xyzkab/nvi.sh

## nvi.sh
#!/bin/bash
#
# (N)mapSer(V)ices(I)nfo -- yeah it's lame, can't think of anything, dont want to confused with (N)(S)cripting(E)ngine
# our eyes are playing tricks sometimes when the `.nmap` output is huge from `-sC -sV target-ip`
# just need to extract `name, product+version, port` into markdown style on each open ports
# then writing the rest of `-sC` output to more simplified note and continue thought process. for example;
# - **ftp** service open
#   - port: 21
#   - version: vsftpd 3.0.3
#   - anonymous login allowed
#   - interesting files:
#     - backup.zip
#     - my.cnf
#
# requirements: `pip install yq`

file=$1
progname=$(awk -F'/' '{print $NF}' <<< $0)

usage() {
  echo "Usage: $progname [initial-scan.xml]"
  echo "Example: $progname enumeration/nmap/initial.xml"
}
[ -z "$file" ] && usage && exit 0

content=$(cat $file)
services=$(echo "$content" | xq -rcM '.nmaprun.host.ports.port | map(select(.service."@name" != "tcpwrapped") | .service."@product" |= if .==null then "Unknown" else . end | .service."@version" |= if .==null then "Unknown" else . end)')
services_info=$(echo "$services" | jq -rcM '(map({name: .service."@name", product: .service."@product", version: .service."@version"}) | unique)')

for service in `echo $services_info | jq -rcM '.[] | @base64'`; do
  name=$(base64 -d <<< $service | jq -rcM '.name')
  product=$(base64 -d <<< $service | jq -rcM '.product')
  version=$(base64 -d <<< $service | jq -rcM '.version')
  ports=$(jq --arg name "$name" --arg product "$product" --arg version "$version" -rcM 'map(select(.service."@name" == $name and .service."@product" == $product and .service."@version" == $version)."@portid") | join(",")' <<< $services)
  if [ "$version" == "Unknown" ] && [ -n "$product" ]; then
    version=$product
  else
    version="$product $version"
  fi
  echo "- **$name** service open"
  echo "  - port: $ports"
  echo -e "  - version: $version\n"
done
	#!/bin/bash
	#
	# (N)mapSer(V)ices(I)nfo -- yeah it's lame, can't think of anything, dont want to confused with (N)(S)cripting(E)ngine
	# our eyes are playing tricks sometimes when the `.nmap` output is huge from `-sC -sV target-ip`
	# just need to extract `name, product+version, port` into markdown style on each open ports
	# then writing the rest of `-sC` output to more simplified note and continue thought process. for example;
	# - ftp service open
	# - port: 21
	# - version: vsftpd 3.0.3
	# - anonymous login allowed
	# - interesting files:
	# - backup.zip
	# - my.cnf
	#
	# requirements: `pip install yq`

	file=$1
	progname=$(awk -F'/' '{print $NF}' <<< $0)

	usage() {
	echo "Usage: $progname [initial-scan.xml]"
	echo "Example: $progname enumeration/nmap/initial.xml"
	}
	[ -z "$file" ] && usage && exit 0

	content=$(cat $file)
	services=$(echo "$content" \| xq -rcM '.nmaprun.host.ports.port \| map(select(.service."@name" != "tcpwrapped") \| .service."@product" \|= if .==null then "Unknown" else . end \| .service."@version" \|= if .==null then "Unknown" else . end)')
	services_info=$(echo "$services" \| jq -rcM '(map({name: .service."@name", product: .service."@product", version: .service."@version"}) \| unique)')

	for service in `echo $services_info \| jq -rcM '.[] \| @base64'`; do
	name=$(base64 -d <<< $service \| jq -rcM '.name')
	product=$(base64 -d <<< $service \| jq -rcM '.product')
	version=$(base64 -d <<< $service \| jq -rcM '.version')
	ports=$(jq --arg name "$name" --arg product "$product" --arg version "$version" -rcM 'map(select(.service."@name" == $name and .service."@product" == $product and .service."@version" == $version)."@portid") \| join(",")' <<< $services)
	if [ "$version" == "Unknown" ] && [ -n "$product" ]; then
	version=$product
	else
	version="$product $version"
	fi
	echo "- $name service open"
	echo " - port: $ports"
	echo -e " - version: $version\n"
	done