Black Hat Bash - Bash Scripting for Hackers and Pentesters (Early Access) (Dolev Farhi, Nick Aleks)

Exercise 8: Combining Multiple Tools to Achieve Your Objective

The goal of this exercise is to write a script that calls several

security tools, parses their output, and passes the output to other

tools to act on it. Orchestrating multiple tools in this way is a very

common task in penetration testing, so we encourage you get

comfortable with building such workflows.

Your script should do the following:

1. Accept one or more IP addresses on the command line.

2. Run a port scanner against the IP addresses; which port scanner

you use is completely up to you.

3. Identify open ports. If any of them are FTP ports (21/TCP) the

script should pass the address to a vulnerability scanner in Step

4. Scan the addresses and ports using Nuclei. You can use

templates dedicated to finding issues in FTP servers. Search in

the Nuclei templates folder /home/kali/.local/nuclei-templates for

FTP-related templates or use the -tags ftp Nuclei flag.

5. Scan the address using Nmap. Use NSE scripts that find

vulnerabilities in FTP servers, which you can find under the

/usr/share/nmap/scripts folder. For example, try ftp-anon.nse.

6. Parse and write the results to a file with a format of your choice.

One example could be an HTML file. The file should include a

description of the vulnerability, the relevant IP address and port,

the timestamp at which it was found, and the name of the tool

that detected the issue. There is no hard requirement about how

the data should be presented; one option is to use an HTML

table. If you need an example table, you can find one at

https://github.com/dolevf/Black-Hat-

Bash/blob/master/ch05/vulnerability_table.html (open this file in

a web browser to view the table). Alternatively, you could write

the results to a CSV file.

As you know, there is more than one way to write such script.

Only the end result matters, so write it as you see fit!