Checking if domain is active on server - linux

I am trying to check if a domain is active on the server. So far I get errors.
list=/root/domainlist.txt
for i in $(cat $list)
do
echo "checking " $i
$ip = host $i |grep -o -m 100 '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}'
if [[ $ip == "xx.xx.xx.xx" ]]; then
$i >> /root/activedomains.txt
fi
done
Output:
activedomains: line 4: =: command not found
This is the current error I get.

No spaces before and after the =
No dollar sign in the assignment
You probably want the result of the command, so enclose it in $( )
ip=$(host $i |grep -o -m 100 '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')
write to the file like this
echo "$i" >> /root/activedomains.txt

You have a syntax error with the line
$ip = host $i |grep -o -m 100 '...'
you shoud use instead :
ip=$(host $i |grep -o -m 100 '...')
A better way using boolean logic (no need grep there, if host $ip failed, it will return FALSE):
list=/root/domainlist.txt
while read ip; do
echo "checking $ip"
host "$ip" &>/dev/null && echo "$ip" >> /root/activedomains.txt
done < "$list"
It's the equivalent of
list=/root/domainlist.txt
while read ip; do
echo "checking $ip"
if host "$ip" &>/dev/null; then
echo "$ip" >> /root/activedomains.txt
fi
done < "$list"

For starters you shouldn't assign to $ip to ip ... but it's possible there are more errors.
My guess would be you wanted (line 4/5):
ip=$(host $i |grep -o -m 100 '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')
Also read user000001's answer. The missing echo when getting the output is another issue.

Related

PING multiple Arguments with BASH script

I try to do a simple script with BASH that try to ping each Arguments($1 $2 $3...etc). From now, I'm able to ping a single argument and receive the good answer but it not working properly with multiple arguments entered; like this (./Script.sh Arg1 Arg2....). Plus, the script work for a single Arguments entry but it keeps telling me that their is an error link to my line 6 just before giving the echo link to the condition.
#!/bin/bash
PING=`ping -c 1 "$#" | grep bytes | wc -l`
for ip in "$#"; do "${PING}" ;
if [[ "$PING" -gt 1 ]];then
echo "L'address ${ip} ping"
else
echo "L'adresse ${ip} ne ping pas"
fi
done
and the output is :
./bash3.sh: line 6: 2: command not found
L'address IP ping
if I add more then one address before executing it always pass by the else which is "Address unreachable"
You're setting PING to the output of the ping -c 1 "$#" | grep bytes | wc -l command when the script starts. You're not setting it to the command line so that you can execute it during the loop.
Use a function, not a variable.
You can also use the -c option to grep to return the count of matches, rather than piping to wc -l
ping_count() {
ping -c 1 "$#" | grep -c bytes
}
for ip in "$#"; do
if [[ $(ping_count "$ip") -gt 1 ]];
then echo "L'address $ip ping"
else echo "L'adresse $ip ne ping pas"
fi
done
Also, ping sets its exit status based on whether it got a response. So instead of counting matching lines, just test the result of ping.
for ip in "$#"; do
if ping -c 1 -q "$ip"
then echo "L'address $ip ping"
else echo "L'adresse $ip ne ping pas"
fi
done
#!/usr/bin/env bash
for input in "$#"
do
ping=$(ping -c 1 $# | grep bytes | wc -l)
if [ $ping -gt 1 ]; then
echo "L'address IP ping"
else
echo "L'adresse IP ne ping pas"
fi
done

Looping script, redirect to file

So I have this BASH script and what i want to do is, reach out to the servers. Check the used % of a directory. If it is higher than my set threshold (90) then print that server name to another file on the server where the script has been run from.
What it is doing is printing the first server name twice in to the file so it looks like
server1
server2
Here is my script ... I don't see why it would be going around in a loop to that first server twice
#!/bin/bash
SERVERS="server1
server2"
for i in $SERVERS; do
ssh $SERVERS "
df -h | grep var | awk '{print \$4}' | sed 's/%//g' > /home/user/space.txt
RESULTS=\$(grep -E "1[5-9]" /home/user/space.txt)
THRESHOLD=90
if [[ \$RESULTS -lt \$THRESHOLD ]]; then
exit 1;
elif [[ \$RESULTS -gt \$THRESHOLD ]]; then
hostname;
fi
" >> /home/user/problem.txt
done
Try this,
#!/bin/bash
SERVERS="server1
server2"
for i in $SERVERS; do
ssh "$i" "
df -h | grep var | awk '{print \$4}' | sed 's/%//g' > /home/user/space.txt
RESULTS=\$(grep -E "1[5-9]" /home/user/space.txt)
THRESHOLD=90
if [[ \$RESULTS -lt \$THRESHOLD ]]; then
exit 1;
elif [[ \$RESULTS -gt \$THRESHOLD ]]; then
hostname;
fi
" >> /home/user/problem.txt
done

