Don't Be a Script-Kiddie part2: Building an Auto-Exploiter Bash Script

Hello null_byters, after some time out here we are again with another tutorial, continuing our beautiful series, today we will write our first real world bash script.

BEFORE WE START

Before we start today's lesson Let's recap what we learned in the previous lesson, right now I hope you are to understand the following:

1-BASIC UNDERSTANDING OF SHELL
As we learned from last class shell is a user interface for access to an operating system's services.

2-CAN RUN LINUX COMMANDS

We also learned what is terminal, in case you forgot This is a program that opens a window and lets you interact with the shell

3-CAN WRITE A HELLO WORD BASH SCRIPT
We wrote our first hello planet bash script and explained the basic syntax off bash script.

4-CAN EXECUTE SHELL SCRIPT
Then we gave permissions to the script and then we were able to run it

5-CAN EXECUTE A SCRIPT WITHOUT THE FLAG "./"
The last thing we did was to create a bin folder for our scripts that we could then run it without the "./"

WHAT IS an AUTO____________EXPLOITER ?

constantly we find ourselves doing the same chores again and again.

Like every time we reboot our machine we have to start our vpn or any other useful tool, another example is when we want to hack a target, we first use tools such nmap to do some recon on the target, then we have to run another tool for vulnerabilities scans and so on, this is where the auto comes in, with the help of bash we can build a script that will automatically do all this task for us, just like a robot we will program.

Then auto_exploiter is a tool that will exploit more than one exploit in one click, just like a an automatic gun, with one shot we can achieve various targets.

what does our auto_exploiter will be able to do?

1-RECONNAISSANCE
2-WEBSITEHACKING
3-WIFIHACKING
4-EMAILHACKING
5-SERVERHACKING

But as i don't want you to be a script-kiddie i wont finish this script, for today the script will work properly for the 1(RECONNAISSANCE) and 2(WEBSITEHACKING) , the rest i will leave it with a simple comment for you to finish them by your own, and its really easy, after you finish reading this tutorial you will be able to finish all of them and probably add more, so lets start building our robot.

WHAT WE HAVE to UNDERSTAND BEFORE WE START BUILDING OUR ROBOT?

In case you want to just follow the tutorial without writing the script the full code can be founded here
http://codepad.org/vbAPc7w6

First lets understand simple things we use in this bash script

THE ECHO

as we learned from the last lesson echo is a built-in command in the bash and C shells that writes its arguments to standard output

The syntax for echo are :

echo option(s) string(s)
echo "im not a scipt-kiddie anymore"
echo "$name_any_variable"

You can google echo to see more options, as we will use echo a lot of times in our script you must understand how to use it.

COMMENTS

In my opinion comments are more important then code,commenting code can also lead to a better understanding of the program and may help uncover bugs before testing. For both aesthetic and practical reasons, good commenting is an essential and often overlooked programming skill.

Just like echo, comments can be done in a lot of different ways, but today we will use the "#" to make our comments , so everything that comes after the "#" will be ignored by the compiler, an example could be

#this is a simple comment
The line above will be ignored by the compiler if inside a bash script

YOUR SIGNATURE AND GREETZ TO YOUR FRIENDS

Another cool things hackers often do inside their scripts is to leave their signature and give greets to their team or friends, in bash this can be done simply with echo and some creativity, for example today we will use the following signature plate:

That is the place where you can put your name, give greets to me, hahahahah just kidding, there you can give greets to friends or people that help you to build the tool, put your contact info and so on.

OUR MENU

Another thing we often see in real world script are the menu that make us interact with the tool, just like the signature plate, the menu can be done with echo as well, so our menu will be done with the following code:

As you can see its very easy to build signature plates and menus, all we need is the "echo" and our creativity, now save this script and run it, again in case you don't know how to run bash script just read our first lesson https://null-byte.wonderhowto.com/how-to/dont-be-script-kiddie-part1-introduction-shell-script-0166096/, you can run it by either moving the script to the bin folder we created in the last lesson, or in case you just want to run it now, save it as auto_exploiter.sh give the permissions and then run it with "./" as the example bellow.

chmod +x null_byte.sh
./auto_exploiter.sh_

Notice that in my case i did not have to run it using the "./" because the script is already in my bin folder, so i just type in terminal the name of the script and we can see that i got it running perfectly, as showed in the pic above, we have done the signature ,greetz plate and the menu of our script, so for now our script is expecting an interaction with the user, its time for us to read the input from users and store it in a variable,this is what we are going to talk about next.

