Created
August 3, 2017 03:16
-
-
Save gfoss/574dec0d0f6972db9ceeea227d7aebc8 to your computer and use it in GitHub Desktop.
Simple Masscan + Hydra wrapper used to perform automated scans by group (organization, unit, team, etc) and generate a report on the results.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # @heinzarelli | |
| # greg . foss [at] logrhythm . com | |
| # v0.1 - May 2017 | |
| # | |
| function usage { | |
| echo "" | |
| echo "usage: ./auto-hydra.sh -r <targets file> -p <port> -o <organization> -w <wordlist>" | |
| echo "" | |
| } | |
| if [[ -z $1 ]]; then | |
| usage | |
| exit 0; | |
| fi | |
| targets="" | |
| port="" | |
| organization="" | |
| theDate=$(date) | |
| while getopts "r:p:o:" OPT; do | |
| case $OPT in | |
| r) targets=$OPTARG;; | |
| p) port=$OPTARG;; | |
| o) organization=$OPTARG;; | |
| w) wordlist=$OPTARG;; | |
| *) usage; exit 0;; | |
| esac | |
| done | |
| echo "" | |
| echo "Searching for viable hosts" | |
| echo "This may take some time, please be patient..." | |
| if [ $port = "22" ]; then | |
| proto="ssh" | |
| report="$organization-results_SSH.txt" | |
| cat /dev/null > targets.txt | |
| cat /dev/null > hydra-output.txt | |
| echo "" | |
| echo "[+] Scanning for Port 22 - SSH" | |
| for i in $(cat $targets); do | |
| #nmap -sS -Pn -p 22 $i -T4 -n -oG - | grep -i open | cut -d" " -f 2 >> targets.txt; | |
| masscan -p 22 $i | grep -i open | cut -d " " -f 6 >> targets.txt; | |
| done | |
| echo "" | |
| echo "[+] Running Hydra against viable SSH targets" | |
| hydra -C $wordlist -M targets.txt ssh -T 4 -W 1 >> hydra-output.txt | |
| echo "" | |
| echo "[+] Credential Sweep Complete..." | |
| echo "" | |
| fi | |
| if [ $port = "3389" ]; then | |
| proto="rdp" | |
| report="$organization-results_RDP.txt" | |
| cat /dev/null > targets.txt | |
| cat /dev/null > hydra-output.txt | |
| echo "" | |
| echo "[+] Scanning for Port 3389 - RDP" | |
| for i in $(cat $targets); do | |
| #nmap -sS -Pn -p 3389 $i -T4 -n -oG - | grep -i open | cut -d" " -f 2 >> targets.txt; | |
| masscan -p 3389 $i | grep -i open | cut -d " " -f 6 >> targets.txt; | |
| done | |
| echo "" | |
| echo "[+] Running Hydra against viable RDP targets" | |
| hydra -C $wordlist -M targets.txt rdp -T 4 -W 1 >> hydra-output.txt | |
| echo "" | |
| echo "[+] Credential Sweep Complete..." | |
| echo "" | |
| fi | |
| # REPORT | |
| echo '' >> $report | |
| echo '__________ .___ _________ ' >> $report | |
| echo '\______ \_____ ______ ________ _ _____________ __| _/ / _____/_ _ __ ____ ____ ______ ' >> $report | |
| echo ' | ___/\__ \ / ___// ___/\ \/ \/ / _ \_ __ \/ __ | \_____ \\ \/ \/ // __ \_/ __ \\____ \ ' >> $report | |
| echo ' | | / __ \_\___ \ \___ \ \ ( <_> ) | \/ /_/ | / \\ /\ ___/\ ___/| |_> >' >> $report | |
| echo ' |____| (____ /____ >____ > \/\_/ \____/|__| \____ | /_______ / \/\_/ \___ >\___ > __/ ' >> $report | |
| echo ' \/ \/ \/ \/ \/ \/ \/|__| ' >> $report | |
| echo '' >> $report | |
| echo $theDate >> $report | |
| echo "$organization Network Assessment ( $proto - $port )" >> $report | |
| echo "" >> $report | |
| echo "==============================" >> $report | |
| cat hydra-output.txt | grep targets >> $report | |
| echo "==============================" >> $report | |
| echo "" >> $report | |
| echo "Hydra Results" >> $report | |
| echo "==============================" >> $report | |
| cat hydra-output.txt | grep $proto | grep -v "[DATA]" >> $report | |
| echo "==============================" >> $report | |
| echo "" >> $report | |
| clear | |
| cat $report | |
| # Clean Up | |
| mv hydra-output.txt ../results/hydra/$organization-hydra-output_$proto.txt | |
| mv targets.txt ../hosts/probed/$organization-targets_$proto.txt | |
| mv $report ../results/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment