/bin/bash

Base64 scheme implementation in Bash

The Base64 encoding/decoding scheme has been implementing in many languages such as ANSI C, C++, C#, D, Java, JavaScript, Perl and many others. I found interesting to implement it in bash by using its powerfull bitwise operators.

- base64 encoder/decoder (sh, code)

NOTE (2011/05/03): This script is currently used to illustrate "extended brace expansion" and "bitwise operators" in the excellent Advanced Bash Scripting Guide.

Man-in-middle detection script

Here is a simple ARP spoofing detection script. It warns you when someone tries to sniff the network traffic of your box while you're connected on a LAN (see ARP spoofing attack for details). It checks the dump file of the kernel ARP table (/proc/net/arp) to see if there are more than one IP addresses associated with one single MAC address. If so, it shows an alert and displays the current poisoned ARP table. For a better usage, launch it into a xterm (as shown in the script header).

- Mitm detection script (sh, code)

*** At 09/08/07-18:01:31 - WARNING - MITM detected ***
IP address       HW type     Flags       HW address            Mask     Device
192.168.0.14     0x1         0x2         00:aa:bb:cc:dd:a4     *        eth0
192.168.0.254    0x1         0x2         00:aa:bb:cc:dd:a4     *        eth0

A MD5-Scheme password hashing script

A very small MD5 password hashing script! The "perl" command is required.

- MD5 Hash (sh, code)

$ ./md5-hash.sh Str0ngPwd
$1$goCDJJHH$EKtZV4WWB5nefgmqa/Xng/

NOTE: If you're looking for a full suite of hashing schemes, use pwd-hash.

Small TCP port scanner and banner disclosure

A tiny TCP port scanner and banner disclosure in Bash (8 lines only) ! It uses /dev/tcp/* pseudo-devices.

- Bash Tcp Scanner (sh, code)

$ ./tcp_scanner.sh
usage: ./tcp_scanner.sh <host_target> <port1> <port2>

$ ./tcp_scanner.sh 192.168.1.1 21 22 23
Port 21: 220 home FTP server (Version wu-2.6.2-5) ready.
Port 22: SSH-1.99-OpenSSH_3.1p1
Port 23: closed.

IdleScan script

It scans a remote host as described here. It uses the very nice tool hping (written by Salvatore Sanfilippo).

- IdleScan script (sh, code)

$ ./idle_scan.sh
usage: ./idle_scan.sh <spoofed_host> <target> "<ports_separed_with_space>"

$ ./idle_scan.sh 192.168.0.12 192.168.0.10 "21 22 80"
Ports status on 192.168.0.10:
        21 open
        22 open
        80 closed