Category Bash Scripting

Random HTTP Request Generator – “generator.php”

This generates the Header Request Information to be sent to a Destination URL.
For Testing Purposes Only – Some Files Have Been Excluded.
The Destination URL tracks incoming HTTP Requests and filters them for “bad data” or
“Spoofed Requests” such as the requests generated here.

This is a simple and no frills way to monitor your servers.
You will need to create the file “urls.txt” in the same folder as the “active-servers.php” file.

Examples – urls.txt:
https://www.my-website.com/
http://localhost/
http://www.my-website.com/some/page.php

Navigate to the active-servers.php file. ( http://www.your-site.com/scripts/active-servers.php)
Online Servers will be Lime and Offline Servers, Red.

active-servers.php

<head>
<title>Active Servers</title>
</head>
<body style=”background-color: #0c0c0c;”>
<div>
<table width=”100%” height=”100%”>
<tr>
<td>
<table style=”margin-bottom: 100%;text-transform: uppercase;”>
<?php
$fn = fopen(“urls.txt”,”r”);
while(! feof($fn)) {
$result = fgets($fn);
$server=gethostbyname(parse_url($result, PHP_URL_HOST));
if (fsockopen($server, 80)){
echo (‘ <tr><td><b><a style=”color: Lime; text-decoration: none;”href=”‘.$result.'” target=”viewer”>’.$result.'</b></td></tr>’. “\r\n”);
} else
{
echo (‘ <tr><td style=”color: #a00000″>’.$result.'</td></tr>’. “\r\n”);
}

} fclose($fn); ?>

</table>
</td>
<td width=”100%”><iframe align=”right” class=”viewpanel” src=”” name=”viewer” frameborder=”0″ width=”100%” height=”600px”></iframe></td>
</tr>
</table>
</div>
</body>

This is just a fun little toy that happened while working on MySQL Automation.
The files used are first_names.txt, last_names.txt and domains.txt.
Reading random lines from the files in order creates the “Fake Email Address” and using [array_rand($variable)]; each email address is somewhat unique as I’m only using 80,000 names (give or take a few hundred).

All Files: fake-email-generator.zip

#!/bin/bash
$first_names = 'first_names.txt';
$last_names = 'last_names.txt';
$dom = 'domains.txt';

    $firstname = file($first_names);
    $fdata = $firstname[array_rand($firstname)];
    $first = $fdata;

        $lastname = file($last_names);
        $ldata = $lastname[array_rand($lastname)];
        $last = $ldata;

    $comd = file($dom);
    $edata = $comd[array_rand($comd)];
    $com = $edata;

        $first = preg_replace('/\s+/', '', $first);
        $first = strtolower($first);
        $last = preg_replace('/\s+/', '', $last);
        $last = strtolower($last);
        $com = preg_replace('/\s+/', '', $com);

    echo $first."@".$last.$com;]

This is pretty basic and I like it that way.
Using ffmpeg to capture the integrated web cam on my laptop and my USB webcam plugged in and then creating an archive to store subsequent photos in.
Part of a bigger project.

#!/bin/bash
# Set date for file naming
date=$(date +"%Y-%m-%d_%H%M%S")
    # Take photo using Integrated Webcam
      ffmpeg -f v4l2 -video_size 1280x720 -i /dev/video0 -frames 1 int.$date.jpg

    # Take photo using USB Webcam
      ffmpeg -f v4l2 -video_size 1280x720 -i /dev/video1 -frames 1 usb.$date.jpg

    # Add all .jpg files to payload.zip
      zip payload.zip *.jpg

    # Remove all .jpg files now
      rm *.jpg

    # Set time between photos
      sleep 10

    # Exit and start over
./$(basename $0) && exit

Using Netcat may be “Old School”, but so am I, so I love using Netcat for simple tasks or just chatting without Big Brother paying too much attention. I love using Bold Text too.

These are two separate scripts, one for use on a server, “server.sh” (home pc/Pi/laptop or and server that allows you to use Netcat) and “client.sh”, which you can use on your Android or Laptop etc from a mobile location.
Of course you’re going to have to set permissions and run them. I highly suggest editing out the sleep function and using cron if you’re savvy as this is really meant to update files such as remote sensors, cameras etc.

