|
Nmap Development
mailing list archives
Re: Version Detection based on past TCP/UDP scan results
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 1 Jun 2007 06:05:12 +0000
On Thu, 31 May 2007 15:56:05 -0500 plus or minus some time "DePriest, Jason
R." <jrdepriest () gmail com> wrote:
On 5/30/07, Hyper 4S wrote:
All,
assuming we have the results (eg in greppable format) of a normal
TCP/UDP portscan, is it possible to version scan (-sV) the found open
ports, without repeating this TCP/UDP scan?
E.g. we have "output", the result of the scan "nmap -sS -sU -p0-65535
-oG output [host]"
<snip>
I suppose if you are a master with sed or awk you could come up with a
one linter that could use the oG file instead of the oX file. That's
beyond me, though.
-Jason
Here is one way to skin the cat in bash/perl:
grep 'Host:' output.gnmap | \
perl -ne 'my @stack; my $host = $1 if (m#Host:\s([\d.]+)#); '\
'while (m#(\d+)/open/tcp#g) { push @stack, $1; } '\
'print join(",", @stack), " ", $host, "\n";' | \
while read LINE;
do sudo nmap -v -n -P0 -sV -p $LINE;
done
This quick and dirty shell script will fire nmap off once per host in your
gnmap output. You should be able to take it from there.
Brandon
Attachment:
signature.asc
Description:
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
|
Intro
