Thursday, September 17, 2015

Parsing Multiple nmap Scan Output Files into a csv File

Today I was faced with a challenge where I had to parse multiple nmap scans that were saved in a directory.  The format was saved in the regular .nmap output.  The following python script came alive that parses the files and outputs the IP Address, MAC Address and each port that was found into output to the screen that could then be saved as a csv file.

This script depends on the output that is located in the .nmap output and the version of nmap.



#!/usr/bin/python

nmapOutputDirectory="scans"

import os
import re

for file in os.listdir(nmapOutputDirectory):
 portStatusPattern = re.compile("^[0-9]{1,5}\/(tcp|udp)\s*(open|closed)\s*[0-9a-zA-Z- ]{3,}$")
 macAddrPattern = re.compile(".*([0-9A-Fa-f]{1,2}[:-]){5}[0-9A-Fa-f]{2}.*")
 portInfoList = []
 ipAddress = ''
 macAddr = ''
 fileLocation = nmapOutputDirectory + "/" + file
 f = open(fileLocation, 'r')
 for line in f:
  currentLine = line.strip()
  if "Nmap scan report for" in currentLine:
   ipAddress = currentLine[21:]
  elif portStatusPattern.match(currentLine):
   portInfoList.append(currentLine)
  elif macAddrPattern.match(currentLine):
   macAddr = currentLine[13:30]
 if len(portInfoList) > 0:
  for item in portInfoList:
   print '"' + ipAddress + '","' + macAddr + '","' + item + '"'
 else:
  print '"' + ipAddress + '","' + macAddr + '",""'

b


at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Test Authentication from Linux Console using python3 pexpect

Working with the IT420 lab, you will discover that we need to discover a vulnerable user account.  The following python3 script uses the pex...