*Edit the IP address to your server in client.sh.

server.sh

#!/bin/bash
clear
    echo "Server Running."
        mkdir incoming
    date="$(date +'%Y-%m-%d_%H-%M')"
    file="incoming/payload.file"
# Set the Servers Port To Listen On
    echo $(nc -l 1234 > $file)
        mv $file "incoming/$date.payload"
    echo "File Recieved."
    sleep 10
./$(basename $0) && exit

client.sh

#!/bin/bash
clear
mkdir outgoing
    echo "Client Running."
        file="outgoing/payload.file"
# For Demo Only
    touch $file
    echo "Some Data" >> $file
# Set The Server IP and Port To Connect To
    echo $(nc -w 3 192.168.1.XXX 1234 < $file)
    echo "File Sent."
    sleep 60
./$(basename $0) && exit

Example script using OpenSSL AES 256 with Salt and a random generated password.
It’s the little things.

#!/bin/bash
clear
echo "Input String:"
    read input
        pass=$(echo cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 1024 | head -n 1)
        encrypt="$(echo -e $input | openssl aes-256-cbc -pbkdf2 -iter 20000 -salt -a -e -k $pass)"
        decrypt="$(echo -e $encrypt | openssl aes-256-cbc -pbkdf2 -iter 20000 -salt -a -d -k $pass)"
    echo -e "Encrypted String: "$encrypt
    echo -e "Decrypted String: "$decrypt
    echo "Hit Any Key.."
  read anykey
./$(basename $0) && exit

A simple and easy to use port scanner that allows the user to input a URL or IP Address and Port Range to scan using Netcat and Nmap and also works exceptionally well with proxychains.

#!/bin/bash
date="$(date +%y-%m-%d_%H:%M:%S)"
log="$date.log"
touch $log
clear
    echo "Enter URL:"
     read url
    echo "Start Port:"
     read Sport
    echo "End Port:"
     read Eport
clear
    port=0
        while [ $port -lt $Eport ]; do
        nc -z -v $url $port 2>&1 | grep succeeded && echo $port >> $log
        let port=port+1 
    done
        while IFS= read -r openport
    do
        clear
        echo "Scanning $url - CTRL C to Abort"
        nmap -p $openport $url >> $url.txt
    sleep 5
    clear
done < $log
rm $log

BashKat is pretty straight forward and really easy to use.
I made sure to add some “cute” to it with the emojis.
This bot will scrape from user input or a file using the wget function (example: urls.txt) and it’s Super Fun when using Proxychains.

#!/usr/bin/env bash
# BashKat Version 1.0.2
# K0NxT3D

# Variables
BotOptions="Url File Quit"

# Welcome Banner
clear
printf "✨ BashKat 1.0 ✨\nScrape Single URL/IP or Multiple From File.\n\n" && sleep 1

# Bot Options Menu
select option in $BotOptions; do

# Single URL Scrape
   if [ "$option" = "Url" ];
    then
      printf "URL To Scrape: "
       read scrapeurl
     mkdir -p data/
    wget -P data/ \
     -4 \
     -w 0 \
     -t 3 \
     -rkpN -e robots=off \
     --header="Accept: text/html" \
     --user-agent="BashKat/1.0 (BashKat 1.0 Web Scraper Utility +http://www.bashkat.bot/)" \
     --referer="http://www.bashkat.bot" \
     --random-wait \
     --recursive \
     --no-clobber \
     --page-requisites \
     --convert-links \
     --restrict-file-names=windows \
     --domains $scrapeurl \
     --no-parent \
         $scrapeurl

      printf "🏁Scrape Complete.\nHit Enter To Continue.👍"
       read anykey
./$(basename $0) && exit

  elif [ "$option" = "File" ];
   then
      printf "Path To File: "
       read filepath
     while IFS= read -r scrapeurl
      do
     mkdir -p data/
    wget -P data/ \
     -4 \
     -w 0 \
     -t 3 \
     -rkpN -e robots=off \
     --header="Accept: text/html" \
     --user-agent="BashKat/1.0 (BashKat 1.0 Web Scraper Utility +http://www.bashkat.bot/)" \
     --referer="http://www.bashkat.bot" \
     --random-wait \
     --recursive \
     --no-clobber \
     --page-requisites \
     --convert-links \
     --restrict-file-names=windows \
     --domains $scrapeurl \
     --no-parent \
         $scrapeurl 
     done < "$filepath"
      printf "🏁Scrape Complete.\nHit Enter To Continue.👍"
       read anykey
./$(basename $0) && exit

 elif [ "$option" = "Quit" ];
 then
   printf "Quitting🏳"
    sleep 1
     clear
      exit
# ERRORS
  else
   clear
    printf "❌"
    sleep 1
   ./$(basename $0) && exit
  fi
 exit
done

