{"id":357,"date":"2012-02-04T12:23:29","date_gmt":"2012-02-04T11:23:29","guid":{"rendered":"https:\/\/www.phillips321.co.uk\/?page_id=357"},"modified":"2015-05-05T12:43:58","modified_gmt":"2015-05-05T11:43:58","slug":"pentest-sh","status":"publish","type":"page","link":"https:\/\/www.phillips321.co.uk\/pentest-sh\/","title":{"rendered":"pentest.sh"},"content":{"rendered":"<p>So I&#8217;ve been using my <a href=\"http:\/\/bt5-fixit.googlecode.com\/svn\/trunk\/bt5-nmap.sh\" target=\"_blank\">bt5-nmap.sh script<\/a> for a few years to quickly gather data whilst on a pentest. The main issue with the old way this script worked was it was not easy to continue a session half way through or to modify the number of running threads.<br \/>\nThe new script uses <a href=\"http:\/\/hightek.org\/dialog\/\" target=\"_blank\">dialog<\/a> which comes as standard in bt5.<br \/>\nOptions:<\/p>\n<ul>\n<li>arpscan &#8220;run arp-scan to create targets.txt&#8221;<\/li>\n<li>nmap &#8220;nmap targets&#8221;<\/li>\n<li>amap &#8220;amap ports found using nmap&#8221;<\/li>\n<li>sslscan &#8220;sslscan targets&#8221;<\/li>\n<li>gwp &#8220;Take photo of web pages found?&#8221;<\/li>\n<li>snmpscans &#8220;Check for default SNMP community strings&#8221;<\/li>\n<li>snmpget &#8220;Get data from SNMP services using known strings&#8221;<\/li>\n<li>enum4linux &#8220;Run enum4linux against targets&#8221;<\/li>\n<li>smtp &#8220;connect to SMTP to check if they allow relaying of mail&#8221;<\/li>\n<li>uniscan &#8220;run uniscan against HTTP(s) ports&#8221;<\/li>\n<li>nfsscan &#8220;connect to nfs services and list contents&#8221;<\/li>\n<\/ul>\n<p>View the code on the <a href=\"https:\/\/github.com\/phillips321\/phillips321\" target=\"_blank\">github page<\/a>.<\/p>\n<p>Here are a few photo&#8217;s followed by a quick demo video&#8230;<br \/>\n\n\t\t<style type=\"text\/css\">\n\t\t\t#gallery-1 {\n\t\t\t\tmargin: auto;\n\t\t\t}\n\t\t\t#gallery-1 .gallery-item {\n\t\t\t\tfloat: left;\n\t\t\t\tmargin-top: 10px;\n\t\t\t\ttext-align: center;\n\t\t\t\twidth: 33%;\n\t\t\t}\n\t\t\t#gallery-1 img {\n\t\t\t\tborder: 2px solid #cfcfcf;\n\t\t\t}\n\t\t\t#gallery-1 .gallery-caption {\n\t\t\t\tmargin-left: 0;\n\t\t\t}\n\t\t\t\/* see gallery_shortcode() in wp-includes\/media.php *\/\n\t\t<\/style>\n\t\t<div id='gallery-1' class='gallery galleryid-357 gallery-columns-3 gallery-size-thumbnail'><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/1_scan_options.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/1_scan_options-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/2_output_dir.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/2_output_dir-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/3_number_of_threads.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/3_number_of_threads-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><br style=\"clear: both\" \/><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/4_nmap_scan_types.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/4_nmap_scan_types-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/5_custom_nmap_port_secletion.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/5_custom_nmap_port_secletion-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/6_progress_display.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/6_progress_display-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><br style=\"clear: both\" \/><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/7_individual_scan_status.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/7_individual_scan_status-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/8_listing_of_weak_ssl_ciphers_and_protocols.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/8_listing_of_weak_ssl_ciphers_and_protocols-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><dl class='gallery-item'>\n\t\t\t<dt class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/9_open_ports_summary.png'><img width=\"150\" height=\"150\" src=\"https:\/\/www.phillips321.co.uk\/wp-content\/uploads\/2012\/02\/9_open_ports_summary-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" loading=\"lazy\" \/><\/a>\n\t\t\t<\/dt><\/dl><br style=\"clear: both\" \/>\n\t\t<\/div>\n<br \/>\n<iframe loading=\"lazy\" width=\"630\" height=\"420\" src=\"http:\/\/www.youtube.com\/embed\/An6Q3sxnd_0?rel=0\" frameborder=\"0\" allowfullscreen><\/iframe><\/p>\n","protected":false},"excerpt":{"rendered":"<p>So I&#8217;ve been using my bt5-nmap.sh script for a few years to quickly gather data whilst on a pentest. The main issue with the old way this script worked was it was not easy to continue a session half way through or to modify the number of running threads. The new script uses dialog which [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":360,"parent":0,"menu_order":6,"comment_status":"open","ping_status":"open","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/pages\/357"}],"collection":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/comments?post=357"}],"version-history":[{"count":19,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/pages\/357\/revisions"}],"predecessor-version":[{"id":1236,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/pages\/357\/revisions\/1236"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media\/360"}],"wp:attachment":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media?parent=357"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}