0 rdpScan Network Checker

This is a simple script that leverages nmap to scan for RDP-Server.

#!/bin/bash
#
# rdpScan - scan a network segment for RDP-Server          
# author: silverstoneblue@gmx.net 
# requires:  fgrep awk nmap

scriptname="rdpScan"
version="1.0"
rdpips="/tmp/tmprdp.$$"

declare -i rdpfound=0

function is_installed {
  which $1 > /dev/null 2>&1
  if [ $? -ne 0 ]
  then
    printf "\nERROR: %s not installed.\n\n" $1
    exit 255
  fi
}
 
is_installed fgrep
is_installed awk
is_installed nmap

 if [ $# -ne 1 ]; then
    printf "\n \n"
   printf "rdpScan - scan a network segment for RDP-Server \n\n"
    printf "version %s by silverstoneblue@gmx.net \n\n" $version
   printf "Usage: %s {target network}\n\n" $scriptname
    printf "target network:\n"
    printf "  can pass hostnames, IP's, networks, etc.\n"
    printf "  server.company.com, company.com/24, 192.168.0.1/16, 10.0.0-255.1-254\n"
    printf "example:\n"
    printf "  %s 80.187.0.0/24\n\n" $scriptname
    exit 255
 fi
 
iprange=$1
 
printf "\nScanning for RDP-Server..."
 
nmap -n -P0 -sS -p 3389 -oG - $iprange | fgrep 'Ports: 3389/open/tcp//ms-term-serv///' | awk '{print $2}' > $rdpips

printf "\n\n"

exec 3< $rdpips
 
echo "*****************"
echo "RDP IP Address"
echo "*****************"
 
 while read rdpip <&3 ; do
    rdpfound=$rdpfound+1
    printf "%-15s %s\n" $rdpip 
 done

 
 if [ $rdpfound -eq 0 ] ; then 
  printf "No RDP-Server found on network target %s. \n\n" $iprange
   rm -f $rdpips 
  exit 255
 fi
 
printf "\n%d RDP-Server found on network target %s.\n" $rdpfound $iprange
printf "Now try ur luck ;)\n"
printf "have fun ;) \n"
rm -f $rdpips 
exit 0

Download