Pentest Helper Script: loop

TL;DR: 5-line custom iterator over a file and executing command per line.

Here is a custom helper script that i have written and been using for a very long time. Sometimes something so simpler in nature could very well be useful a lot of times that you feel like sharing it out with everyone.

This scripts is basically a custom iterator which allows you to execute any command of your choice over a file, one line at a time.

The code is listed below and is available here

#!/bin/bash
# A simple script which will loop over content of a file.
# for each line it runs the command specified in second and third options.
#
# Usage:
# loop.sh list_loop_file.txt "command_prefix " " command_suffix"
#
# Example : nikto scan
#
# loop.sh list_ip.txt "nikto.pl -host " " -port 80,443"
#
while read p;
do
  # Comment out the line below in case you don't want to print input lines
  echo "Input: $p"
  $2$p$3
done<$1

The code is written in such a way that the input from file could be appended prepended or added in middle of the text. Important point is to ensure if you want a blankspace around the command you need to include that blankspace.

Multiple example of this command could be

loop over ip’s and do a simple ping over the entire ip range. (cases where we don’t have incremental range)
1. loop list_of_ip.txt “ping -c2 ”

running nikto scan over a range but this time adding the host in middle of command
2. loop list_of_host.txt “nikto.pl -host ” ” -port 80,443″

run a curl command and get headers of all hosts
3. loop list_of_host.txt “curl -I -k https://”

Run ike-scan using various combination of ike-group names
4. loop list_ike_groups “ike-scan IPv4_ADDRESS -A -M –id=”

Run checks for ms15-034 across a large range reference
5. loop ms15-034.txt ‘curl http://’ ‘/ -H “Host: test” -H “Range: bytes=0-18446744073709551615″‘

Do you like what you read, What to share it

Leave a Reply

Your email address will not be published. Required fields are marked *