-
Notifications
You must be signed in to change notification settings - Fork 57
/
Copy pathweb-service-finder.sh
44 lines (34 loc) · 1.33 KB
/
web-service-finder.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#!/bin/bash
#Gets the urls that return a status 200 on port 443 when given a list of ips.
#
# Usage: ./web-service-finder.sh ips.txt
#
# By: Leon Teale (RandomStorm)
#
## Check for correct usage
if [ -z "$1" ];
then
echo ""
echo "please provide some ips for the script"
echo " Usage: ./web-service-finder.sh ips.txt"
echo ""
else
echo ""
for ip in `cat $1`;
do echo "$ip";
#Perform nmap to only gather ips that have port 443 open else the script can hang.
nmap $ip -p 443 -o /dev/null | egrep open; done | grep -B 1 open > temp.txt; cat temp.txt | grep '[^\.][0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}[^\.]' > ips443.txt;
for ip in `cat ips443.txt | sort -u`; do
#Performs the last bit of the program using curl to grab the URL
curl -k -sL -w "%{http_code} %{url_effective}\\n" "https://$ip"; done | grep "200 https"
for ip in `cat $1`;
do echo "$ip";
#Perform nmap to only gather ips that have port 80 open else the script can hang.
nmap $ip -p 80 -o /dev/null | egrep open; done | grep -B 1 open > temp.txt; cat temp.txt | grep '[^\.][0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}[^\.]' > ips80.txt;
for ip in `cat ips80.txt | sort -u`; do
#Performs the last bit of the program using curl to grab the URL
curl -k -sL -w "%{http_code} %{url_effective}\\n" "http://$ip"; done | grep "200 http"
fi
#clean up
rm ips80.txt
rm ips443.txt