I had a case where I needed to mass scan some addresses on a network for any open DNS servers. In my case I just needed to find open port 53 servers and attempt a query for their version type. Adding additional things to this script should be easy though.
#! /bin/bash
# Script for scanning a network for DNS servers
# and then checking for a BIND version on them
#Replace the network with your own. It gets open port 53 hosts in to a variable
ipaddresses=$(nmap -sU -p 53 192.168.1.0/24 | grep -B3 "53\/udp open" | grep "scan report" | awk '{print $5}')
#For those variables, send a BIND version request to it and print it out.
for server in $ipaddresses
do
version=$(dig @$server version.bind txt ch +short)
if [[ -z $version ]]
then
version=$(echo "Not Found")
fi
echo "Server: $server"
echo "Version: $version"
echo -e "\n"
done
No comments:
Post a Comment