transferring several commands from private repo

2021-10-08 11:19:58 +03:00
parent 754938ca32
commit 707eba3ead
20 changed files with 1140 additions and 289 deletions
--- a/web/ssh-scan-lan
+++ b/web/ssh-scan-lan
@@ -0,0 +1,71 @@
+#!/bin/bash
+
+if [[ "$1" = "-h" ]]; then
+  echo This scans your LAN for SSH servers.
+  echo 'Requires: nmap; ifconfig or nmcli'
+  exit
+fi
+
+PATH=$PATH:/sbin/:/usr/sbin
+
+which nmap &>/dev/null || {
+    echo nmap required
+    exit 1
+}
+
+which ifconfig &>/dev/null && {
+    IPLIST="ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*'"
+    ifmask() {
+        ifconfig | grep $1 | \
+            grep -Eo 'netmask (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*'
+    }
+}
+which nmcli &>/dev/null && {
+    IPLIST="nmcli | grep -Eo 'inet4 ([0-9]*\.){3}[0-9]*'"
+    ifmask() {
+        cidr=$( nmcli | grep 'inet4 ' | grep $1 | \
+            grep -Eo '([0-9]*$)' )
+        value=$(( 0xffffffff ^ ((1 << (32 - $cidr)) - 1) ))
+        echo "$(( (value >> 24) & 0xff )).$(( (value >> 16) & 0xff )).$(( (value >> 8) & 0xff )).$(( value & 0xff ))"
+    }
+}
+servers_found=""
+
+while read myip; do
+    ip_base=$( echo $myip | cut -d. -f 1-3 )
+
+    mymask=$( ifmask $myip )
+
+    IFS=. read -r i1 i2 i3 i4 <<< "$myip"
+    IFS=. read -r m1 m2 m3 m4 <<< "$mymask"
+
+    f1=$((i1 & m1))
+    f2=$((i2 & m2))
+    f3=$((i3 & m3))
+    f4=$(((i4 & m4)+1))
+    l1=$((i1 & m1 | 255-m1))
+    l2=$((i2 & m2 | 255-m2))
+    l3=$((i3 & m3 | 255-m3))
+    l4=$(((i4 & m4 | 255-m4)-1))
+
+    first_ip="$f1.$f2.$f3.$f4"
+    last_ip="$l1.$l2.$l3.$l4"
+
+    printf "IP: %15s/%-15s scan: %15s - %-15s\n" \
+        "$myip" "$mymask" "$first_ip" "$last_ip"
+
+    while read line; do
+        if [[ "$line" = "#"* ]]; then continue; fi
+        ip=$( echo $line | grep -Eo '([0-9]*\.){3}[0-9]*' )
+        if [[ $ip = $myip ]]; then continue; fi
+        ssh_server=$( ssh-keyscan -p 22 -t rsa -T 1 "$ip" 2>&1 | grep ^# | sed 's/:\([0-9]\+\)/ -p \1/' )
+        printf -v servers_found "%s%s\n" "$servers_found" "$ssh_server"
+    done < <( nmap -T5 -sP "$f1-$l1.$f2-$l2.$f3-$l3.$f4-$l4" -oG - )
+
+done < <( eval $IPLIST | \
+ grep -Eo '([0-9]*\.){3}[0-9]*' | \
+ grep -v 127.0.0.1 | \
+ grep -v ^172. )
+
+echo "SSH Servers found:"
+printf "%s" "$servers_found" | sort -n | grep -v "^$"