Maybe this is slower than grepable output, too.
------------------------------------------------------------------------------
Command and Output
------------------------------------------------------------------------------
> nmap -A -O 192.168.91.239 -oX 239.xml
Starting Nmap 4.20 ( http://insecure.org ) at 2007-01-25 18:30 Eastern Standard
Time
Stats: 0:06:49 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 99.99% done; ETC: 18:36 (0:00:00 remaining)
Interesting ports on 192.168.91.239:
Not shown: 1695 closed ports
PORT STATE SERVICE VERSION
427/tcp filtered svrloc
5900/tcp open vnc Apple remote desktop vnc
Device type: general purpose
Running: Apple Mac OS X 10.3.X|10.4.X
OS details: Applie Mac OS X 10.3.9 - 10.4.7
Uptime: -25079.923 days (since Wed Sep 25 17:45:52 2075)
------------------------------------------------------------------------------
Disassembly
------------------------------------------------------------------------------
00448770 call 004533C0
00448775 add ecx,30h
00448778 cmp ecx,39h
0044877B mov dword ptr [ebp-68h],ebx
0044877E mov edi,eax
00448780 mov ebx,edx
00448782 jle 00448787
00448784 add ecx,dword ptr [ebp-4Ch]
00448787 mov byte ptr [esi],cl
00448789 dec esi
0044878A jmp 00448758
0044878C lea eax,[ebp+1EBh]
00448792 sub eax,esi
00448794 inc esi
00448795 test word ptr [ebp-18h],200h
0044879B mov dword ptr [ebp-28h],eax
0044879E mov dword ptr [ebp-24h],esi
004487A1 je 004487EF
004487A3 test eax,eax
004487A5 je 004487AE
004487A7 mov ecx,esi
004487A9 cmp byte ptr [ecx],30h
004487AC je 004487EF
004487AE dec dword ptr [ebp-24h]
004487B1 mov ecx,dword ptr [ebp-24h]
004487B4 mov byte ptr [ecx],30h
004487B7 inc eax
004487B8 jmp 004487EC
004487BA dec ecx
004487BB cmp word ptr [eax],si
004487BE je 004487C6
004487C0 inc eax
004487C1 inc eax
004487C2 cmp ecx,esi
004487C4 jne 004487BA
004487C6 sub eax,dword ptr [ebp-24h]
004487C9 sar eax,1
004487CB jmp 004487EC
004487CD cmp edi,esi
004487CF jne 004487D9
004487D1 mov eax,dword ptr ds:[004741B0h]
004487D6 mov dword ptr [ebp-24h],eax
004487D9 mov eax,dword ptr [ebp-24h]
004487DC jmp 004487E5
004487DE dec ecx
004487DF cmp byte ptr [eax],0 <========================
------------------------------------------------------------------------------
Autos
------------------------------------------------------------------------------
EAX FFFFFFFF
EBP 0012B98C
ECX 7FFFFFFE
On 1/15/07, sophit4_at_gmail.com <sophit4_at_gmail.com> wrote:
> This was from the installer package. Scan executed approximately as:
>
> nmap -P0 -sX -A -PA -PU -F -O -v -T5 -oX baz.xml -excludefile
> excludes.txt 192.168.91.4-254
>
> On my screen here, I see (after bar.foo) a capital O with a hat on
> it, a 3/4 sign, a control-R, closed by the quotes. XML parsers
> aren't liking this. The hostname, e.g. "bar.fooxxx.com" is
> incomplete.
>
> I've seen this several times.
>
> <taskend task="Service scan" time="1168655332" />
> <<taskbegin task="RPCGrind Scan against bar.fooÔ¾^R" time="1168655369" />
> <taskend task="RPCGrind Scan against bar.fooÔ¾^R" time="1168655369" />
> <host><status state="up" />
> <address addr="192.168.91.73" addrtype="ipv4" />
>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Jan 26 2007
Intro
