#!/bin/sh ''':' exec python -u "$0" ${1+"$@"} ' ''' # Stomper - take nmap -sV version scan output, and generate a nice CVS file # for Excel. # By Justin Clarke, justin@justinclarke.com # Version .01b4, October 28 2004 # # This tool is released under the Reciprocal Public License # This open source license is available for review at # http://www.opensource.org/licenses/rpl.php # import sys import re import string debug = 0 # set if you want oodles of debugging output to stdout # To add port columns to the output, add them in here Ports = {21:'ftp', 22:'ssh', 23:'telnet', 25:'smtp', 53:'dns', 79:'finger', 80:'http', 139:'netbios', 443:'https', 445:'smb'} startmatch = r'Interesting ports on' def usage(): print r""" ___ ____ _____ __ __ ____ ____ ____ / __)(_ _)( _ )( \/ )( _ \( ___)( _ \ \__ \ )( )(_)( ) ( )___/ )__) ) / (___/ (__) (_____)(_/\/\_)(__) (____)(_)\_) """ print "Usage: %s " % sys.argv[0] sys.exit(1) # Main starts here if (len(sys.argv)<>2): usage() try: input = open(sys.argv[1]) except: print "Could not open file %s" % sys.argv[1] usage() # build first line of results list results=[[]] lineno = 0 results[lineno] = ['Hostname', 'IP Address', 'OS Guess'] keys = Ports.keys() keys.sort() for key in keys: results[lineno] += [Ports[key]] results[lineno] += ['Other Ports', 'Service Versions'] if debug: print results # set initial var values switch = 1 ip = '' hostname = '' osguess = '' openports = [] versions = '' otherports = '' # File parsing loop for line in input.readlines(): if switch: # on/off switch - starts parsing when we see 'Interesting..' # if line contains 'Interesting ports...' if re.search(startmatch, line): # split line into atoms words = string.split(line) # if there are 5 words there is a hostname as well as IP if len(words)>4: ip = re.sub(r'[():]','',words[4]) hostname = words[3] if debug: print ip, hostname # otherwise we only have an IP else: ip = re.sub(r'[():]','',words[3]) hostname = '' if debug: print ip, hostname # endif switch = 0 # endif startmatch else: # elseif switch # if line contains 'open', add it to the list of ports if re.search('open', line): words = string.split(line) openports += [(string.split(words[0],'/'))[0]] # get services versions if appropriate foo = len(words) if (foo > 3): temp = '' for bar in range(3,foo): temp += str(words[bar]) if (bar < foo-1): temp += " " temp += ", " versions += temp if debug: print openports, versions # OS guess if re.search('OS details:', line): words = string.split(line,':') osguess = string.strip(words[1]) if debug: print osguess # if we're at the end of the record (blank line) if re.search(r'^\s+',line): lineno += 1 results += [[]] # start building results line results[lineno] = [hostname,ip,osguess] # do the x's in the columns for key in keys: if str(key) in openports: results[lineno] += ['X'] else: results[lineno] += [' '] # build the "otherports" values for port in openports: if int(port) not in keys: otherports += str(port) otherports += ", " if debug: print otherports # get rid of the trailing comma and space if len(otherports): otherports = otherports[0:len(otherports)-2] results[lineno] += [otherports] # get rid of the trailing comma and space if len(versions): versions = versions[0:len(versions)-2] results[lineno] += [versions] if debug: print results[lineno] # reset all the temp vars switch = 1 ip = '' hostname = '' osguess = '' openports = [] versions = '' otherports = '' # endif switch # endfor line input.close() # print it all out ping = len(results) # lines pong = len(results[0]) # fields for matrixline in range(ping): pang = '' # temp string to build each line nicely. Excel CSV is a bit picky for matrixitem in range(pong): if "," in str(results[matrixline][matrixitem]): # handle commas in field pang += '"%s"' % str(results[matrixline][matrixitem]) else: pang += str(results[matrixline][matrixitem]) if (matrixitem < pong-1): pang += ',' # delimit with commas print pang