#!/bin/bash

# Define subnet to scan
SUBNET="172.24.11"

# Define SSH port
SSH_PORT=22

# Maximum number of parallel processes
MAX_PROCS=10

# Temporary file for results
RESULTS_FILE=$(mktemp)

echo "Scanning for machines listening on SSH port $SSH_PORT in subnet $SUBNET.128/25..."

# Start time for performance tracking
START_TIME=$(date +%s)

# Loop through the IP range with parallel processing
for i in {129..254}; do
    IP="$SUBNET.$i"

    # Run scan in background
    {
        timeout 0.1 bash -c "</dev/tcp/$IP/$SSH_PORT" &>/dev/null
        if [[ $? -eq 0 ]]; then
            echo "Success: SSH is listening on $IP" >>"$RESULTS_FILE"
        fi
    } &

    # Limit the number of background processes - compatible version
    while [[ $(jobs -p | wc -l) -ge $MAX_PROCS ]]; do
        sleep 0.1
    done
done

# Wait for all remaining background processes to finish
wait

# Calculate elapsed time
END_TIME=$(date +%s)
ELAPSED=$((END_TIME - START_TIME))

# Display results
echo "Scan completed in $ELAPSED seconds."
if [[ -s "$RESULTS_FILE" ]]; then
    echo "Found SSH servers:"
    cat "$RESULTS_FILE" | sort
else
    echo "No SSH servers found."
fi

# Cleanup
rm "$RESULTS_FILE"