap/scripts/smb-check-vulns.nse --script=/usr/share/nmap/scripts/smb-os-discovery.nse --script=/usr/share/nmap/scripts/smb-enum-domains.nse --script=/usr/share/nmap/scripts/smb-server-stats.nse --script=/usr/share/nmap/scripts/smb-ls.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-054.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-061.nse --script=/usr/share/nmap/scripts/smb-system-info.nse --script=/usr/share/nmap/scripts/smb-enum-shares.nse --script=/usr/share/nmap/scripts/smb-enum-users.nse --script=/usr/share/nmap/scripts/smbv2-enabled.nse --script=/usr/share/nmap/scripts/smb-mbenum.nse --script-args=unsafe=1 -p 139 $TARGET
	fi

	if [ -z "$port_162" ]
	then
	echo -e "$COLOR1Port 162 closed... skipping."
	else
	echo -e "$COLOR1Port 162 opened... running tests..."
	for a in `cat /pentest/lists/wordlist-common-snmp-community-strings.txt`; do snmpwalk $TARGET -c $a; done;
	for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "snmp" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=162 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	nmap -p 162 --script=snmp-* $TARGET
	fi

	if [ -z "$port_443" ]
	then
	echo -e "$COLOR1Port 443 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 443 opened... running tests...$RESET"
	#php /pentest/web/inurlbr/inurlbr.php --dork 'filetype:jsp \| filetype:bak \| filetype:asp \| filetype:php \| filetype:cgi \| filetype:sql \| filetype:pl \| filetype:py \| filetype:aspx \| filetype:rb \| filetype:do inurl:'$TARGET' site:'$TARGET'' -s $TARGET-extensions.txt
	#php /pentest/web/inurlbr/inurlbr.php --dork '(inurl:"redir=" AND inurl:"http") OR (inurl:"url=" AND inurl:"http") OR (inurl:"target=" AND inurl:"http") OR (inurl:"dst=" AND inurl:"http") OR (inurl:"src=" AND inurl:"http") OR (inurl:"redirect=" AND inurl:"http") AND site:'"$TARGET" -s $TARGET-openredirect.txt
	#php /pentest/web/inurlbr/inurlbr.php --dork "'site:pastbin.com' $TARGET" -s $TARGET-pastebin.txt
	# iceweasel "https://www.punkspider.org/#searchkey=url&searchvalue='$TARGET'&pagenumber=1&filterType=or&filters=bsqli,sqli,xss,trav,mxi,osci,xpathi" &
	wafw00f https://$TARGET
	echo ""
	whatweb https://$TARGET
	echo ""
	sslscan --no-failed $TARGET
	echo ""
	nikto -C all -h https://$TARGET
	#arachni https://$TARGET --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
	#sqlmap -u https://$TARGET --crawl 3 --dbs --answer="redirect=Y" --batch
	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u https://$TARGET -c10 --Cw=200 --auto --save --follow-redirects \| egrep "Injection:\|Final Results:\|Injections:\|Failed:\|Successfull:\|Accur:"
	#wpscan --url https://$TARGET --batch
	#python $CMSMAP -t https://$TARGET
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET https-head -f -m /
	fi

	if [ -z "$port_445" ]
	then
	echo -e "$COLOR1Port 445 closed... skipping."
	else
	echo -e "$COLOR1Port 445 opened... running tests..."
	enum4linux $TARGET
	samrdump.py $TARGET
	nbtscan $TARGET
	#smbclient -L $TARGET
	for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "smb" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=445 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS VERBOSE=false E; done;
	nmap --script=/usr/share/nmap/scripts/smb-check-vulns.nse --script=/usr/share/nmap/scripts/smb-os-discovery.nse --script=/usr/share/nmap/scripts/smb-enum-domains.nse --script=/usr/share/nmap/scripts/smb-server-stats.nse --script=/usr/share/nmap/scripts/smb-ls.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-054.nse --script=/usr/share/nmap/scripts/smb-vuln-ms10-061.nse --script=/usr/share/nmap/scripts/smb-system-info.nse --script=/usr/share/nmap/scripts/smb-enum-shares.nse --script=/usr/share/nmap/scripts/smb-enum-users.nse --script=/usr/share/nmap/scripts/smbv2-enabled.nse --script=/usr/share/nmap/scripts/smb-mbenum.nse --script-args=unsafe=1 -p 139 $TARGET
	fi

	if [ -z "$port_3306" ]
	then
	echo -e "$COLOR1Port 3306 closed... skipping."
	else
	echo -e "$COLOR1Port 3306 opened... running tests..."

	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "mysql" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=3306 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#nnmap --script=mysql* -p 3306 $TARGET
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET mysql
	fi

	if [ -z "$port_5432" ]
	then
	echo -e "$COLOR1Port 5432 closed... skipping."
	else
	echo -e "$COLOR1Port 5432 opened... running tests..."

	#for a in `cat $FINDSPLOIT_DIR/msf_search/auxiliary \| egrep "postgres" \| egrep "scanner" \| awk '{print $1}'`; do echo -e "$COLOR2Running Metasploit module: $a..." && msfcli $a LHOST=192.168.1.145 RHOST=$TARGET RHOSTS=$TARGET RPORT=5432 USER_FILE=$USER_FILE PASS_FILE=$PASS_FILE THREADS=$THREADS E; done;
	#nnmap --script=pgsql* -p 5432 $TARGET
	fi

	if [ -z "$port_8000" ]
	then
	echo -e "$COLOR1Port 8000 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 8000 opened... running tests...$RESET"
	wafw00f http://$TARGET:8000
	echo ""
	whatweb http://$TARGET:8000
	echo ""
	nikto -C all -h http://$TARGET:8000
	#arachni http://$TARGET:8000 --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
	#sqlmap -u http://$TARGET:8000 --crawl 3 --dbs --answer="redirect=Y" --batch
	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET:8000 -c10 --Cw=200 --auto --save --follow-redirects \| egrep "Injection:\|Final Results:\|Injections:\|Failed:\|Successfull:\|Accur:"
	#wpscan --url http://$TARGET:8000 --batch
	#python $CMSMAP -t http://$TARGET:8000
	xsstracer $TARGET 8000
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -s 8000 -m /
	fi

	if [ -z "$port_8100" ]
	then
	echo -e "$COLOR1Port 8100 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 8100 opened... running tests...$RESET"
	wafw00f http://$TARGET:8100
	echo ""
	whatweb http://$TARGET:8100
	echo ""
	nikto -C all -h http://$TARGET:8100
	#arachni http://$TARGET:8100 --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
	#sqlmap -u http://$TARGET:8100 --crawl 3 --dbs --answer="redirect=Y" --batch
	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET:8100 -c10 --Cw=200 --auto --save --follow-redirects \| egrep "Injection:\|Final Results:\|Injections:\|Failed:\|Successfull:\|Accur:"
	#wpscan --url http://$TARGET:8100 --batch
	#python $CMSMAP -t http://$TARGET:8100
	#xsstracer $TARGET 8100
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -s 8100 -m /
	fi

	if [ -z "$port_8080" ]
	then
	echo -e "$COLOR1Port 8080 closed... skipping."
	else
	echo -e "$COLOR1Port 8080 opened... running tests..."
	wafw00f http://$TARGET:8080
	echo ""
	whatweb http://$TARGET:8080
	echo ""
	nikto -C all -h http://$TARGET:8080
	#arachni http://$TARGET:8080 --report-save-path=$ARACHNI_REPORT_DIR/$TARGET --output-only-positives --scope-include-subdomains
	#sqlmap -u http://$TARGET:8080 --crawl 10 --dbs --answer="redirect=Y" --batch
	#echo -e "$COLOR1Starting XSSer...$RESET" && xsser -u http://$TARGET:8080 -c10 --Cw=200 --auto --save --follow-redirects \| egrep "Injection:\|Final Results:\|Injections:\|Failed:\|Successfull:\|Accur:"
	nmap -p 8080 --script=proxy-* $TARGET
	#wpscan --url http://$TARGET:8080 --batch
	#python $CMSMAP -t http://$TARGET:8080
	xsstracer $TARGET 8080
	#hydra -L $USER_FILE -P $PASS_FILE $TARGET http-head -s 8080 -m /
	fi

	if [ -z "$port_49152" ]
	then
	echo -e "$COLOR1Port 49152 closed... skipping.$RESET"
	else
	echo -e "$COLOR1Port 49152 opened... running tests...$RESET"
	/pentest/scripts/web/supermicro_scan.sh $TARGET
	fi

	service postgresql stop 2> /dev/null
	service metasploit stop 2> /dev/null

	#echo -e "$COLOR3################################### Running Brute Force ############################$RESET"
	#brutex $TARGET
	echo ""
	echo -e "$COLOR3################################### Done! ###########################################$RESET"
	exit 0