NetHunter Scripts for an easy Pentest

[xaxaxa]

Hi all,
I opened this new thread in order to post scripts that can be used for a fast pentesting
I will try to compile and post some APK for fast interaction with Kali.

[muts]

Thanks xaxaxa! Perhaps you can post the source too, and when we have enough, we'll start a github repository for these?

[xaxaxa]

@muts

Yes I will post source and everything later today.
I like NetHunter and hopefully we can make it future Pentest ARM system

[photonicgeek]

Here is my contribution!

A nice Wifi AP Obfuscator:
https://github.com/lostincynicism/FuzzAP

Wifi AP jammer and deauth utility. Good for capturing auth packets!
https://github.com/DanMcInerney/wifijammer

A vulnerable "Bank" app for android to test different attacks:
https://github.com/dineshshetty/Android-InsecureBankv2

And my very own script (Based on an exploit), a utility that removes lockscreen passwords on Anything before KitKat:
https://github.com/photonicgeek/Kali...move%20Lock.sh
(Specifically based off of this)

Have fun!

[xaxaxa]

Nmap Bash script for fast network scan incl. service discovery.

This is version 1.0, I will add more features to it later. An apk for every bash script will be done and will be posted here.

Code:
#!/bin/bash
# Script to scan current network using Nmap


interface_select(){
clear
echo "Select which interface to scan on [1-4]:"
echo
echo "1. eth0 (USB Ethernet adapter)"
echo "2. wlan0 (internal Wifi)"
echo "3. wlan1 (USB TP-Link adapter or other)"
echo "4. at0 (Use with EvilAP)"
echo
read -p "Choice [1-4]: " interfacechoice


case $interfacechoice in
1) interface=eth0 ;;
2) interface=wlan0 ;;
3) interface=wlan1 ;;
4) interface=at0 ;;
*) interface_select ;;
esac
}


one_two(){
read -p "Choice [1-2]: " input
case $input in
[1-2]*) echo $input ;;
*) one_two ;;
esac
}


start_the_scan(){


network=$(ifconfig $interface | awk -F ":"'/inet addr/{split($2,a," ");print a[1]}'|awk -F'.''{print $1"."$2"."$3"."}')


cd /captures/nmap/


filename1="/captures/nmap/host_scan_$(date +%F-%H%M).txt"
filename2="/captures/nmap/service_scan_$(date +%F-%H%M).txt"



myip=$(ifconfig $interface | awk -F ":" '/inet addr/{split($2,a," ");print a[1]}')##thanks to secjunkie
sed -i "/$myip/d" $filename1 ##thanks to secjunkie


nmap -sP $network* -oG $filename1##thanks to secjunkie
echo
echo "Scan results saved to $filename1"
echo


echo "[?] Run a service scan against the discovered?"
echo
echo "1. Yes"
echo "2. No"
echo


scandiscov=$(one_two)


if [ $scandiscov -eq 1 ]; then
nmap -sV $network* |tee $filename2
echo
echo "Results completed saved to $filename2"
echo
echo
fi
}


interface_select
start_the_scan

[secjunkie]

Nice post @xaxaxa many thanks two typos though

(missing spaces)

Code:

network=$(ifconfig $interface | awk -F ":" '/inet addr/{split($2,a," ");print a[1]}'|awk -F '.' '{print $1"."$2"."$3"."}')

(" not ”)

Code:

echo "3. wlan1 (USB TP-Link adapter or other)”

there is a directory for that kind of output in /captures/nmap btw

and finally if you add

Code:

myip=$(ifconfig $interface | awk -F ":" '/inet addr/{split($2,a," ");print a[1]}')

and

Code:

sed -i "/$myip/d" $filename1

and change your first nmap to

Code:

nmap -sP $network* -oG $filename1

you can skip scanning yourself

[xaxaxa]

@secjunkie,

Great. I will do my best to post some others this week due my busy schedule.
I want also to do the apk's for easy user interaction

[T@CT1CL]

Hey everybody, after chmod 775 the script, I attempt to run it from the Kali Terminal emulator "./scan.sh" ... no luck. The script won't open. PLEASE steer me in the right direction? Many thanks!

[ping]

And my very own script (Based on an exploit), a utility that removes lockscreen passwords on Anything before KitKat:
https://github.com/photonicgeek/Kali...move%20Lock.sh 404 not found can you update link please.