LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-13-2019, 06:56 PM   #1
nananie77
LQ Newbie
 
Registered: Mar 2019
Posts: 4

Rep: Reputation: Disabled
Need Help with Bash Script


Kindly help me find and fix errors in the Bash Script Below, I'm new to Bash.



#!/bin/bash
figlet VulnSCANNER
echo "By Tweneboah & Mildred"
select menu in "SQL" "XSS" "AUTH" "IIRB" "SM"
do
case $menu in

"SQL") # Sql Injection

echo "###################################################"
select ch in "Information Gathering" "vulnerablilty Scan"
do
case $ch in
"Information_gathering")
read -p "Enter IP/Domain name:" name
nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
;;
"domain_information")
read -p "enter the domain:" domain
echo -e "\033[31mwhois information of domain...........\033[m"
nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"

;;


esac

done

"XSS") # Cros-site Scripting


select ch in "Information Gathering" "vulnerablilty Scan"
do
case $ch in
"Information_gathering")
read -p "Enter IP/Domain name:" name
nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
;;
"vulnerablilty_scan")
read -p "enter the domain:" domain
echo -e "\033[31mwhois information of domain...........\033[m"
nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"

;;


esac
done




"AUTH") # Broken Authentication and Sesion Management
select ch in "Information Gathering" "vulnerablilty Scan"
do
case $ch in
"Information_gathering")
read -p "Enter IP/Domain name:" name
nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
;;
"vulnerablilty_scan")
read -p "enter the domain:" domain
echo -e "\033[31mwhois information of domain...........\033[m"
nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"

;;


esac
done
;;

"IIRB") # Insecure Indirect Reference Object
select ch in "Information Gathering" "vulnerablilty Scan"
do
case $ch in
"Information_gathering")
read -p "Enter IP/Domain name:" name
nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
;;
"vulnerablilty_scan")
read -p "enter the domain:" domain
echo -e "\033[31mwhois information of domain...........\033[m"
nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"

;;


esac
done


"SM") # Security Misconfiguration
select ch in "Information Gathering" "vulnerablilty Scan"
do
case $ch in
"Information_gathering")
read -p "Enter IP/Domain name:" name
nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
;;
"vulnerablilty_scan")
read -p "enter the domain:" domain
echo -e "\033[31mwhois information of domain...........\033[m"
nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"

;;


esac
done





;;

esac
done
 
Old 03-13-2019, 08:12 PM   #2
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: FreeBSD/Slackware-14.2+/ArcoLinux
Posts: 9,146

Rep: Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947
code tags, code tags, code tags, code tags, code tags please.

Code:
#!/bin/bash

#figlet VulnSCANNER
echo "By Tweneboah & Mildred"
	select menu in "SQL" "XSS" "AUTH" "IIRB" "SM"
	do
		case $menu in

		"SQL") # Sql Injection

		echo "###################################################"
		select ch in "Information Gathering" "vulnerablilty Scan"
		do
			case $ch in
				"Information_gathering")
					read -p "Enter IP/Domain name:" name
					nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
			;;
				"domain_information")
					read -p "enter the domain:" domain
					echo -e "\033[31mwhois information of domain...........\033[m"
					nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"
			;;
	esac #first case

	done
		#out of place
		#"XSS") # Cros-site Scripting


	select ch in "Information Gathering" "vulnerablilty Scan"
	do
		case $ch in
			"Information_gathering")
					read -p "Enter IP/Domain name:" name
					nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
		;;
			"vulnerablilty_scan")
					read -p "enter the domain:" domain
					echo -e "\033[31mwhois information of domain...........\033[m"
					nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"

		;;


	esac
	done



#out of place 
	#"AUTH") # Broken Authentication and Sesion Management
	select ch in "Information Gathering" "vulnerablilty Scan"
	do
		case $ch in
			"Information_gathering")
				read -p "Enter IP/Domain name:" name
				nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
			;;
			"vulnerablilty_scan")
				read -p "enter the domain:" domain
				echo -e "\033[31mwhois information of domain...........\033[m"
				nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"
			;;


		esac
	done
		;;

		"IIRB") # Insecure Indirect Reference Object
	select ch in "Information Gathering" "vulnerablilty Scan"
	do
		case $ch in
		"Information_gathering")
			read -p "Enter IP/Domain name:" name
			nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
		;;
		"vulnerablilty_scan")
			read -p "enter the domain:" domain
			echo -e "\033[31mwhois information of domain...........\033[m"
			nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"
		;;
		esac
	done

		#out of place
	#"SM") # Security Misconfiguration
	
		select ch in "Information Gathering" "vulnerablilty Scan"
		do
			case $ch in
			"Information_gathering")
				read -p "Enter IP/Domain name:" name
				nmap -vv $name -sV -T4 -oX | grep "PORT" | grep "STATE" | grep "SERVICE" | grep "VERSION" | > open.txt
			;;
			"vulnerablilty_scan")
				read -p "enter the domain:" domain
				echo -e "\033[31mwhois information of domain...........\033[m"
				nnmap -sV --script=http-sql-injection $domain -oX | grep "^Nmap" | grep -v seconds grep "STATE" | grep "SERVICE" | grep "VERSION"
			;;


			esac
	done
	;;
	esac 
done
I commented out and commented on three mistakes. Now it gives a menu to pick from, what exactly you are doing or looking for it to do is beyond me.