Paparazzi: A basic Screenshot Utility (Bot) for collecting screenshots of IP addresses and or URLs.
This script requires a personal API key and you can get yours here: BrowShotAPI

#!/usr/bin/env bash
# Paparazzi 1.0 - K0NxT3D 2021
# Website ScreenShot Utility
# Bash: ./bot

# Variables
    BotOptions="Url File Quit"
    images="./images"

# Welcome Banner - Create Directories
    mkdir -p $images
    clear
    printf "Paparazzi 1.0 - K0NxT3D\n"
    sleep 1

# Bot Options Menu
    select option in $BotOptions; do

# Single URL/IP Scan
    if [ "$option" = "Url" ];
     then
      printf "IP/URL To Scan: "
    read url
        curl -L "https://api.browshot.com/api/v1/simple?url=$url&key=ENTER YOUR KEY HERE" -o $images/$url.png
      printf "Finished Scanning.\nHit Enter To Continue.."
    read anykey
./bot

# Multiple URL/IP Scan From File (example: urls.txt)
    elif [ "$option" = "File" ];
     then
      printf "Path To File: "
    read filepath
        while IFS= read -r url
        do
          curl -L "https://api.browshot.com/api/v1/simple?url=$url&key=ENTER YOUR KEY HERE" -o $images/$url.png
        done < "$filepath"
    printf "Finished Scanning.\nHit Enter To Continue.."
 read anykey
./bot

# Quitter!!!
    elif [ "$option" = "Quit" ];
     then
        printf "Quitting!"
    sleep 1
clear
exit

# ERRORS
    else
    clear
        printf ""
    sleep 1
   bash ./bot
fi
exit
done

Installing Linux Apache, MySql and PhP also known as a LAMP Server can be an easily automated process and save you from  countless hours of headaches.

LAMP Server Installation Script (Dry Build – Test Before Running):

#!/usr/bin/env bash
###############################################
# #
# Basic Server Installer - K0NxT3D 2020 #
# DRY BUILD - DO NOT RUN #
# #
###############################################

# Configuration
#
# Variables:
INST_DIR="/var/www/html/" # Default Linux Apache2 Install Directory
PASQL="Your-MySql-Root-Password-Goes-Here" # Set the MySql root Password
BROWS="Your-Default-Browser" # firefox, google-chrome, google-chromium, safari
MYURL="localhost" # Default Setting
#
# END Configuration

# Begin The Basic Server Install
sudo apt-get install lamp-server^ -y
clear

# Configure MySql
sudo mysql -u root
echo ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '$PASQL'; && set -v
echo FLUSH PRIVILEGES;&& set -v
echo quit && set -v
sudo service mysql restart && set -v
clear

# Install PhpMyAdmin
sudo apt-get install phpmyadmin -y
#sudo apt install phpmyadmin php-mbstring php-gettext
clear

# Install WordPress
cd $INST_DIR
wget https://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz
cd wordpress
mv * $INST_DIR
cd $INST_DIR
rm -r wordpress
clear

# Finish WordPress Install
$BROWSE $MYURL

Lamp Server Removal Script:

#!/usr/bin/env bash
###############################################
# #
# Basic Server UnInstaller - K0NxT3D 2020 #
# DRY BUILD - DO NOT RUN #
# #
###############################################

# This will remove LAMP not Site Files.
sudo service apache2 stop
sudo apt-get purge apache2 apache2-utils apache2.2-bin apache2-common
sudo apt remove apache2.*
sudo apt-get autoremove
whereis apache2
sudo rm -rf /etc/apache2

# This will remove PHP
sudo apt-get purge `dpkg -l | grep php7.2| awk '{print $2}' |tr "\n" " "`
sudo apt-get purge php7.*
sudo apt-get autoremove --purge
whereis php
sudo rm -rf /etc/php

# This will remove MYSql
sudo service mysql stop
sudo apt-get remove --purge *mysql\*
sudo apt-get remove --purge mysql-server mysql-client mysql-common -y
rm -rf /etc/mysql
sudo apt-get autoremove
sudo apt-get autoclean

sudo reboot

You can add custom lines to the install script and mirror them in the removal script as well.
This is just a basic installation to get a site up and running. I use PhPMyAdmin or my Hosting Cpanel to setup the user database for WordPress separately.