-
Notifications
You must be signed in to change notification settings - Fork 36
parsenmap.rb
zeknox edited this page Oct 23, 2012
·
1 revision
parsenmap.rb is a ruby script that will parse nmap xml files to determine which ports and services are open. The script will display all open ports and services to stdout. The script can also be used to redirect the output from stdout to a file for later use.
Run full blown nmap port scan
root@bt:~# nmap -sS -A 192.168.0.0/24 -oA 192.168.0.0_nmap
Parse open ports from the nmap scan:
root@bt:~# ruby parsenmap.rb 192.168.0.0_nmap.xml 192.168.0.1 80 http Linksys WRT54G WAP http config 192.168.0.1 2869 http Intoto httpd 1.1 192.168.0.100 3689 daap Apple iTunes DAAP 10.6d22 192.168.0.100 7000 http Apple AirPlay httpd 192.168.0.100 7100 http Apple AirPlay httpd 192.168.0.100 49152 unknown 192.168.0.100 62078 tcpwrapped 192.168.0.107 135 msrpc Microsoft Windows RPC 192.168.0.107 139 netbios-ssn 192.168.0.107 445 netbios-ssn 192.168.0.107 902 vmware-auth VMware Authentication Daemon 1.10 192.168.0.107 912 vmware-auth VMware Authentication Daemon 1.0 192.168.0.107 2869 http Microsoft HTTPAPI httpd 2.0 192.168.0.107 5357 http Microsoft HTTPAPI httpd 2.0 192.168.0.107 10243 http Microsoft HTTPAPI httpd 2.0 192.168.0.107 49152 msrpc Microsoft Windows RPC 192.168.0.107 49153 msrpc Microsoft Windows RPC 192.168.0.107 49154 msrpc Microsoft Windows RPC 192.168.0.107 49156 msrpc Microsoft Windows RPC 192.168.0.107 49157 msrpc Microsoft Windows RPC 192.168.0.107 49158 msrpc Microsoft Windows RPC 192.168.0.123 80 http Virata-EmWeb 6.2.1 192.168.0.123 139 netbios-ssn 192.168.0.123 6839 unknown 192.168.0.123 7435 unknown 192.168.0.123 8089 tcpwrapped 192.168.0.123 9100 jetdirect 192.168.0.123 9101 jetdirect 192.168.0.123 9102 jetdirect 192.168.0.123 9110 unknown 192.168.0.123 9220 hp-gsg HP Generic Scan Gateway 1.0 192.168.0.123 9290 hp-gsg IEEE 1284.4 scan peripheral gateway 192.168.0.123 9500 ismserver
Lets say you want to list just the webservers, we can use grep to help:
root@bt:~# ruby parsenmap.rb 192.168.0.0_nmap.xml | grep http 192.168.0.1 80 http Linksys WRT54G WAP http config 192.168.0.1 2869 http Intoto httpd 1.1 192.168.0.100 7000 http Apple AirPlay httpd 192.168.0.100 7100 http Apple AirPlay httpd 192.168.0.107 2869 http Microsoft HTTPAPI httpd 2.0 192.168.0.107 5357 http Microsoft HTTPAPI httpd 2.0 192.168.0.107 10243 http Microsoft HTTPAPI httpd 2.0 192.168.0.123 80 http Virata-EmWeb 6.2.1