Nmap Development mailing list archives
Re: Output|Input pipe and forcing script run
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 29 Sep 2010 14:34:43 -0500
Martin,Here's an example of a short shell script that could do that for you, more or less.
for gfile in open-{0..10}.gnmap; do
sudo nmap -sS -iR 1000 -p1098,1099 --open -Pn -oG $gfile
perl -i -lane 'next if /^#/;print $F[1] if $F[4]=~/open/' $gfile
sudo nmap -iL $gfile --script rmi-dumpregistry.nse -d3 >>
nmap_rmi_discovery.log
doneI split the scan into 10 parts so that you get some parallelization. To do it all at once is similar:
sudo nmap -sS -iR 1000 -p1098,1099 --open -Pn -oG open.gnmap perl -i -lane 'next if /^#/;print $F[1] if $F[4]=~/open/' open.gnmapsudo nmap -iL open.gnmap --script rmi-dumpregistry.nse -d3 >> nmap_rmi_discovery.log
Hope that helps! Dan On 09/29/2010 03:47 AM, Martin Holst Swende wrote:
Hi, I have been doing quite a bit of work on the rmiregistry-dumper, and are doing some testing. To *really* test it, I want to locate rmiregistrys in the wild, and test if I can communicate with them. Currently, I am doing this : sudo nmap -sS -iR 10000 -p1098,1099 --open --script rmi-dumpregistry.nse -d3 -Pn> nmap_rmi_discovery.log I want to have 'd3' in order to view all traffic and all output from the scripts, however, the logfiles get pretty big, and I am only interested in the output produced when open ports are found. What I would really like instead is to do something like this : sudo nmap -sS -iR 10000 -p1098,1099 --open -Pn --output-pipe | nmap --input-pipe --script rmi-dumpregistry.nse -d3> nmap_rmi_discovery.log That is: * Perform one scan which only discovers open ports, and outputs them in a format which can be read by the next proces. Example output could be tcp:15.15.15.15:1098 [open] tcp:15.15.13.15:1099 [open] ... * Perform another scan which listens to stdin for targets, and knows how to parse host/ip/protocol from the first scan Is there a simple way which I can achieve this that I have missed ? If not, consider the input/output options above a feature-request. Also, a while ago there was a discussion about forcing a script to be run . That is a feature I would really love. Is anybody working on that? Fyodor suggested placing the patch in NSE, if that means in "lua-space" I could implement that if given some hints on where to place it. [1] http://seclists.org/nmap-dev/2010/q3/79 [2] http://seclists.org/nmap-dev/2010/q3/88 Regards, Martin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Output|Input pipe and forcing script run Martin Holst Swende (Sep 29)
- Re: Output|Input pipe and forcing script run Daniel Miller (Sep 29)
- Re: Output|Input pipe and forcing script run Martin Holst Swende (Sep 30)
- Re: Output|Input pipe and forcing script run Daniel Miller (Sep 29)