您好,登錄后才能下訂單哦!
遠程批量抓取Ubuntu PC信息的腳本(多個腳本分工完成)
有多個知識點:
a、 帶密碼ssh登錄并批量執行
b、 nc命令檢查端口是否開放
c、 grep –w (對詞精確匹配)
d、 grep –A (顯示匹配行之后行的內容)
1、 從所有PC網段里篩選出有開放22端口的ip
root@archivebak:~# cat/usr/local/bin/pingubt.sh
#!/bin/bash
rm -rf /log/ip_ubt.txt
rm -rf /log/ssh_22_0_ok.txt
rm -rf /log/ssh_22_0.txt
touch /log/ssh_22_0_ok.txt
touch /log/ssh_22_0.txt
rm -rf /log/ssh_22_1_ok.txt
rm -rf /log/ssh_22_1.txt
touch /log/ssh_22_1_ok.txt
touch /log/ssh_22_1.txt
rm -rf /log/ssh_22_29_ok.txt
rm -rf /log/ssh_22_29.txt
touch /log/ssh_22_29_ok.txt
touch /log/ssh_22_29.txt
Net1="10 11 12 13 "
Net2="10 11 12 13 "
Net3="10 11 12 13"
for Net in $Net1
do
for inum in `seq 1 253`
do
IPP="10.0.$Net.$inum 22"
IP="10.0.$Net.$inum"
/bin/nc -v -w 5 -z $IPP > /dev/null2>&1
if [ $? -eq 0 ];then
echo $IPP:ok >> /log/ssh_22_0_ok.txt
echo $IP >> /log/ssh_22_0.txt
fi
done
done
for Net in $Net2
do
for inum in `seq 1 253`
do
IPP="10.1.$Net.$inum 22"
IP="10.1.$Net.$inum"
/bin/nc -v -w 5 -z $IPP > /dev/null2>&1
if [ $? -eq 0 ];then
echo $IPP:ok >> /log/ssh_22_1_ok.txt
echo $IP >> /log/ssh_22_1.txt
fi
done
done
for Net in $Net3
do
for inum in `seq 1 253`
do
IPP="10.29.$Net.$inum 22"
IP="10.29.$Net.$inum"
/bin/nc -v -w 5 -z $IPP > /dev/null2>&1
if [ $? -eq 0 ];then
echo $IPP:ok >> /log/ssh_22_29_ok.txt
echo $IP >> /log/ssh_22_29.txt
fi
done
done
2、遠程帶密碼ssh登錄腳本(expect腳本)
root@archivebak:~/pcu# cat/usr/local/bin/ssh_PC.exp
#!/usr/bin/expexct -f
set ip [lindex $argv 0]
set timeout 5
spawn ssh ming\\zhi.yang@$ip
expect {
"*(yes/no)*" { send "yes\r"; exp_continue}
"Password:" { send "****\r" }
}
expect "$*"
send "ifconfig | grep addr:10 | cut -b16-32\r"
send "hostname\r"
send "who | grep ming | head -n1\r"
send "cat /etc/issue\r"
send "exit\r"
expect eof
root@archivebak:~/pcu#
3、通過for循環對開放22端口的ip進行批量登錄(執行時須將輸出進行保存, sh host.sh&>> /log/pcu/users_0.txt)
root@archivebak:~/pcu# cat hosts.sh
#!/bin/bash
for IP in `cat /log/ssh_22_0.txt`
do
/usr/bin/expect /usr/local/bin/ssh_PC.exp$IP
done
root@archivebak:~/pcu#
4、統計ssh登錄成功ip的腳本
root@archivebak:~/pcu# cat ssh_22_0_no.sh
#!/bin/bash
rm -rf /log/pcu/ubt_ip_0.txt
rm -rf /log/pcu/ubt_ip_0_no.txt
touch /log/pcu/ubt_ip_0.txt
touch /log/pcu/ubt_ip_0_no.txt
for IP in `cat /log/ssh_22_0.txt`
do
Co=`cat /log/users_0_bak.txt | grep -w $IP| tail -n 1 | awk -F[:" "]+ '{print $3}'`
if [ $Co = $IP ];then
echo $IP >> /log/pcu/ubt_ip_0.txt
else
echo $IP >> /log/pcu/ubt_ip_0_no.txt
fi
done
root@archivebak:~/pcu#
統計結果到excel的腳本如下:
先對執行的輸出進行下整理(挑出成功部分存到另1文檔):
# cat grep_0.sh
#!/bin/bash
/bin/rm -rf /log/PC/exp2_0.txt
/bin/touch /log/PC/exp2_0.txt
for IP in `cat /log/ssh_22_0.txt`
do
/bin/cat /log/PC/exp_0.txt | grep -w $IP -A 10 | grep -v spawn | grep -v Wel | grep -v Pas | grep -v Conn | grep -v Last| grep -v https | grep -v updated | grep -v updates | grep -v exit | grep -v Unable | grep -v Received | grep -v Too | grep -v Please | grep -v Warning | grep -v ECDSA | grep -v programs | grep -v yes| grep -v Ubuntu | grep -v files | grep -v terms | grep -v The | grep -v denied >> /log/PC/exp2_0.txt
done
/bin/cat /log/PC/exp2_0.txt | grep addr:10. | grep -v ifconfig | uniq > /log/PC/exp3_0.txt
/bin/sed 's/[[:space:]]//g' /log/PC/exp3_0.txt > /log/PC/exp4_0.txt
/bin/sed 's/.\{5\}//' /log/PC/exp3_0.txt > /log/PC/exp5_0.txt
抓出成功的ip、主機名、用戶名信息到excel文檔中:
# cat csv_0.sh
#!/bin/bash
/bin/rm -rf /log/PC/csv_0.txt
/bin/touch /log/PC/csv_0.txt
for IP in `cat /log/PC/exp4_0.txt`
do
IPP=`echo $IP | sed 's/.\{5\}//'`
Host=`/bin/cat /log/PC/exp2_0.txt | grep -w $IP -A 10 | grep sh | grep -v @ | head -n 1`
User=`/bin/cat /log/PC/exp2_0.txt | grep -w $IP -A 10 | grep :0 | awk -F[:" "]+ '{print $1}' | head -n 1`
/bin/echo "$IPP,$Host,$User" >> /log/PC/csv_0.txt
done
/bin/sed 's/[[:space:]]//g' /log/PC/csv_0.txt > /log/PC/csv2_0.txt
/bin/cat /log/PC/csv2_0.txt | tr -s '[:blank:]'',' > /log/PC/csv_0.csv
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。