VARIABLES in BASH SCRIPT

The good thing about variable in bash is that they do not have to be declared. But, when you access the variable which is not used so far, you will not get any warning or error message. Instead, it will display a blank value

echo "Variable ONE is: $Null"
Null="Byte"
echo "Variable TWO is: $Null"

The output would be
Variable ONE is:
Variable TWO is: Byte

Another beautiful thing about variables in bash script is that you can assign Output of Shell Command to a variable
Syntax
var=`command-name-here`
example
exploit="mkdir "

Here the variable exploit will be used inside the script to create directories, as we know the command mkdir has this function, you can change to something more efficient, as we are going to use today.

Lets say we want to make a script that automatically pings an ip the user input, the code can be something like:

#!/bin/bash
echo "input the ip address"
read ip
echo "$ip"
ping_ip="ping $ip"
$ping_ip

Save it as ip.sh and give the permissions to run it

The output would be:

As we can see, we stored the command ip inside of our variable, and we were able to ping the ip without writing the command ping.

Understanding the script
the 1st and 2nd line i don't need to explain, the 3rd line "read ip"

"read" means that we will read the users input and store the data in a variable called ip, the echo in the 4th line is just to show you that after the "read " the ip was stored in the variable called ip, int the 5th line we created another variable that will store the ping command with the ip given by the user, finally in the last line we run the variable ping_ip

VARIABLES and CONDITIONS INSIDE OUR AUTO____________EXPLOITER

Now that we know how get user input and store it in a variable, now we have to store the decision the user will make during our menu screen.

In my case i used a variable called "type", you could name it to anything else, type will store the decision and then pass it to our conditions.

WHAT ARE CONDITIONS?

Often a computer program must make choices on which way to proceed, e.g., if the ball is in bounds, do one thing, else, do something different... if the data has all been processed, end the program, else continue to the next data item... while the player has lives left continue the game.

These "things" are called Conditions

For this script to work properly you will undoubtedly have to use conditions a lot, for example for and if … then construct or a while loop. The syntax of these conditions can seem a bit daunting to learn and use.

if <condition>; then
<commands>
fi
There are a lot of ways to make a conditions but for this script we will be using this syntax

I guess if you have a programming background, you would easily understand the code.
the line 22 its an condition
if $type eq 1 ; then

"type" is a variable i'm using to store the users decision, the -eq is an operator means "equal" to 1, in case the user choose reconnaissance, then we ask the user to input the ip address of the target, after that we store it in a variable called recon_ip , what we need to do next is to create a variable that will store the commands we want to run on given ip address

The FUN BEGAN

As we can see from the above pic we created 3 variables (recon 1,2 and 3)that will be responsible to do some automated tasks for us, if we take a look on it we will see that each variable holds a command that we are familiar with(for those who knows kali linux).

The first variable holds a command that calls a tool called "whatweb"(really useful for recon) and then run it with the ip the user input(you can also use domain name), the same happen to the other 2 variables, one store commands for dmitry and the other for nmap that are really good for recon.

If we go deep into the code we will see that the value stored by the recon 3 is more syntax , besides nmap syntax, we added "Pn" ( to get us bypassing firewalls ) and -D 10.0.0.1.... ( to bounce our ip inside the network) you can edit it according to what you think is better,as well you can add some other tools.

So save it and run the script again then choose the option " 1"

Wow! as we can see we did a recon on wonderhowto and we get a bunch of useful info about the website, info such as: aspnet version, httpserver, server location, and a lot of info from whois, ports and services running on respective ports, and much more, these are really useful info when we want to hack a website.

Of course wonderhowto is well protected, i used it just as an example, the internet is full of websites where you will find a lot of open ports and vulnerabilities.

WHAT NOW?

Now its all about you, i assume that now you are able to finish all the other items of our menu, all you gotta do is:
Repeat the conditions we use for recon, do for the others types of hack on menu.
For example for the 2nd item we could have something like this:

when we put this piece of code with our previous code, then we will have the 1st"reconnaissance" and 2nd"website_hacking" working in our script.

For website_hacking we use nikto and golismero to scan the targets, so save it and run the script again, but this time choose the option 2

As we can see from the above pic, our script now recognize the option 2, i used the ip address of http://www.baidu.com (chinese search engine, or chinese google).

For now its time for you to show to the world that you are not a script-kiddie, so edit and finish this script by yourself, according to your preferences.

WHAT YOU CAN DO with the SCRIPT

Anything, the script is free, you can build your own tools using this script, you can modify it, put your name in the signature plate and so on, just do not copy and paste, try to understand it, its very simple bash script, but a cool greet is always welcome...

see you in the next tutorial

the link for the full code is here:
http://codepad.org/vbAPc7w6

hacked by Mr__Nakup3nda