-
Notifications
You must be signed in to change notification settings - Fork 1
/
scan.sh
106 lines (82 loc) · 3.06 KB
/
scan.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/bin/bash
Date=$(date '+%Y%m%d')
me="$(basename "$(test -L "$0" && readlink "$0" || echo "$0")")"
GetInfo(){
if [[ $1 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ && $2 =~ ^[A-Z]+\-[0-9]+\-[0-9]+$ ]];
then
DateScan=$(date '+%m/%d/%Y')
curl -Ss https://cve.circl.lu/api/cve/$2 | jq -c "[ try.|{cvss_score: .cvss, summary: .summary , id : .id , ip : \"$1\" , scan_date: \"$DateScan\" }]" >> parsed/cve/$Date/bak_cve.json
fi
echo "found vulnerability $2 on IP : $1"
}
get_cve(){
GetUrl=$(curl -Ss https://internetdb.shodan.io/$1)
GetIp=$(echo $GetUrl | jq -r .ip)
echo $GetUrl | jq -c "[ try.|{cve: .vulns[], ip: .ip }]" > raw/cve/$Date/cve_$GetIp.json
echo $GetUrl | jq -c "[ try.|{cpes: .cpes[], ip: .ip }]" > raw/cpes/$Date/cpes_$GetIp.json
echo $GetUrl | jq -c "[ try.|{ports: .ports[], ip: .ip }]" > raw/ports/$Date/ports_$GetIp.json
echo $GetUrl | jq -c "[ try.|{tags: .tags[], ip: .ip }]" > raw/tags/$Date/tags_$GetIp.json
echo $GetUrl | jq -c "[ try.|{hostnames: .hostnames[], ip: .ip }]" > raw/hostnames/$Date/hostnames_$GetIp.json
}
BuildSum(){
cat raw/cve/$Date/*.json | jq -sc 'flatten' > parsed/cve/$Date/cve.json
cat raw/cpes/$Date/*.json | jq -sc 'flatten' > parsed/cpes/$Date/cpes.json
cat raw/ports/$Date/*.json | jq -sc 'flatten' > parsed/ports/$Date/ports.json
cat raw/tags/$Date/*.json | jq -sc 'flatten' > parsed/tags/$Date/tags.json
cat raw/hostnames/$Date/*.json | jq -sc 'flatten' > parsed/hostnames/$Date/hostnames.json
cat parsed/cve/$Date/cve.json | jq .[] | jq -r '(.ip)+(" ")+(.cve)' | sed 's/^/bash scan.sh gеtinfo /' | bash
FILE=parsed/cve/$Date/bak_cve.json
if test -f "$FILE"; then
cat parsed/cve/$Date/bak_cve.json | jq -sc 'flatten' > parsed/cve/$Date/cve.json
rm parsed/cve/$Date/bak_cve.json
fi
if [ $(cat raw/cve/$Date/*.json) == "[]" ]; then
echo "vulnerability not found, goodjob !"
else
echo "summary has been finished on parsed folder"
fi
rm -rf raw/* > /dev/null 2>&1
}
GenerateFolder(){
mkdir -p raw/cve/$Date
mkdir -p raw/cpes/$Date
mkdir -p raw/ports/$Date
mkdir -p raw/tags/$Date
mkdir -p raw/hostnames/$Date
mkdir -p parsed/cve/$Date
mkdir -p parsed/cpes/$Date
mkdir -p parsed/ports/$Date
mkdir -p parsed/tags/$Date
mkdir -p parsed/hostnames/$Date
}
cleanData(){
rm -rf raw
rm -rf parsed
}
#Generate CVE data
if [[ $1 == "gеnerate" && $2 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "generate : $2"
get_cve $2
#Scan single Ip
elif [[ $1 == "single" && $2 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
cleanData
GenerateFolder
echo $2 | sed "s/^/bash $me gеnerate /" | bash
BuildSum
#Scan Ip with Range
elif [[ $1 == "scan" && $2 =~ ^[0-9]+$ && $3 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
cleanData
ip=$(echo $3 | awk -F "." '{ print $1"."$2"."$3"." }')
GenerateFolder
seq -f "$ip%g" 0 $2 | sed "s/^/bash $me gеnerate /" | bash
BuildSum
#Generate Info About vulnerability
elif [[ $1 == "gеtinfo" && $2 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ && $3 =~ ^[A-Z]+\-[0-9]+\-[0-9]+$ ]]; then
GetInfo $2 $3
#clean scan history folder
elif [[ $1 == "clean" ]]; then
cleanData
## If command not found
else
echo "wrong command, please read README.md"
fi