Friday, January 06, 2012

Python-Nmap patch supporting product version

This is a patch code for python-nmap module, to parse product and product version output from nmap result; Or we can simply develop yet-our-own-and-another XML parser, but why bother reinveting the wheel, we can just modify python-nmap to meet our needs. So, thanks to Alex for python-nmap module, and here is the patch to get product and product version.

*** nmap.py.ori 2011-10-09 14:21:55.000000000 +0700
--- nmap.py 2011-12-17 22:33:13.000000000 +0700
***************
*** 7,12 ****
--- 7,13 ----
  Author : Alexandre Norman - norman at xael.org
  Contributors: Steve 'Ashcrow' Milner - steve at gnulinux.net
                Brian Bustin - brian at bustin.us
+ Patch : To support output product and product version by y3dips - y3dips at echo.or.id
  Licence : GPL v3 or any later version
  
  
***************
*** 294,319 ****
                  state = dport.getElementsByTagName('state')[0].getAttributeNode('state').value
                  # reason
                  reason = dport.getElementsByTagName('state')[0].getAttributeNode('reason').value
!                 # name if any
                  name = ''
                  for dname in dport.getElementsByTagName('service'):
                      name = dname.getAttributeNode('name').value
!                 # store everything
                  if not proto in list(scan_result['scan'][host].keys()):
                      scan_result['scan'][host][proto] = {}
                  scan_result['scan'][host][proto][port] = {'state': state,
                                                    'reason': reason,
!                                                   'name': name}
                  script_id = ''
                  script_out = ''
!                 # get script output if any
!                 for dscript in dport.getElementsByTagName('script'):
!                     script_id = dscript.getAttributeNode('id').value
!                     script_out = dscript.getAttributeNode('output').value
!                     if not 'script' in list(scan_result['scan'][host][proto][port].keys()):
!                         scan_result['scan'][host][proto][port]['script'] = {}
! 
!                     scan_result['scan'][host][proto][port]['script'][script_id] = script_out
  
  
          self._scan_result = scan_result # store for later use
--- 295,332 ----
                  state = dport.getElementsByTagName('state')[0].getAttributeNode('state').value
                  # reason
                  reason = dport.getElementsByTagName('state')[0].getAttributeNode('reason').value
!                 # name, product, ostype if any
                  name = ''
+                 
                  for dname in dport.getElementsByTagName('service'):
                      name = dname.getAttributeNode('name').value
!                     try:
!                         product = dport.getElementsByTagName('service')[0].getAttributeNode('product').value
!                     except:
!                         product = None
!                     try:
!                         version = dport.getElementsByTagName('service')[0].getAttributeNode('version').value
!                     except:
!                         version = None
!         # store everything
                  if not proto in list(scan_result['scan'][host].keys()):
                      scan_result['scan'][host][proto] = {}
+                 
                  scan_result['scan'][host][proto][port] = {'state': state,
                                                    'reason': reason,
!                                                   'name': name,
!                                                   'product': product,
!                                                   'version': version}
                  script_id = ''
                  script_out = ''
!         # get script output if any
!             for dscript in dport.getElementsByTagName('script'):
!                 script_id = dscript.getAttributeNode('id').value
!                 script_out = dscript.getAttributeNode('output').value
!                 if not 'script' in list(scan_result['scan'][host][proto][port].keys()):
!                     scan_result['scan'][host][proto][port]['script'] = {}
!             
!                 scan_result['scan'][host][proto][port]['script'][script_id] = script_out
  
  
          self._scan_result = scan_result # store for later use
so, it will give you this kind of output :



>>> scan("192.168.1.1", "80")
[{'product': u'Allegro RomPager', 'version': u'4.07 UPnP/1.0', 'port': 80, 'service':
u'http', 'state': u'open'}]
..and Happy Hacking

1 comment:

  1. Kewl! Btw, what product and product version is this? The target?

    ReplyDelete