Last active
February 15, 2016 17:21
-
-
Save ChrisTruncer/201b30fbae1dd41904bb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # sax parser for massscan | |
| import xml.sax | |
| class XML_Parser(xml.sax.ContentHandler): | |
| def __init__(self): | |
| self.system_name = None | |
| self.port_number = None | |
| self.protocol = None | |
| self.masscan = False | |
| self.nmap = False | |
| self.nessus = False | |
| self.url_list = [] | |
| self.port_open = False | |
| self.rdp_list = [] | |
| self.vnc_list = [] | |
| self.http_ports = ['80', '8080'] | |
| self.https_ports = ['443', '8443'] | |
| def startElement(self, tag, attributes): | |
| # Determine the Scanner being used | |
| if tag == "nmaprun" and attributes['scanner'] == "masscan": | |
| self.masscan = True | |
| elif tag == "nmaprun" and attributes['scanner'] == "nmap": | |
| self.nmap = True | |
| elif tag == "nessusclientdata_v2": | |
| self.nessus = True | |
| if self.masscan: | |
| if tag == "address": | |
| self.system_name = attributes['addr'] | |
| elif tag == "port": | |
| self.port_number = attributes['portid'] | |
| elif tag == "service": | |
| if "http" in attributes['name']: | |
| self.protocol = "http" | |
| elif "ssl" in attributes['name']: | |
| self.protocol = "https" | |
| elif "vnc" in attributes['name']: | |
| self.protocol = "vnc" | |
| elif tag == "state": | |
| if attributes['state'] == "open": | |
| self.port_open = True | |
| elif self.nmap: | |
| pass | |
| elif self.nessus: | |
| pass | |
| def endElement(self, tag): | |
| if self.masscan: | |
| if tag == "host": | |
| if (self.system_name is not None) and (self.port_number is not None) and self.port_open: | |
| if self.protocol == "http" or self.protocol == "https": | |
| built_url = self.protocol + "://" + self.system_name + ":" + self.port_number | |
| if built_url not in self.url_list: | |
| self.url_list.append(built_url) | |
| elif self.protocol is None and self.port_number in self.http_ports: | |
| built_url = "http://" + self.system_name + ":" + self.port_number | |
| if built_url not in self.url_list: | |
| self.url_list.append(built_url) | |
| elif self.protocol is None and self.port_number in self.https_ports: | |
| built_url = "https://" + self.system_name + ":" + self.port_number | |
| if built_url not in self.url_list: | |
| self.url_list.append(built_url) | |
| elif self.protocol == "vnc": | |
| if self.system_name not in self.vnc_list: | |
| self.vnc_list.append(self.system_name) | |
| elif self.port_number == "3389": | |
| if self.system_name not in self.rdp_list: | |
| self.rdp_list.append(self.system_name) | |
| self.system_name = None | |
| self.port_number = None | |
| self.protocol = None | |
| self.port_open = False | |
| elif tag == "nmaprun": | |
| for url in self.url_list: | |
| print url | |
| def characters(self, content): | |
| pass | |
| if __name__ == "__main__": | |
| # Time to start parsing | |
| # Create parser | |
| parser = xml.sax.make_parser() | |
| # Turn off namespaces | |
| parser.setFeature(xml.sax.handler.feature_namespaces, 0) | |
| # Override the parser | |
| Handler = XML_Parser() | |
| parser.setContentHandler(Handler) | |
| parser.parse('filename.xml') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment