Created
September 5, 2020 10:05
-
-
Save xyzkab/5ae05643e99c7a201f57b8b8827dfdde to your computer and use it in GitHub Desktop.
Compare nmap two different scan file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # (N)map(P)ort diff -- yeah there is `ndiff` command already but it fail to compare between `-sC` and `-p-` output format | |
| # intended just for comparing between initial scan: `-sC -sV target-ipaddr` with allport scan `-p- target-ipaddr` | |
| # use option `-n` to remove newline | |
| # then run `-sC -sV -p{copy-and-paste-new-ports}` | |
| # | |
| # requirements: `pip install yq` | |
| # | |
| initial=$1 | |
| allport=$2 | |
| progname=$(awk -F'/' '{print $NF}' <<< $0) | |
| usage() { | |
| echo "Usage: $progname [scan-1.xml] [scan-2.xml]" | |
| echo "Example: $progname enumeration/nmap/initial.xml enumeration/nmap/allports.xml" | |
| } | |
| [ -z "$initial" ] || [ -z "$allport" ] && usage && exit 0 | |
| [ ! -f "$initial" ] && echo "$progname: $initial: No such scan file" && exit 1 | |
| [ ! -f "$allport" ] && echo "$progname: $allport: No such scan file" && exit 1 | |
| cat $initial | xq -rcM '.nmaprun.host.ports.port[]."@portid"' > /tmp/npdiff-initial.txt | |
| cat $allport | xq -rcM '.nmaprun.host.ports.port[]."@portid"' > /tmp/npdiff-allport.txt | |
| out=$(comm -23 <(sort /tmp/npdiff-allport.txt) <(sort /tmp/npdiff-initial.txt)) | |
| rm /tmp/npdiff-* | |
| [ "$1" == "-n" ] || [ "$3" == "-n" ] && echo $out | sed 's/ /,/g' && exit 0 | |
| [ -z "$out" ] && echo "no new open ports" && exit 0 | |
| echo "$out" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment