Last active
November 6, 2018 17:30
-
-
Save abitrolly/5af0045efb9a853263f0bb19f10b0b19 to your computer and use it in GitHub Desktop.
Detect services running on docker-compose ports with Nmap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
""" | |
Parse docker-compose.yml port definitions and run NMAP service | |
scan on them to discover actual services running. | |
Needs nmap and Python pyyaml installed. | |
For now only "3000" and "8000:8000" syntax is supported. | |
ports: | |
- "3000" | |
- "3000-3005" | |
- "8000:8000" | |
- "9090-9091:8080-8081" | |
- "49100:22" | |
- "127.0.0.1:8001:8001" | |
- "127.0.0.1:5000-5010:5000-5010" | |
- "6060:6060/udp" | |
- "12400-12500:1240" | |
""" | |
import yaml | |
from subprocess import check_output | |
decompose = yaml.load(open('docker-compose.yml')) | |
for service, data in decompose['services'].items(): | |
print(service + ':') | |
if 'ports' in data: | |
for portmap in data['ports']: | |
if ':' in portmap: | |
port = portmap.split(':')[0] | |
else: | |
port = portmap | |
print(' ' + port) | |
result = check_output('nmap -sV 0.0.0.0 -p' + port, shell=True) | |
for line in result.decode().splitlines(): | |
if line.startswith(port): | |
# 9000/tcp open http Node.js Express framework | |
res = line.split(maxsplit=3) | |
if res[1] == 'closed': | |
print(' closed', flush=True) | |
else: | |
if len(res) == 3: | |
# should be 4, service is unknown, run nmap | |
# manually and submit results | |
print(' ' + ' '.join(res[1:])) | |
else: | |
print(' ' + res[3]) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment