This article contains a list of scripts I have either written myself or downloaded from the internet and modified. The scripts are written in Bash, Python, and PowerShell. I hope you find them useful. Feel free to use and modify them according to your needs.
However, it is important to test them in a secure environment and thoroughly understand their functionality before using them in a production environment. I do not take any responsibility for improper use or any damage caused by using them.
1. Networking & Security
1.1 Automatic Deployment VyOS Live ISO on VMware VM
The Bash script deploy_vyos-1.3.0.sh creates VMware disk and starts QEMU VM with the attached disk and serial console running on the port 3355. The Expect script install_vyos-1.3.0.sh connects to the console of QEMU VM and it installs VyOS ISO 1.2.0.
1.2 Creating VyOS ISO Image
The Bash script create_vyos_iso.sh builds VyOS ISO from source.
1.3 Automatic Deployment of DRBL (Clonezilla) Server
The script deploy_drbl.sh installs and configure DRBL server on Ubuntu with a single Ethernet card. You have to provide the name of Ethernet interface as an argument. The script creates a virtual interface for you based on a physical interface. It also downloads a DRBL project public key, download and install drbl package from repository.
1.4 Secure Copy with Rsync from SSH server
The script copy.sh keeps copying files with rsync command while a return value of the rsync command is not zero. Just edit script and set server IP address and the both remote and local directories.
1.5 Collecting MAC and IP addresses of Hosts Connected to Cisco Switches
The script getmac.sh collects info about ports, MAC address and IP address of hosts connected to Cisco switches. It uses SNMP protocol to do this task so switches must contain a valid SNMP configuration. You can also use the NMS appliance based on Linux Core and the script stored in /home/tc/ directory.
1.6 Cloning Remote Linux Machines
The script automates a process of cloning disks of remote Linux machines. The script reads IP addresses from a file and uses credentials you provide as command-line arguments for SSH connection.
Version 1.1 Features:
-
- authentication via user root (SSH) is removed, instead sudo is used
- password for sudo is read from stdin, no modification of sudoers is done
- username and password for SSH and disk name are no longer provided as script arguments; instead user is prompted for input
1.7 Public Key Authentication on Cisco IOS
The Bash script addkey.sh and the Expect script addkey.tcl deploy your pub key on remote Cisco routers. The Bash script loops over IP addresses of your routers stored in a text file and send IP address as an argument to the Expect script together with login credentials. The Expect script establishes connection to a router using SSH and it adds a hash of your pub key into to a configuration file of your router. It also creates a new privilege user with privilege level 15.
1.8 Downloading Linux CorePure64 ISO Image
The Bash script download_core64.sh automates a process of downloading the latest Linux CorePure64 ISO image. It also creates 1GB disk VMDK image and start Qemu VM with parameter -cdrom and attached CorePure64 ISO.
1.9 IP Address Configuration for Linux Core
The Bash script assign_ip.sh assign IP address to Core Linux from the subnet 192.168.x.0/24. Just copy the commands from the script to Core Linux CLI.
1.10 Router/Switch based on Ubuntu Server
The Bash script install_router.sh configures the Ubuntu server 18.04.x to install FRRouting and Openvswitch packages. The script enables IPv4 forwarding and configure Ubuntu to redirect output to a serial console. It also reduces timeout for network interfaces to 15sec during boot and it keeps old-style name for network interfaces (eth0, eth1...).
1.11 Bridging Tap and Ethernet Interfaces
The Bash script bridge_interfaces.sh takes number of required tap interfaces as an argument, creates the interface br0 and adds all tap interfaces to the bridge br0 along with the Ethernet interface. The script also assigns a particular IP address to the interface br0 and it configures the IP 0.0.0.0 for the Ethernet interface. The script delete_interfaces.sh detects the number of the tap interfaces, remove all tap interfaces along with the Ethernet interface from the bridge br0. Finally, it deletes the bridge at all.
1.12 Collect Hashes From Remote Computers
The script collect_hashes.sh automates a process of collecting hash values of all files on remote computers. The script reads IP addresses from a file and uses provided credentials to connect to remote machines. It firstly checks if all the computers are reachable. If not, the script will end. Once connectivity checking is done, the script will ask you to select whether you wish to store hashes either locally or remotely. If hashes are stored locally, a separate file is created for each IP address on your local machine and the hashes are stored into the file. The file format is hash_type-ip.txt e.g. md5-192.168.1.1.txt. You can check progress of hash collection by checking the size of the file, as more and more hashes are added to it on the fly. If hashes are stored remotely, you must download them manually from remote computers, e.g. with scp utility.
1.13 Sending Message to Multiple Facebook Friends
Python scripts send a predefined message to Facebook friends. The friend.py script detects all the friend links and returns them to send_message_fb.py as a list. The config.py script contains the links of the friends that should be excluded from receiving the message. The message is also defined in the config.py file. Finally, the send_message_fb.py script sends the message sequentially to the friends.
v0.1
1.14 Unlocking Pokec Photo Album with Python
Python scripts - config.py, passwords.py and pokec.py can be used to unlock the photo album of a user of the popular Slovak social network Pokec. All configuration settings are included in the config.py. The album will only be unlocked with a correct password that must be defined in the passwords.txt file.
v0.1
1.15 Collecting and Processing Data from Pokec using Python
The script pokec_get_stats.py saves all links to open Pokec rooms in the room_list array and visits all rooms in turn. After entering the room, the script counts the users, counts the number of women and men in the room and calculates their percentage, and also calculates their average age. The script also reports the city from which the most users come, along with the number of users.
v0.1
1.16 Spanning-Tree Attack
The script stp_attack_rp.py automates the sending of a malicious BPDU to Cisco switch. The argument to the script is a MAC address of the Kali Linux OS interface. Change the interface name in the script accordingly.
$ sudo python3 ./stp_attack_rp.py 0c:c0:1e:ee:00:00
1.17 Dynamic Trunk Protocol Attack
The script dtp_attack.py automates the sending of a malicious Dynamic Trunk Protocol packets to a Cisco switch. The argument to the script is a MAC address of the Kali Linux OS interface. Change the interface name in the script accordingly.
$ sudo python3 ./dtp_attacl.py 0c:c0:1e:ee:00:00
1.18 ARP Spoofing Attack
The script arp_mitm.py automates can be used for ARP cache poisoning of two hosts in LAN in order to conduct Man-in-the-Middle attack. The arguments to the script are the name of the attacker (Kali) Ethernet interface, the IP address of the victim, and the IP address of the default gateway.
$ sudo python3 interface_name victim_ip gateway_ip
Press Ctrl-C to end the attack. The script captures the key combination and sends a sequence of ARP packets to populatee ARP cache of the victim and the router. with correct MAC addresses.
1.19 Wake up Computers in LAN with PowerShell
The PowerShell script Invoke-WakeOnLan.ps1 is used to wake up computers on a local area network (LAN). I have modified this script, but didn't originally write it. Make sure your computers are set to accept WOL messages in BIOS.
Download the script the script to your Windows computer. Move the script to a directory, e.g., /Users/admin/Desktop. To run the script Press Win + R, type "powershell", then press Ctrl + Shift + Enter to open PowerShell as administrator.
Check the execution policy with Get-ExecutionPolicy. If it's "Restricted," change it to "RemoteSigned" with Set-ExecutionPolicy RemoteSigned command.
> .\Invoke-WakeOnLan.ps1 -MacAddress 00:12:35:11:f2:f7, 77:80:56:e7:a9:c8
2. Multimedia
2.1 Extracting MP3 from YouYube Videos with Youtube-dl
I am extremely bad in remembering correct syntax of commands so I wrote a Bash script convert video.sh based on the script youtube-dl which converts my favorite youtube videos to mp3 format. The script takes a YouTube link as an argument.
2.2 Convert CD Audio to MP3
The Bash script cda to mp3.sh converts CD audio to MP3.
2.3 Convert Video to MP3
The Bash script video to mp3.sh converts video to MP3.
2.4 Download YouTube Videos With Youtube-dl From Google Chrome Bookmarks
The Bash script youtube-bookmarks-mp3.sh simultaneously downloads videos from YouTube using saved Google Chrome bookmarks and it converts them to MP3 audio.
3. Security & Hacking
3.1 Hacking Clonezilla SE PXE Boot Client Password
The script get plain pass.sh mounts a remote NFS directory on DRBL server and extracts a plain text password. The script takes an IP address of DRBL/Clonezilla server as an argument.
3.2 Simple Ransomware
The script ls.sh uses openssl to encrypt doc docx txt xls and some other files with aes256 encryption algorithms and send an encryption key to a particular email address.
3.3 Dictionary Attack Against SSH Server
The script getsshpass-0.9.sh performs a dictionary attack against SSH server. It reads usernames and passwords from dictionaries (one file for a username and one file for a password) and uses them to login to SSH server. The script also supports interrupted guessing.
3.4 Change MAC Address Randomly
The script change_mac.sh changes MAC address for chosen interface in a given time interval.
3.5 Cipher
The utility cipher_encrypt.py takes the clear_text.txt file as input. It first capitalizes all letters and then encrypts the text with Caesar cipher. The shift value for the Caesar cipher is set by the variable rotation and is performed on the string defined by the variable template. The result of Caesar cipher is the input for the Rail fence cipher. The number of rows can be set using the variable k. The encrypted message is saved in the cipher_text.txt file.
The second tool, cipher_decrypt.py, executes the Rail fence cipher on the encrypted file, and finally uses the Caesar cipher to decrypt the output from Rail fence cipher. Of course, the both utilities must be configured with the same variables k, rot, and the same template string.
Hi, pls add script to 1.5 Collecting MAC and IP addresses of Hosts Connected to Cisco Switches. Thx.
Done. You can also read the article here.