Masscan & Nmap script

I'm currently studying pen-testing and in the exercise book "Mastering kali linux for advanced penetration testing-second edition" and the script they give for Masscan & Nmap(combined) is this:
#!/bin/bash
function helptext {
echo "enter the massnmap with the file input with list of IP address ranges"
}
if [ "$#" -ne 1 ]; then
echo "Sorry cannot understand the command"
helptext>&2
exit 1
elif [ ! -s $1 ]; then
echo "ooops it is empty"
helptext>&2
exit 1
fi
if [ "$(id -u)" != "0" ]; then
echo "I assunme you are running as root"
helptext>&2
exit 1
fi
for range in $(cat $1); do
store=$(echo $range | sed -e 's/\//_g')
echo "I am trying to create a store to dump now hangon"
mkdir -p pwd/$store;
iptables -A INPUT -p tcp --dport 60000 -j DROP;
echo -e "\n alright lets fire masscan ****"
masscan --open --banners --source-port 60000 -p0-65535 --max-rate 15000 -oBpwd/$store/masscan.bin $range; masscan --read$
if [ ! -s ./results/$store/masscan-output.txt ]; then
echo "Thanks for wasting time"
else
awk'/open/ {print $4, $3, $2, $1}' ./results/$store/masscan-output.txt | awk'
/.+/{
if (! ($1 in Val)) { Key[++i] = $1; }
Val[$1] = Val[$1] $2 ",";
END{
for (j = 1; j <= i; j++) { printf("%s:%s\n%s", Key[j], Val[Key[j]], (j == i) ? "" : "\n"); }
}'>}./results/$store/hostsalive.csv
for ips found in $(cat ./results/$store/hostsalive.csv); do
IP=$(echo $TARGET | awk -F: '{print $1}');
PORT=$(echo $TARGET | awk -F: '{print$2}' | sed's/,$//');
FILENAME=$(echo $IP | awk'{print "nmap_"$1}');
nmap -vv -sV --version-intensity 5 -sT -O --max-rate 5000 -Pn -T3 -p $PORT -oA ./results/$store/$FILENAME $IP;
done
fi
done
I wrote it out by hand just to make sure it was done correctly and when i run after doing chmod +x (filename.sh) it i get:
(running ./filename.sh) i get "Sorry cannot understand the command
enter the massnmap with the file input with list of IP address ranges"
(running ./filename.sh ipran.txt) i get "./anyname.sh: line 37: syntax error near unexpected token found'
./anyname.sh: line 37:for ips found in $(cat ./results/$store/hostsalive.csv); do'"
i am meant to get "I am trying to create a store to dump now hangon" "alright lets fire masscan ****"
i have tried using different ips(in my ipran.txt file)
any help would be greatly appreciated
OS used -Kali linux

List windows domain group content from linux

I'd like to list the contents of domain group containing users & computers, then resolve the computer names from dns and prepare list for squid.
What is the best way to do it? I was thinking about connect to ldap using bash or perl, but maybe there is better method.
thanks for help. I created this script, it seems it is working.
#!/bin/bash
oIFS=$IFS
IFS=$'\n'
# list group members
members=( $(ldapsearch -h server -D 'user' -w 'passw' -x -b "DC=domain,DC=net" "(cn=Groupname)" | grep member | awk -F '[=,]' '{print $2}') )
for (( i=0; i<${#members[#]}; i++ ));
do
member=( $(echo "${members[$i]}") )
AccountType=$(ldapsearch -h server -D 'user' -w 'passw' -x -b "DC=domain,DC=net" "(cn=$member)" | grep sAMAccountType | awk '{print $2}')
if [ "$AccountType" == "805306369" ]
then
# this member is PC, let's resolve its IP
host=$(host $member.domain.net)
if [ $? -eq 0 ]; then
ip=$(echo $host| awk '{print $4}')
echo "$member has ip $ip"
else
echo "WARNING: $member not found!"
fi
elif [ "$AccountType" == "805306368" ]
then
echo "$member is User"
else echo "$member is neither PC, nor User"
fi
done
IFS=$oIFS

