| skipped 298 lines |
| 299 | 299 | | echo " to do faster scans at the cost of completeness" |
| 300 | 300 | | echo " -p SECONDS Time that the process monitor will spend watching for" |
| 301 | 301 | | echo " processes. A value of 0 will disable any watch (default: 60)" |
| | 302 | + | echo " -S Serve the lse.sh script in this host so it can be retrieved" |
| | 303 | + | echo " from a remote host." |
| 302 | 304 | | } |
| 303 | 305 | | lse_ask() { |
| 304 | 306 | | local question="$1" |
| skipped 138 lines |
| 443 | 445 | | fi |
| 444 | 446 | | cecho "${lblue}Architecture:${reset} $lse_arch\n" |
| 445 | 447 | | echo |
| | 448 | + | } |
| | 449 | + | lse_serve() { |
| | 450 | + | # get port |
| | 451 | + | which nc >/dev/null || lse_error "Could not find 'nc' netcat binary." |
| | 452 | + | |
| | 453 | + | local_ips="`ip a | grep -Eo 'inet ([0-9]{1,3}\.){3}[0-9]{1,3}' | cut -d' ' -f2`" |
| | 454 | + | |
| | 455 | + | # Get a valid and non used port |
| | 456 | + | port=`od -An -N2 -i /dev/random|grep -Eo '[0-9]+'` |
| | 457 | + | port_valid=true |
| | 458 | + | while true; do |
| | 459 | + | for ip in $local_ips; do |
| | 460 | + | nc -z "$ip" "$port" && port_valid=false |
| | 461 | + | done |
| | 462 | + | if [ $((port)) -lt 1024 ] || [ $((port)) -gt 65500 ]; then |
| | 463 | + | port_valid=false |
| | 464 | + | fi |
| | 465 | + | $port_valid && break |
| | 466 | + | port=`od -An -N2 -i /dev/random|grep -Eo '[0-9]+'` |
| | 467 | + | done |
| | 468 | + | |
| | 469 | + | echo |
| | 470 | + | cecho " Serving ${white}Linux Smart Enumeration${reset} on port ${blue}$port${reset}.\n" |
| | 471 | + | echo |
| | 472 | + | cecho " Depending on your IP and available tools, some of these commands should download it in a remote host:\n" |
| | 473 | + | for ip in $local_ips; do |
| | 474 | + | [ "$ip" = "127.0.0.1" ] && continue |
| | 475 | + | echo |
| | 476 | + | cecho "${reset} [${blue}$ip${reset}]\n" |
| | 477 | + | cecho "${green} * ${white}nc ${reset} $ip $port > lse.sh </dev/null; chmod 755 lse.sh\n" |
| | 478 | + | cecho "${green} * ${white}curl ${reset}--http0.9 '$ip:$port' -o lse.sh; chmod 755 lse.sh\n" |
| | 479 | + | cecho "${green} * ${white}wget ${reset} '$ip:$port' -O lse.sh; chmod 755 lse.sh\n" |
| | 480 | + | cecho "${green} * ${white}exec 3<>/dev/tcp/${reset}$ip/$port;printf '\\\\n'>&3;cat<&3>lse.sh;exec 3<&-;chmod 755 lse.sh\n" |
| | 481 | + | done |
| | 482 | + | nc -l -q0 -p "$port" < "$0" >/dev/null |
| 446 | 483 | | } |
| 447 | 484 | | lse_header() { |
| 448 | 485 | | local id="$1" |
| skipped 810 lines |
| 1259 | 1296 | | ##) |
| 1260 | 1297 | | |
| 1261 | 1298 | | #( Main |
| 1262 | | - | while getopts "hcil:e:p:s:" option; do |
| | 1299 | + | while getopts "hcil:e:p:s:S" option; do |
| 1263 | 1300 | | case "${option}" in |
| 1264 | 1301 | | c) lse_color=false; lse_grep_opts='--color=never';; |
| 1265 | 1302 | | e) lse_exclude_paths "${OPTARG}";; |
| skipped 1 lines |
| 1267 | 1304 | | l) lse_set_level "${OPTARG}";; |
| 1268 | 1305 | | s) lse_selection="`printf \"%s\" \"${OPTARG}\"|sed 's/,/ /g'`";; |
| 1269 | 1306 | | p) lse_proc_time="${OPTARG}";; |
| | 1307 | + | S) lse_serve; exit $?;; |
| 1270 | 1308 | | h) lse_help; exit 0;; |
| 1271 | 1309 | | *) lse_help; exit 1;; |
| 1272 | 1310 | | esac |
| skipped 27 lines |
Diego Blanco
committed
4 years ago
1 parent 4b78cb8b