├── LICENSE
├── README.md
├── custom-scan.sh
└── scan-htb.sh


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2019 Vay3t
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # scan-htb
 2 | automatic scan for hackthebox
 3 | 
 4 | # Usage
 5 | Need root
 6 | 
 7 | ```
 8 | [*] Usage: bash scan-htb.sh <target>
 9 | ```
10 | 
11 | # Correct install
12 | 
13 | ### Install masscan
14 | ```bash
15 | sudo apt update
16 | sudo apt install git gcc make libpcap-dev -y
17 | git clone https://github.com/robertdavidgraham/masscan
18 | cd masscan
19 | make -j
20 | sudo make install
21 | ```
22 | 
23 | ### Install nmap
24 | ```bash
25 | sudo apt update
26 | sudo apt install nmap -y
27 | ```
28 | 
29 | ### Install scan-htb
30 | ```bash
31 | git clone https://github.com/vay3t/scan-htb
32 | ```
33 | 
34 | # Credits
35 | 
36 | * dplastico
37 | 


--------------------------------------------------------------------------------
/custom-scan.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | iface=$1
 4 | target=$2
 5 | 
 6 | portsTCP="Null"
 7 | portsUDP="Null"
 8 | 
 9 | #categories=$(grep -r categories /usr/share/nmap/scripts/*.nse | grep -oP '".*?"' | sort -u  | cut -d '"' -f2)
10 | 
11 | if [[ $(id -u) -ne 0 ]]; then
12 | 	echo "[!] Please run as root"
13 | 	exit 2
14 | else
15 | 	if [ $# -ne 2 ];then
16 | 		echo "[*] Usage: bash $0 <iface> <target>"
17 | 		exit 1
18 | 	else
19 | 		ifconfig $iface &> /dev/null
20 | 		
21 | 		if [ $? -eq  0 ]; then
22 | 			if [[ $target =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then
23 | 				echo "[+] Discovering ports..."
24 | 				masscan $target -p1-65535,U:1-65535 -oG out.grep --rate=1000 -e $iface
25 | 
26 | 				echo ""
27 | 				grep open out.grep | grep tcp > tmptcp.grep
28 | 				if [ $? -eq 0 ]; then
29 | 					portsTCP=$(awk '{print $7}' tmptcp.grep | cut -d "/" -f1 | tr "\n" ",")
30 | 				fi
31 | 
32 | 				grep open out.grep | grep udp > tmpudp.grep
33 | 				if [ $? -eq 0 ]; then
34 | 					portsUDP=$(awk '{print $7}' tmpudp.grep | cut -d "/" -f1 | tr "\n" ",")
35 | 				fi
36 | 
37 | 				if [ $portsTCP != "Null" ]; then
38 | 					echo "[+] Scan TCP ports"
39 | 					echo "nmap $target -p $portsTCP -n -T4 -sV -Pn -sC"
40 | 					nmap $target -p $portsTCP -n -T4 -sV -Pn -sC
41 | 				fi
42 | 				if [ $portsUDP != "Null" ]; then
43 | 					echo "[+] Scan UDP ports"
44 | 					echo "nmap $target -sU -p $portsUDP -n -T4 -sV -Pn -sC"
45 | 					nmap $target -sU -p $portsUDP -n -T4 -sV -Pn -sC
46 | 				fi
47 | 				echo "[*] Finished"
48 | 			else
49 | 				echo "[!] Invalid IP"
50 | 				exit 2
51 | 			fi
52 | 		else
53 | 			echo "[-] You are not connected to $iface"
54 | 		fi
55 | 	fi
56 | fi
57 | 


--------------------------------------------------------------------------------
/scan-htb.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | target=$1
 4 | 
 5 | portsTCP="Null"
 6 | portsUDP="Null"
 7 | 
 8 | #categories=$(grep -r categories /usr/share/nmap/scripts/*.nse | grep -oP '".*?"' | sort -u  | cut -d '"' -f2)
 9 | 
10 | if [[ $(id -u) -ne 0 ]]; then
11 | 	echo "[!] Please run as root"
12 | 	exit 2
13 | else
14 | 	if [ $# -ne 1 ];then
15 | 		echo "[*] Usage: bash $0 <target>"
16 | 		exit 1
17 | 	else
18 | 		ifconfig tun0 &> /dev/null
19 | 		if [ $? -eq  0 ]; then
20 | 			if [[ $target =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then
21 | 				echo "[+] Discovering ports..."
22 | 				masscan $target -p1-65535,U:1-65535 -oG out.grep --rate=1000 -e tun0 
23 | 
24 | 				echo ""
25 | 				grep open out.grep | grep tcp > tmptcp.grep
26 | 				if [ $? -eq 0 ]; then
27 | 					portsTCP=$(awk '{print $7}' tmptcp.grep | cut -d "/" -f1 | tr "\n" ",")
28 | 				fi
29 | 
30 | 				grep open out.grep | grep udp > tmpudp.grep
31 | 				if [ $? -eq 0 ]; then
32 | 					portsUDP=$(awk '{print $7}' tmpudp.grep | cut -d "/" -f1 | tr "\n" ",")
33 | 				fi
34 | 
35 | 				if [ $portsTCP != "Null" ]; then
36 | 					echo "[+] Scan TCP ports"
37 | 					echo "nmap $target -p $portsTCP -n -T4 -sV -Pn -sC"
38 | 					nmap $target -p $portsTCP -n -T4 -sV -Pn -sC
39 | 				fi
40 | 				if [ $portsUDP != "Null" ]; then
41 | 					echo "[+] Scan UDP ports"
42 | 					echo "nmap $target -sU -p $portsUDP -n -T4 -sV -Pn -sC"
43 | 					nmap $target -sU -p $portsUDP -n -T4 -sV -Pn -sC
44 | 				fi
45 | 				echo "[*] Finished"
46 | 			else
47 | 				echo "[!] Invalid IP"
48 | 				exit 2
49 | 			fi
50 | 		else
51 | 			echo "[-] You are not connected to hackthebox"
52 | 		fi
53 | 	fi
54 | fi
55 | 


--------------------------------------------------------------------------------