Replace IPs with Hostnames in a log

I am looking for a bash script that reads a log and replaces IP addresses with a hostname. Does anyone have any idea of how to do this?
Following script should work. You can use it like this:
save it to ip_to_hostname.sh and then:
./ip_to_hostname.sh your_logfile > resolved_ip
#!/bin/bash
logFile=$1
while read line
do
for word in $line
do
# if word is ip address change to hostname
if [[ $word =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]
then
# check if ip address is correct
OIFS=$IFS
IFS="."
ip=($word)
IFS=$OIFS
if [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
then
echo -n `host $word | cut -d' ' -f 5`
echo -n " "
else
echo -n "$word"
echo -n " "
fi
# else print word
else
echo -n $word
echo -n " "
fi
done
# new line
echo
done < "$logFile"
Talking about IPv4: You may generate a list of sed-commands from your hosts file:
sed -rn 's/^(([0-9]{1,3}\.){3}([0-9]{1,3}))[ \t]([^ \t]+)[ \t].*/s#\1#\4#/p' /etc/hosts > hosts.sed
Then apply it on your logfile:
sed -f hosts.sed LOGFILE
Of course your hostsfilenames have to be listed in the hostfile.
Another, inverse approach would be to use logresolve.
From the manpage:
NAME
logresolve - Resolve IP-addresses to hostnames in Apache log files
SYNOPSIS
logresolve [ -s filename ] [ -c ] < access_log > access_log.new
SUMMARY
logresolve is a post-processing program to resolve IP-addresses in Apache's access logfiles. To minimize
impact on your nameserver, logresolve has its very own internal hash-table cache. This means that each
IP number will only be looked up the first time it is found in the log file.
Takes an Apache log file on standard input. The IP addresses must be the first thing on each line and
must be separated from the remainder of the line by a space.
So you could use REGEX's to extract all IPs, put them 2 times into a new file, once into the first column, and convert it with logresolve. Then use this table for generating such a sedfile as above.
The resolving can be done like this:
ip=72.30.38.140
hostname=nslookup $ip | grep name
hostname=${hostname#*name = }
hostname=${hostname%.}
This way IPs do not have to be in /etc/hosts.
The script itself depends on how your log looks like. Can you post an example?
This is the modified version of wisent's script I ended up using:
#!/bin/bash
logFile=$1
while read line
do
for word in $line
do
# if word is ip address change to hostname
if [[ $word =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\:[0-9]{1,5}$ ]]
then
port=$(echo "$word" | sed -e "s/.*://")
word=$(echo "$word" | sed -e "s/:.*//")
OIFS=$IFS
IFS="."
ip=($word)
IFS=$OIFS
# check if ip address is correct and not 192.168.*
if [[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 && ${ip[0]}${ip[1]} -ne 192168 ]]
then
host=$(host $word | cut -d' ' -f 5)
if [[ $host =~ ^[0-9]{1,3}\(.*\)$ ]] # check for resolver errors
then
# if the resolver failed
echo -n "$word"
echo -n ":$port"
echo -n " "
else
# if the resolver worked
host=$(echo "$host'" | sed -e "s/\.'//" | sed ':a;N;$!ba;s/.*\n//g') # clean up cut's output
echo -n "$host"
echo -n ":$port"
echo -n " "
fi
else
# if the ip address isn't correct
echo -n "$word"
echo -n ":$port"
echo -n " "
fi
# else print word
else
echo -n $word
echo -n " "
fi
done
# new line
echo
done < "$logFile"
I added this to my .bashrc some time ago...
function resolve-hostname-from-ip()
{
if [ ! $1 ]
then
echo -e "${red}Please provide an ip address...${no_color}"
return 1
fi
echo "" | traceroute $1|grep " 1 "|cut -d ' ' -f4|cut -d '.' -f1
}
I have pre-defined terminal colors, so you can omit those if you like. =D
[root#somehostname ~ 08:50 AM] $ resolve-hostname-from-ip 111.22.33.444
someotherhostname
I have tested this on RHEL and SUSE successfully. I haven't tested it on IP's outside of my domain though, so I'm not 100% sure it will work in all cases...hope this helps =)

Resources