Re: Version scan using nmap log

[David Fifield <david () bamsoftware com>]

On Wed, Feb 10, 2010 at 12:17:06PM +0530, chintan dave wrote:
> I have performed a Syn Scan against some few thousand IP addresses, however
> didn't include the version detection switch when I performed the scan.
>
> I have *.nmap & *.xml log formats for these scans (for some IP Addresses,
> even grepable format is saved).
>
> Is there a way I can feed these logs to nmap to perform the version scan of
> services running on open port.

Nmap doesn't have a way to do that built in. What I recommend is to
write a program to parse the XML files and build new Nmap commands. The
new scans would do nothing but version detection, like

nmap -n -PN -sV -p <ports> <target>

<ports> would be limited to the open ports for each target. That way
you're not doing a full port scan again.

One problem is that you're going to end up with a directory of separate
XML output files. One way to deal with that is to open the directory
with Zenmap's "Open Directory" feature, which will combine all the scan
results into one view.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/