Nmap Development mailing list archives
Re: nmap output bug?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 24 Oct 2011 10:24:55 -0500
On 10/21/2011 08:24 AM, Paul Griggs wrote:
Hi dev list, I'm parsing nmap standard output using various techniques, and just discovered an anomaly. For reasons that are not clear to me, sometimes the line that reports an open port contain "<portnumber>/tcp open" with a single space between "tcp" and "open", and other times with two spaces between "tcp" and "open". I can't imagine any legitimate reason for it. Yeah, I should probably be parsing XML instead, but I thought I would throw this out there. Paul ----------------------------------------- Notice: This e-mail message, together with any attachments, contains information of Cadre Computer Resources, Co. that may be confidential, proprietary, copyrighted and/or legally privileged, and is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please immediately return this by e-mail and then delete it. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Paul,The reason is that the output is placed in a variable-width table for each host. You could have up to 5 spaces there, in reality. Here is an example, using X instead of spaces:
PORTXXXXXXSTATEXSERVICE 1/tcpXXXXXopenXXtcpmux 31337/tcpXopenXXEliteAnd yes, you really should be parsing the XML, or at the very least, the grepable output (-oG).
Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap output bug? Paul Griggs (Oct 24)
- Re: nmap output bug? Daniel Miller (Oct 24)