{"id":55,"date":"2013-01-21T22:07:27","date_gmt":"2013-01-21T20:07:27","guid":{"rendered":"http:\/\/bastardo.de\/?p=55"},"modified":"2013-01-21T22:07:27","modified_gmt":"2013-01-21T20:07:27","slug":"samba-netbios-network-scanner-smbscan-for-linux","status":"publish","type":"post","link":"https:\/\/bastardo.de\/index.php\/2013\/01\/21\/samba-netbios-network-scanner-smbscan-for-linux\/","title":{"rendered":"Samba \/ Netbios network scanner (SMBScan) for Linux"},"content":{"rendered":"

Simple Smb Scanner written in Bash for linux for oder Systems <\/p>\n

smbscan-1.1.tar<\/a>\u00a0(Download all) for older systems (anno 2006)<\/p>\n

smbscan.sh<\/p>\n

#!\/bin\/bash\n# This script scans smb servers a given network\n# and mounts anonymous shared directories\n# example: .\/smbscan.sh or .\/smbscan iprange\n# http:\/\/www.bastardo.de\/ \n\n# clean old temp files\n#rm -f *.out\n\nif [ `id -u` -ne 0 ]; then\n  echo \"You must be root to use this script.\"\n  exit 1\nfi\n\nFILESYSTEM=cifs\nSMBM=\/usr\/bin\/smbmount\nSMBC=\/usr\/bin\/smbclient\nNMBL=\/usr\/bin\/nmblookup\nNMAP=\/usr\/bin\/nmap\nGREP=\/bin\/grep\nSED=\/bin\/sed\nDIALOG=\/usr\/bin\/dialog\n#WHIP=\/usr\/bin\/whiptail\nCHARSET=\"iso8859-1\"\n# BUNT 1 = Console\n# BUNT 0 = with Whiptail or dialog graphics\nBUNT=1\nTIMEOUT=5\n\n#test -x $WHIP\ntest -x $DIALOG && DIALOG=$DIALOG\n#test -x $WHIP || BUNT=0\ntest -x $SMBM || { echo -e 'smbmount not found !';exit 1; }\ntest -x $SMBC || { echo -e 'smbclient not found !';exit 1; }\ntest -x $NMBL || { echo -e 'nmblookup not found !';exit 1; }\ntest -x $NMAP || { echo -e 'nmap not found !';exit 1; }\ntest -x $GREP || { echo -e 'grep not found !';exit 1; }\ntest -x $SED || { echo -e 'sed not found !';exit 1; }\n# hehe i know that suxx ;)\nclear\n\nfunction script_kiddie() {\nif [ $BUNT -eq 1 ]\nthen\n    echo \"ScR1p7k1dDi3 Pr0t3c7 Sy5t3m v 1.1\"\n\telse\n\t    $DIALOG --title \"v 1.1\" --infobox \" ScR1p7k1dDi3 Pr0t3c7 Sy5t3m\" 6 20\nfi\nexit 1 \n}\nscript_kiddie\n\nif [ $# -eq 1 ]\nthen\n    echo \"$1\" > .\/out\n        else\n\t    $DIALOG --title \"SMBscan v.1.1\" --inputbox \"                Written by cd ;)\n\nPlease enter IP range\ne.g 10.0.0.1-24 or 10.0.1-255.5-30\nor type .\/smbscan 10.0.0.1-254\n\nhttp:\/\/www.bastardo.de <- get newest version\" 13 50 2> .\/out\nfi\n\nfunction check_it(){\nSUM=0\nX=`cat .\/out | wc -c`\nSUM=`expr $SUM + $X`\n}\nif [ $BUNT -eq 1 ]\n    then\n#\ttest -e $1 || { echo -e \"$0 [ip room]\"; exit 1; }\n\t    echo \"Written by cd ;)\"\n\t    echo \"Scan started against to $1 on port 139\"\n\t    echo \"This can take a while\"\nfi\n\ncheck_it\nIP=`cat .\/out`\nrm -f .\/out\n# i think that is the fastest, we whant to scan only 1 port ... not more \n$NMAP -p 139 -PN -T 5 -sT -v -v $IP  -oG .\/$IP.out | $GREP Host\ncat .\/$IP.out | $GREP \"139\/open\" | cut '-d ' -f 2 > .\/out\nrm -f .\/$IP.out\ncheck_it\nif [ $SUM = 0 ]\n    then \n\tif [ $BUNT -eq 1 ]\n\t    then\necho \"\n    No SMB Server found.\n\n      Thanks for use ...\"\n\t\trm -f .\/out\n\t\texit 1\n\t\t    else\n\t\t\t$DIALOG --title \"Sorry\" --infobox \"\n    No SMB Server found !\n\n      Thanks for use ... \" 7 30\n\t\t\trm -f .\/out\n\t\t\texit 1\n\tfi\nfi\n\nif [ $BUNT -eq 1 ]\n    then\n\techo \"Please wait...\n      Searching 4 Shared Directories\"\n\telse\n\t    $DIALOG --infobox \"Please wait !\nSearching 4 Shared Directories...\" 5 40\nfi\nwhile read host ;\n    do\n\t# Get Computer name\n\techo \"Try $host...\"\n        echo \"Searching Name via nmblookup (B)\"\n\tname=`$NMBL -A $host | $GREP \"<00> -         B <ACTIVE>\" | awk '{print $1}'`\n\n\t# Get Workgroup name\n\tworkgroup=`$NMBL -A $host | $GREP \"<00> - <GROUP>\" | awk '{print $1}'`\n\n\t# if name not set so use this one\n\tworkgroup=${workgroup:=WORKGROUP}\n\n\tname=${name:=IG_IT_IG_IT}\n\nif [ $name = \"IG_IT_IG_IT\" ]\n    then\n\techo \"Searching name via nmblookup (M)\"\n\tname=`$NMBL -A $host | $GREP \"<00> -         M <ACTIVE>\" | awk '{print $1}'`\n    fi \n    name=${name:=NONAME}\n\nif [ $name = \"NONAME\" ]\n    then\n\techo \"Searching Name via nmblookup (H)\"\n\tname=`$NMBL -A $host | $GREP \"<00> -         H <ACTIVE>\" | awk '{print $1}'`\n    fi\n    name=${name:=NO_NAME}\n\nif [ $name = \"NO_NAME\" ]\n    then\n\techo \"Searching Name via Smbclient ... using Servername\"\n\tname=`$SMBC -N -L $host -g | grep Server | awk {'print $1'} | cut -d '|' -f 2`\n    fi\n    name=${name:=NAME_NOT_FOUND}\n\n\t# search for shared folders\n\techo \"looking for shared directorys on $host\"\n\t# kill old sleep process\n\tkill -9 `pidof sleep` 2&>1\n\t$SMBC -W \"$workgroup\" -n \"fuckup\" -N  -L $host -g -p 139 | grep Disk | cut -f 2 -d '|'  > .\/$host.shares \n        # set Timeout to kill connections that take to long 10 sec is ok i think\n\tsleep $TIMEOUT || kill -9 `pidof $SMBC` 2&>1\n\n\t    exist=0\n\t    while read LIST ;\n\t    \t\tdo\n\t\t    exist=1\n\t\t    #make directory for the shares\n\t\t    mkdir -p .\/\"$name-$host\/$LIST\"\n\t\t    #add a logfile\n\t\t    #touch .\/\"$name-$host\/ip-is-$host\"\n\t\t    $SMBM \"\/\/$host\/$LIST\" \".\/$name-$host\/$LIST\" -o defaults,guest,iocharset=utf8\n\n\t\t\tif [ $BUNT -eq 1 ]\n\t\t\t    then\n\t\t\t\techo \"trying to mount \/\/$host\/$LIST into .\/$name-$host\/$LIST\"\n\t\t\t    else\n\t\t\t\t$DIALOG --infobox  \"trying to mount \/\/$host\/$LIST into .\/$name\/$LIST\" 10 60\n\t\t\tfi\n\t\tif [ $exist = 1 ]\n\t\tthen\n\t\t    #write some useful or not very useful informations into a log \n\t\t    echo \" \n\t\t    $name - $host\n\t\t    Last found: `date`\n\t\t    Mapped    : `df -h | grep $host`\" >> .\/\"$name-$host\/ip-is-$host\" \n\t\tfi\n\t    done < .\/$host.shares\n#\t    echo `mount | $GREP cifs | grep $host` >> .\/\"$name-$host\/ip-is-$host\"\n\nrm -f .\/$host.shares\ndone < .\/out\n\nmount | $GREP $FILESYSTEM > .\/mounts\nif [ $BUNT -eq 1 ]\n    then\n\techo \"\nSMBScan v 1.1 -> listing mounted smb file systems\n\n`cat .\/mounts | more`\n\"\n    else\n\t$DIALOG --title \"SMBScan v 1.1 -> listing mounted smb file systems\" --textbox mounts 10 60\nfi\nrm -f .\/mounts\nrm -f .\/out<\/pre>\n
 <\/p>\n
The unmount script<\/p>\n
umount.sh<\/p>\n
#!\/bin\/sh\n#get forced\necho \"unmounting smb file systems (force)\"\numount *\/*\/*\n#umount `mount | grep smbfs | awk '{print $3}'`\nkill -9 `ps aux | grep mount.cifs | awk '{print $2}'`<\/pre>\n
 <\/p>\n
The Makefile for „make install“<\/p>\n
PREFIX=\/usr\/sbin\/\ninstall:\n\t@cp smbscan.sh $(PREFIX)\n\t@cp umountall.sh $(PREFIX)\n\nuninstall:\n\t@rm $(PREFIX)smbscan.sh\n\t@rm $(PREFIX)umountall.sh<\/pre>\n
 <\/p>\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
Simple Smb Scanner written in Bash for linux for oder Systems smbscan-1.1.tar\u00a0(Download all) for older systems (anno 2006) smbscan.sh #!\/bin\/bash # This script scans smb servers a given network # and mounts anonymous shared directories # example: .\/smbscan.sh or .\/smbscan iprange # http:\/\/www.bastardo.de\/ # clean old temp files #rm -f *.out if [ `id -u` […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-55","post","type-post","status-publish","format-standard","hentry","category-allgemein"],"_links":{"self":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/posts\/55","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/comments?post=55"}],"version-history":[{"count":0,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/posts\/55\/revisions"}],"wp:attachment":[{"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/media?parent=55"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/categories?post=55"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bastardo.de\/index.php\/wp-json\/wp\/v2\/tags?post=55"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}