Last edited by BW-userx; 03-13-2019 at 08:13 PM.
 
Old 03-13-2019, 09:19 PM   #3
nananie77
LQ Newbie
 
Registered: Mar 2019
Posts: 4

Original Poster
Rep: Reputation: Disabled
I tried to make more simple, but I still cant make it work. This is the new script I made:

#!/bin/bash

read "Enter IP Address: " ip

while test -n "$@"; do
case "$@" in
"")
echo "Usage: $0 [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]"
RETVAL=1
;;
1|sqli)
nmap -sC -p445 --script smb-vuln-ms17-010.nse $ip > $resul
# Check for vulnerability
valida=$(grep "State: VULNERABLE" $resul | wc -l)
if [ "$valida" != "0" ]; then
echo $IP >> virus/IP.txt
;;
2|xss)
nmap -sC -p445 --script smb-vuln-ms17-010.nse $ip > $resul
# Check for vulnerability
valida=$(grep "State: VULNERABLE" $resul | wc -l)
if [ "$valida" != "0" ]; then
echo $IP >> virus/IP.txt
;;
3|authentication)
nmap -sC -p445 --script smb-vuln-ms17-010.nse $ip > $resul
# Check for vulnerability
valida=$(grep "State: VULNERABLE" $resul | wc -l)
if [ "$valida" != "0" ]; then
echo $IP >> virus/IP.txt
;;
4|session)
nmap -sC -p445 --script smb-vuln-ms17-010.nse $ip > $resul
# Check for vulnerability
valida=$(grep "State: VULNERABLE" $resul | wc -l)
if [ "$valida" != "0" ]; then
echo $IP >> virus/IP.txt
;;
5|IIRO)
nmap -sC -p445 --script smb-vuln-ms17-010.nse $ip > $resul
# Check for vulnerability
valida=$(grep "State: VULNERABLE" $resul | wc -l)
if [ "$valida" != "0" ]; then
echo $IP >> virus/IP.txt
;;
esac
done

Please Help!
 
Old 03-13-2019, 09:41 PM   #4
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 15,448
Blog Entries: 25

Rep: Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449Reputation: 4449
Did you not see BW-userx's suggestion to use code tags, which become available when you click the "Go Advanced" button beneath the "compose post" window? (Once you know what they look like, you can just type them in.)

They make posts of code much easier to parse.
 
Old 03-13-2019, 09:54 PM   #5
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,464

Rep: Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915
Apart from formatting the code so that it becomes readable, you should also tell us precisely what is not working. Start by answering these questions: What to you expect the script to do, what does it do instead, what error messages (if any) are displayed.

Edit:

When you run this script, you get error messages like this:
Code:
$ sh bla.sh
bla.sh: line 3: read: `Enter IP Address: ': not a valid identifier
bla.sh: line 17: syntax error near unexpected token `;;'
bla.sh: line 17: `;;'
General advice: Read the error messages and act upon them.

Specifically, the first code line
Code:
read "Enter IP Address: " ip
violates Bash syntax. The read command doesn't take strings as parameters.

Also, there is a fi missing in line 17. The fi is required to terminate the if.

Last edited by berndbausch; 03-13-2019 at 10:00 PM.
 
1 members found this post helpful.
Old 03-14-2019, 02:12 AM   #6
nananie77
LQ Newbie
 
Registered: Mar 2019
Posts: 4

Original Poster
Rep: Reputation: Disabled
Thanks, I'm checking on that now
 
Old 03-14-2019, 02:22 AM   #7
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 13,098

Rep: Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143
try to use shellcheck.net to validate your script
 
Old 03-14-2019, 02:55 AM   #8
nananie77
LQ Newbie
 
Registered: Mar 2019
Posts: 4

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by pan64 View Post
try to use shellcheck.net to validate your script
After Checking at shell check, I got the the following code:

#!/bin/bash
echo "Enter IP Address: " read IP

while test -n "$@"; do
case "$@" in
"")
echo "Usage: $0 [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]"

