Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Question on NSE script output
From: David Fifield <david () bamsoftware com>
Date: Fri, 5 Jun 2009 21:58:00 -0600

On Thu, Jun 04, 2009 at 10:19:39PM -0400, Sina Bahram wrote:
I have a question about NSE output in nmap.

I want to discover all ftp servers on a decent sized network which allow
anonymous login.  Wonderful for me that there exists an NSE script to do
exactly this, but how do I get only those ip's?

I was thinking of just inserting a print to stderr of the ip and a yes/no
flag into the script then being able to grep on this?  Is it possible to
print to STDERR in our NSE infrastructure?

I don't know of a way to print to stderr, but you can include the IP
address in the normal script output:
        if(isAnon) then
                return host.ip .. " Anonymous FTP login allowed"

I'm sure there's a much prettier way, and since I tend to despise hacks for
no good reason, I look forward to hearing about a way of just getting the
ftp servers which allow anonymous login, somehow?

I can't grep the regular nmap output as the context crosses multiple lines,
and it becomes an awk script, if I really want to do it right, and I'd like
the data quick.

Without any script changes, you could get the list pretty quick with
egrep '(^Interesting ports |ftp-anon)' scan.log | grep -B 1 ftp-anon

Script output is a difficult case because it is mostly free-form text
that may be short or may be many lines.

David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]