-
Notifications
You must be signed in to change notification settings - Fork 0
/
nxcspidey.sh
106 lines (86 loc) · 3.7 KB
/
nxcspidey.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/bin/bash
#enable screen scrolling by executing below
#echo 'termcapinfo xterm* ti@:te@' >> /etc/screenrc
bblue='\033[1;34m'
bbred='\033[1;31m'
bgreen='\033[1;32m'
bwhite='\033[1;37m'
reset='\033[0m'
echo ''
echo -e "${bblue}nxcspidey v1.3${reset}"
echo ''
echo -e "${bbred}removing old files if they are exist or not.${reset}"
rm -rf /tmp/nxcspidey
echo ''
if ! command -v nxc &> /dev/null || ! command -v netexec &> /dev/null; then
echo -e "${bbred}netexec is not present.${reset}"
echo ''
echo -e "${bwhite}type y to download netexec.${reset}"
echo -e "${bwhite}type n to exit script, launch your virtualenv (if you have) then run script again.${reset}"
read response1
if [ "$response1" = "y" ]; then
echo ''
echo -e "${bgreen}downloading netexec to \"/usr/bin/\" as \"nxc\".${reset}"
wget https://github.com/Pennyw0rth/NetExec/releases/latest/download/nxc -O /usr/bin/nxc
chmod +x /usr/bin/nxc
elif [ "$response1" = "n" ]; then
exit
else
echo 'deadass???'
exit
fi
else
echo -e "${bgreen}netexec is present.${reset}"
fi
echo ''
echo -e "${bgreen}starting nxcspidey share enumerator. $(date)${reset}"
mkdir /tmp/nxcspidey
domain_user="uuuu"
domain_pass='pppp'
domain_name="dddd" #not fqdn, enter short name.
share_extensions=".vhd .vbk .vmdk .cfg .config .conf credentials db. config. group groups pwd pass password dbpass dbpwd db_password db_pass sifre şifre cpassword"
extensions_pattern=$(echo $share_extensions | grep -o '\S*\.[[:alnum:]]\S*' | tr '\n' '|' | sed 's/|$//')
nxc smb p445.txt -u $domain_user -p $domain_pass -d $domain_name --shares | egrep -a -v -e "WsusContent|CertEnroll" > /tmp/nxcspidey/nxcspidey_temp.txt
echo ''
echo -e "${bgreen}ended nxcspidey share enumerator. $(date)${reset}"
echo ''
echo -e "${bgreen}do you want extension scan or extension+content scan?${reset}"
echo -e "${bwhite}type y to extension scan"
echo -e "type n to extension+content scan${reset}"
read response1
if [ "$response1" = "y" ]; then
echo ''
echo -e "${bgreen}starting nxcspidey extension scan. $(date)${reset}"
echo ''
lines=$(egrep -a -e "(WRITE|READ)" /tmp/nxcspidey/nxcspidey_temp.txt)
while IFS= read -r line; do
p=$(echo "$line" | awk '{print $2}')
s=$(echo "$line" | awk '{print $5}')
nxc smb $p -u $domain_user -p $domain_pass -d $domain_name --spider $s --pattern $share_extensions --only-files | grep size | sed 's/\(pattern\)/\o033[31m\1\o033[39m/' >> /tmp/nxcspidey/nxcspidey.txt
done <<< "$lines"
echo -e "${bgreen}process is completed. $(date)${reset}"
echo ''
cat /tmp/nxcspidey/nxcspidey.txt | sed -r "s/($extensions_pattern)/\o033[30;42m\1\o033[0m/g" | sort -u
elif [ "$response1" = "n" ]; then
echo ''
echo -e "${bgreen}starting nxcspidey extension+content scan. $(date)${reset}"
echo ''
lines=$(egrep -a -e "(WRITE|READ)" /tmp/nxcspidey/nxcspidey_temp.txt)
while IFS= read -r line; do
p=$(echo "$line" | awk '{print $2}')
s=$(echo "$line" | awk '{print $5}')
nxc smb $p -u $domain_user -p $domain_pass -d $domain_name --spider $s --pattern $share_extensions --content | grep size | sed 's/\(pattern\)/\o033[31m\1\o033[39m/' >> /tmp/nxcspidey/nxcspideycontent.txt
done <<< "$lines"
echo -e "${bgreen}process is completed. $(date)${reset}"
echo ''
cat /tmp/nxcspidey/nxcspideycontent.txt | sed -r "s/($extensions_pattern)/\o033[30;42m\1\o033[0m/g" | sort -u
else
echo 'deadass???'
exit
fi
# nxcspidey 1.3
#
# contact options
# mail: https://blog.zurrak.com/contact.html
# twitter: https://twitter.com/tasiyanci
# linkedin: https://linkedin.com/in/aslanemreaslan