How to scan IP range using nmap?
Scripting language : Bash Shell Script
I have to create one function in which read IP addresses one by one from one file (iplist.txt) and scan these IP using nmap. This scan IP's output is saved in output.txt file and parse output.txt file to filter only open ports with particular IP which is saved in parse.txt file. format of parse.txt file: Code:
ip open port 1. Find all ports open on a whole range and in one file. 2. Save only open ports with IP address in another file. Don't save filtered or closed ports in this file. eg. Format of file: IP_address Open_port Code:
192.168.0.1 21 I have attached the script. Please help me if possible to implement second option. In second option, my script take open port/tcp and all other details but i want only ip address with open port as shown above file format. code: Code:
readfile() iplist.txt Code:
192.168.0.1 Code:
Nmap scan report for 192.168.0.1 Code:
135/tcp open msrpc syn-ack ttl 128 Expected output of parse.txt: Code:
192.168.0.1 135 |
It's pretty easy with awk.
Just a quick guess: You'd just look for /^Nmap scan report for/ and clear your value for the 1st column, then if /host down/ is not present use the 5th or 6th field to set the subsequent 1st column value. Then until that happens again, print out the port number when 'open' is found in the appropriate column. Functions like sub() or gsub() can be used to tidy the fields. How far can you get with awk now? |
How to scan IP range using nmap?
Hello,
I have tried using awk command but I didn't got expected answer yet. Can you give me code for this. |
The way the forum works is that you show what you have been trying and ask questions about it. So please show what you tried with awk and how far you were able to get with either your own approach or the guidance given already.
|
This should be fairly easy with awk, one method already indicated by Turbocapitalist in post #2.
Alternatively, you might want to think of 'Nmap scan report...' as the record separator and each subsequent line as a field, then get the IP address from the first "field" and port numbers from /^[0-9]+/ of each following field (line). But as already said, it is more helpful to everyone if you show us your own attempt as the starting point, then we can suggest and refine our advice based on that example. |
How to scan IP range using nmap?
Error in filter.awk :
nmap_scan.sh Code:
readfile() Code:
awk '/^Nmap scan report/{cHost=$5;} output.txt- Code:
# Nmap 7.01 scan initiated Sat Mar 15 06:27:08 2017 as: nmap -oG output.txt -T4 -f -iL iplist.txt Code:
awk: 2: unexpected character ''' |
Ok. With that kind of input and the way you are starting awk, I'd try something like the pieces below. The Output Field Separator (OFS) can be set to a tab if you like. However, the following does not really use it because of the printf. Also, since the string "open" could possibly come in several contexts, it's best to not rely on it by itself and add in an extra check.
Code:
awk 'BEGIN { |
How to scan IP range using nmap?
Thank you so much......it works.
|
No worries. But more important than it working is that you understand how it works and what was changed in the awk script.
How familiar are the following? sub() split() ~ printf() They're there in the awk manual. Code:
man awk |
All times are GMT -5. The time now is 02:21 AM. |