Re: Converting Nmap output to SQL

[Ron <ron () skullsecurity net>]

On Thu, 25 Mar 2010 11:43:00 -0500 Kris Katterjohn
<katterjohn () gmail com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 03/25/2010 11:19 AM, Ron wrote:
> > Hey,
> >
> > A friend of mine wants to create a PHP dashboard for his business,
> > showing open ports, operating systems, etc. He was hoping to put an
> > Nmap scan into a database, then I'd write him a PHP front-end to
> > display it. 
> >
> > Has anybody looked at a way to convert the XML output to SQL? I
> > don't have a whole lot of experience with XML, but it'd definitely
> > be a cool feature. 
>
> Do you mean just separately 1) extracting the data from the XML and
> 2) storing it in a database?
Separately or together doesn't really matter -- as long as it ends up in a database I'll be happy. 

> Check out Metasploit's db functionality, such as db_nmap.  It stores
> Nmap XML into a database (using ActiveRecord).  Also, a Metasploit
> developer emailed me a couple of months ago in reference to using my
> Ruby Nmap::Parser in a project related to his work (not Metasploit)
> in which he wanted to scan and store in a sqlite3 database.  It can
> be done just the same along with the Perl Nmap parsers I'm sure.
>
> Parsers for Nmap extract the data from the XML so he just has to put
> it in a db somehow, which shouldn't be too hard.  Coming up with a
> decent schema is probably the worst of it all, depending on what all
> data you want to keep.
Cool, sounds promising! I'm only just getting my feet wet with Ruby right now, but I'll keep that in mind. 

Thanks!

> Cheers,
> Kris Katterjohn
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQIcBAEBAgAGBQJLq5KTAAoJEEQxgFs5kUfudrkQAJCWI9mVPWdVkjv1YEeNUt+E
> 2FpY+KedAA3L+JzYrx6bIWptmdztCuLHXe881wEtPj5X9Jfl14Xfr1FMhk/RsW26
> /zFpqKAfpgw72DuM6ow3T3cG8S3klHsr1XFxoToD/LSkwO66i3r29DiD877iu9gR
> bI0DwPfS0WljoKc2eIfhi7km/UerIOV79ePJYvugyB/t0vNKkXgdaYiM8k0JN7yR
> FGZo5VgRlBr4e5bPOmoWuQzGKRzIc/9m0jugJ+ghUSiNxmzCLAGx72gMZ4kz9+9e
> lsVAsK1CLH20i9ljW1S70PHNvxfpbt2iuJRn3NNJ1oPgpOYDey6D3J49u7MFEVr+
> BeDP1Zznf4bttMEXf4ba+v+mgJZhYbFs+jNI2tHLx+ctwh3yz4DRUd1RXWnKx04b
> qHYpcszVK58RoQpF7KW0u7S0tCKVm8NRbR5ojMEJpFT6p0MOae6KfgPO/ryUGdfm
> RfVKkPxdA1lHwsrytjdclwKI1F0TRHXdOjzK190kJhsM8Srs4/k2500Obxz2FE9s
> p/h4eXF7wg9ZsRa+3cZkKKlnXhN+ezIzNH4/5I4b1DqGvDzy9LpaMxX1+ZJRVwpb
> tCZcHGOxF51DZh9gssW6GeZEpNUMFQ8OMBjvh/IDBD58sCm+iXFFuo3g9AtJ0kY5
> oqwvKgR9CpNxbhFsY2QP
> =mdy5
> -----END PGP SIGNATURE-----
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/


-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/