;;
1|sqli)
nmap -sC -p445 --script smb-vuln-ms17-010.nse "$IP" > "resul"
# Check for vulnerability
valida=$(grep -c "State: VULNERABLE" "resul")
if [ "$valida" != "0" ]; then
echo "$IP" >> virus/IP.txt

fi
echo "$valida is not = 0"
;;
2|xss)
nmap -sC -p445 --script smb-vuln-ms17-010.nse "$IP" > "resul"
# Check for vulnerability
valida=$(grep -c "State: VULNERABLE" "resul")
if [ "$valida" != "0" ]; then
echo "$IP" >> virus/IP.txt
fi
echo "$valida is not = 0"
;;
3|authentication)
nmap -sC -p445 --script smb-vuln-ms17-010.nse "$IP" > "resul"
# Check for vulnerability
valida=$(grep -c "State: VULNERABLE" "resul")
if [ "$valida" != "0" ]; then
echo "$IP" >> virus/IP.txt

fi
echo "$valida is not = 0"
;;
4|session)
nmap -sC -p445 --script smb-vuln-ms17-010.nse "$IP" > "resul"
# Check for vulnerability
valida=$(grep -c "State: VULNERABLE" "resul")
if [ "$valida" != "0" ]; then
echo "$IP" >> virus/IP.txt

fi
echo "$valida is not = 0"
;;
5|IIRO)
nmap -sC -p445 --script smb-vuln-ms17-010.nse "$IP" > "resul"
# Check for vulnerability
valida=$(grep -c "State: VULNERABLE" "resul")
if [ "$valida" != "0" ]; then
echo "$IP" >> virus/IP.txt

fi
echo "$valida is not = 0"
;;
esac
done


But unfotunately, when I run the code, it goes infite loop:

Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session] [5|IIRO]
Usage: ./scann.sh [1|sqli] [2|xss] [3|authentication] [4|session]^C
 
Old 03-14-2019, 03:46 AM   #9
pan64
LQ Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 13,098

Rep: Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143Reputation: 4143
again, please use code tags - as it was mentioned earlier.
Obviously your condition in while loop does not work (as expected). You need to rework it.
 
1 members found this post helpful.
Old 03-14-2019, 03:47 AM   #10
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,464

Rep: Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915
You really have a hard time finding those code tags, don’t you. Direct your eyes a bit lower, and you will see my signature. It contains instructions how to use code tags. I won’t ruin what’s left of my eyesight by looking at your unformatted code.

By the way, how do you run this code? Can you share the precise command you entered?

Last edited by berndbausch; 03-14-2019 at 03:49 AM.
 
1 members found this post helpful.
Old 03-14-2019, 04:20 AM   #11
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,464

Rep: Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915Reputation: 915
I couldn’t resist checking the code. I will send you the invoice for new eyeglasses.

Your script is a while loop which ends when $@ has a non-zero length. Since you entered no parameters, $@ is empty, and the while loop never stops.

Last edited by berndbausch; 03-14-2019 at 04:24 AM.
 
Old 03-14-2019, 07:01 AM   #12
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: FreeBSD/Slackware-14.2+/ArcoLinux
Posts: 9,146

Rep: Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947Reputation: 1947
OP you really need to stop and take a breath, then put your script aside or a moment then focus your thoughts to, "what are code tags, and how do I use them in here?"

click go advance
click on the # symbol
then place your code in between them tags that the # symbol produced.

After you see what they look like. You can even type them in and they will still work.

Last edited by BW-userx; 03-14-2019 at 07:02 AM.
 
Old 03-14-2019, 07:04 AM   #13
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,719

Rep: Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034Reputation: 3034
Please read this :- http://www.catb.org/~esr/faqs/smart-questions.html

And then actually ask a question, which is not ... "Please fix my code that you know nothing about nor what it is or isn't doing?"
 
1 members found this post helpful.
Old 03-14-2019, 09:12 PM   #14
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,642

Rep: Reputation: 277Reputation: 277Reputation: 277
Wink

Quote:
Originally Posted by berndbausch View Post
I couldn’t resist checking the code. I will send you the invoice for new eyeglasses.

Your script is a while loop which ends when $@ has a non-zero length. Since you entered no parameters, $@ is empty, and the while loop never stops.
Yes I saw in Ebay an Eyeglass for Coders, it's AI integrated it will auto-highlight which line on the code has errors.
 
1 members found this post helpful.
  


Reply

Tags
bash, bash scripting


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Running bash script from another bash script bulletproof.rs Programming 5 12-10-2017 04:22 AM
[SOLVED] BASH Script - What am I doing wrong in this test? - BASH Script BW-userx Programming 34 04-08-2017 01:36 PM
SSH connection from BASH script stops further BASH script commands tardis1 Linux - Newbie 3 12-06-2010 08:56 AM
BASH - I Need a job - Need help with a script worm5252 Programming 32 01-03-2010 07:57 PM
Bash script to create bash script jag7720 Programming 10 09-10-2007 07:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration