1

I am trying to write a script that connects to a list of IPs on port 53 - and I want the result to return only open ports. Here is the script I am running below - I have tried grepping and cutting the output but im not sure I am doing this correctly - I cant seem to pipe the script results to a text file either.

#!/bin/bash

for ip in $(seq 200 254); do
    nc -v 192.168.11.$ip 53 &
done

I apologise for its simplicity I am new - and if the solution is elsewhere

Improve this question

2 Answers 2

Reset to default
2

Check for the command's exit code, it should be zero for a successful connection. Also use the -z option to drop the connection once it has been established.

#!/bin/bash

for ip in $(seq 200 254); do
    nc -z 192.168.11.$ip 53
    if [ $? -eq 0 ]; then
        echo "Hit: 192.168.11.$ip"
    fi
done

If you were using nmap instead of netcat, you could have used this:

nmap 192.168.11.200-254 -p 53

PS. If you're trying to determine which hosts run DNS server, you should scan for open 53/udp, not 53/tcp (option -u in netcat)

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Also check for fpdns tool, it comes quite handy for DNS fingerprinting. linux.die.net/man/1/fpdns
if nc -z 192.168.11.$ip 53; then echo...; fi. No need to check $? explicitly.
0

If you want all the output of a command to go to a file use &>. In your example you could use:

#!/bin/bash

for ip in $(seq 200 254); do
    nc -v 192.168.11.$ip 53 &>> myFile
done

Then you can manipulate (grep, sed, awk, etc.) myFile however you want.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.