Skip to content

Instantly share code, notes, and snippets.

@breakersall
Last active August 29, 2015 14:02
Show Gist options
  • Save breakersall/466964bb92928805bc6b to your computer and use it in GitHub Desktop.
Save breakersall/466964bb92928805bc6b to your computer and use it in GitHub Desktop.
#Find tomcat/jboss,ms-sql - Uses carlos' https://github.com/darkoperator
nmap -Pn -p 1433,80,8080,8008,8000,8443,443,8000-8010 -sV -Pn -T4 --min-hostgroup 256 --min-parallelism 32 --script=http-title,ms-sql-empty-password -iL <subnetst2scan> -oX easy-wins.xml
$nmaphosts = Import-NmapXML -NmapXML easy-wins.xml -InfoType Hosts
$nmaphosts | Where-Object {$_.Ports.Service.Product -match "tomcat"} | select-object Ipv4Address | Out-File Tomcat-Hosts.txt
$nmaphosts | Where-Object {$_.Ports.Service.Product -match "jboss"} | select-object Ipv4Address | Out-File Jboss-Hosts.txt
$nmaphosts | Where-Object {$_.Ports.Service.Product -match "Mbedthis"} | Select-Object IPv4Address | Out-File iDRAC-Hosts.txt
$nmaphosts | Where-Object {$_.Ports.Service.Product -match "ms-sql-server"} | select-object Ipv4Address | Out-File MS-SQL-Hosts.txt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment