Skip to content

Instantly share code, notes, and snippets.

@fer

fer/nmap2md.sh

Created July 11, 2021 15:56
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save fer/4b8e978ab73b0db151594351d1e854d6 to your computer and use it in GitHub Desktop.
Save fer/4b8e978ab73b0db151594351d1e854d6 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
nmap2md.sh
#!/bin/sh
#
# nmap2md.sh · create a simple nmap report on markdown on the fly
#
# By http://github.com/fer
#
# Usage:
#
# 1. Check alive Hosts, grab IP addresses and run scanner:
#
# $ sudo nmap -sn 172.16.64.0/24 --exclude 172.16.64.10 -oN hostAlive.nmap
# $ cat hostAlive.nmap | grep for | awk {'print $5'} > ips.txt
# $ sudo nmap -sV -n -v -Pn -p- -T4 -iL ips.txt -A --open -oX portScan.xml
#
# # 2. Run nmap2md.sh
#
# $ nmap2md.sh portScan.xml > output.md
FILE=$1
# $1: xpath string
xl_wrap() {
xmllint --xpath $1 $FILE
}
# $1: host port count
# $2: host count
portTable() {
HOST_PORT_COUNT=$(xl_wrap "count(//host[${1}]//ports/port)")
echo "| Port | State | Service | Version |";
echo "|:-----|:------|:--------|:--------|";
for port in `seq 1 $HOST_PORT_COUNT`
do
portLine ${1} $port
done
}
# $1: host position
# $2: port position
portLine() {
BASE="//host[${1}]//ports//port[${2}]"
PORT_NUMBER=$(xl_wrap "string($BASE/@portid)")
PORT_PROTOCOL=$(xl_wrap "string($BASE/@protocol)")
PORT_STATE=$(xl_wrap "string($BASE//state/@state)")
PORT_SERVICE_NAME=$(xl_wrap "string($BASE//service/@name)")
PORT_SERVICE_PRODUCT=$(xl_wrap "string($BASE//service/@product)")
PORT_SERVICE_VERSION=$(xl_wrap "string($BASE//service/@version)")
echo "| $PORT_NUMBER/$PORT_PROTOCOL | $PORT_STATE | $PORT_SERVICE_NAME | $PORT_SERVICE_PRODUCT $PORT_SERVICE_VERSION |"
}
# $1: host count
hostTable() {
echo "| Host | OS | Accuracy |"
echo "|:-----|:------|:---------|"
for host in `seq 1 ${1}`
do
hostLine $host
done
}
# $1: host position
hostLine() {
HOST_IP=$(xl_wrap "string(//host[${1}]//address[@addrtype='ipv4']/@addr)")
HOST_OS=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@name)")
HOST_OS_ACCURACY=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@accuracy)")
echo "| $HOST_IP | $HOST_OS | $HOST_OS_ACCURACY% |"
}
# $1: host position
portTableHeader() {
HOST_IP=$(xl_wrap "string(//host[${1}]//address[@addrtype='ipv4']/@addr)")
HOST_OS=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@name)")
HOST_OS_ACCURACY=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@accuracy)")
echo "\n## $HOST_IP ($HOST_OS - $HOST_OS_ACCURACY%)\n"
}
# $1: host count
portsAndHosts() {
for host in `seq 1 ${1}`
do
portTableHeader ${host}
portTable ${host}
echo "\n"
done
}
########
# Main #
########
if ! [ -x "$(command -v xmllint)" ]
then
echo "xmllint could not be found."
echo "> apt-get install libxml2-utils"
exit
fi
if [ $# -lt 1 ]
then
echo "ERROR: $0 requires a nmap xml export file as an argument.\n"
echo "You can generate it with:"
echo " > sudo nmap -sV -n -v -Pn -p- -T4 -iL ips.txt -A --open -oX portScan.xml\n"
echo "Then run:"
echo "> sh nmap2md.sh portScan.xml"
exit
fi
HOST_COUNT=$(xl_wrap 'count(//host)')
echo "# Scanner"
echo '```bash'
echo $(xl_wrap "string(//nmaprun/@args)")
echo '```'
echo "\n# Hosts Alive ($HOST_COUNT)"
hostTable $HOST_COUNT
echo "\n# Open Ports and Running Services"
portsAndHosts $HOST_COUNT
@fer
Copy link
Author

fer commented Jul 11, 2021

Note: Example report

Scanner

nmap -sV -n -v -Pn -p- -T4 -iL ips.txt -A --open -oX portScan.xml

Hosts Alive (4)

Host OS Accuracy
172.16.64.101 Linux 3.12 95%
172.16.64.140 Linux 3.12 95%
172.16.64.182 Linux 3.12 95%
172.16.64.199 Microsoft Windows 10 96%

Open Ports and Running Services

172.16.64.101 (Linux 3.12 - 95%)

Port State Service Version
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8
8080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
9080/tcp open http Apache Tomcat/Coyote JSP engine 1.1
59919/tcp open http Apache httpd 2.4.18

172.16.64.140 (Linux 3.12 - 95%)

Port State Service Version
80/tcp open http Apache httpd 2.4.18

172.16.64.182 (Linux 3.12 - 95%)

Port State Service Version
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.8

172.16.64.199 (Microsoft Windows 10 - 96%)

Port State Service Version
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds
1433/tcp open ms-sql-s Microsoft SQL Server 2014 12.00.2000.00; RTM
49664/tcp open msrpc Microsoft Windows RPC
49665/tcp open msrpc Microsoft Windows RPC
49666/tcp open msrpc Microsoft Windows RPC
49667/tcp open msrpc Microsoft Windows RPC
49668/tcp open msrpc Microsoft Windows RPC
49669/tcp open msrpc Microsoft Windows RPC
49670/tcp open msrpc Microsoft Windows RPC
49943/tcp open ms-sql-s Microsoft SQL Server 2014 12.00.2000

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment