Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

--append_output option with XML files

From: "Duilio J. Protti" <dprotti () flowgate net>
Date: Wed, 13 Jul 2005 21:16:15 -0300
Current stable version of nmap (3.81) doesn't handle correctly the --
append_output option when results are logged to XML files.

If you have a file my-run.xml like the following:

<?xml version="1.0" ?>
<?xml-stylesheet ... >
<nmaprun scanner="nmap" args=...>
...
</nmaprun>

and you run:

# nmap -sS -F -oX my-run.xml --append_output $IP

now my-run.xml content is:

<?xml version="1.0" ?>
<?xml-stylesheet ... >
<nmaprun scanner="nmap" args=...>
...
</nmaprun>
<?xml version="1.0" ?>
<?xml-stylesheet ... >
<nmaprun scanner="nmap" args=...>
...
</nmaprun>

Which does not meet the DTD and even worse, it's not well formed XML.

The attached patch solve this issue, avoiding the prologue when the --
append_output is present. However, this not solve all the problems. When
trying to process the generated XML, the XSL transformation will fail,
because there are two root elements (two <nmaprun>).

The problem is that the present DTD for nmap do not take into account
multiple runs. IMHO, the better way to solve this, is enclosing all the
<nmaprun> tags into a new root element, i.e. <nmapruns> (note the 's'),
which will contain a list of <nmaprun> childs.

This way, adding new nmap results to an existing set of previous nmap
runs, is just a matter to add them within a new <nmaprun> child into the
root element. Of course, this requires a change on the current DTD, but
it's a minor change.

I do these changes, because in my job as pentester, I periodically run
surgical nmap tests against one target (not a range of targets), and I
want to keep this results in a one-file-per-ip basis. Previously, I did
this using normal and grepable formats, but since the new XML feature of
nmap is available, I really want to use it, because it's too much
suitable for later report generation.

The attached patch is for version 3.81, and include required changes to
nmap.cc, output.cc, nmap.xsl and nmap.dtd.

I hope this help!


Regards,
Duilio Protti.

Attachment: nmap-3.81-xml-append-output.patch
Description: 



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Previous By Date Next
Previous By Thread Next

Current thread: