一个熟悉我正在研究的项目是解析nmap结果.
(我知道-oG选项,但我正在使用grep,awk,for和while循环).
以下是我正在尝试解析的内容:
Starting Nmap 7.60 ( https://nmap.org ) at 2017-12-05 11:26 EST Nmap scan report for house.router.nick (192.168.1.1) Host is up (0.00059s latency). Not shown: 995 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 427/tcp open svrloc 1900/tcp open upnp MAC Address: 50:C7:BF:A8:CF:C8 (Tp-link Technologies) Nmap scan report for 192.168.1.2 Host is up (0.00034s latency). Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 139/tcp open netbios-ssn 445/tcp open microsoft-ds MAC Address: 48:F8:B3:C9:AE:BB (Cisco-Linksys)
我想得到的是:
22/ssh ==== 192.168.1.1 192.168.1.2 http === 192.168.1.2
到目前为止,我有这个:
grep -E "tcp.*open" nmap.txt | awk '{ print $3 }' | sort | uniq
对于我的生活,我无法弄清楚如何将其变成各种循环并从上面获得所需的输出.
使用通用编程语言(python,perl,awk)可以更好地服务,您可以在看到“扫描报告”关键字时捕获IP地址,然后维护将服务名称映射到列表的数据结构运行这些服务的IP地址.
例如,给定输出,这个perl单行(提供没有解释)
perl -ne ' if (/Nmap scan report for .*?(\d+\.\d+\.\d+\.\d+)/) { $ip = $1 } elsif (/^(\d+)\/tcp\s+open\s+(.*)/) { push @{$services{"$1/$2"}},$ip } END { for $svc (sort {$a <=> $b} keys %services) { printf "%s\n%s\n\n",$svc,join("\n",@{$services{$svc}}) } } '
产生
22/ssh 192.168.1.1 192.168.1.2 53/domain 192.168.1.1 80/http 192.168.1.2 139/netbios-ssn 192.168.1.2 427/svrloc 192.168.1.1 445/microsoft-ds 192.168.1.2 1900/upnp 192.168.1.1