Comments (11)
Hey @thezoomerhacker I've updated and tested all three of my scripts with support for JSON parsing. Thanks again. I've updated the gists and I've also create a new github repo that has all three of the scripts: https://github.com/iknowjason/masscan_nmap
from masscan.
Can't believe this has been an open issue for 6 years.. It's such a critical feature
from masscan.
I've also asked multiple people at the nmap project about this and their complaint is that for the -iL functionatlity to take something like
ip:port1,port2,port3
would take a full rewrite of their core code. so they've been sat on it as well
having the ability to do such a thing would literally revolutionize portscanning, and make scanning in general way way way less hamfisted.
from masscan.
It shouldn't be that complicated for a basic workaround.. If Masscan was able to produce outputs such as:
10.0.0.1 -p U:1337,T:23,80,443
10.0.0.2 -p U:31337,T:22,8080,9000
then I could just output the result to a text file and run:
for item in $(cat output.txt); do nmap -sV -sA -sU $item; done
from masscan.
I put together a script to do what I described above, hopefully it will at least provide some automation until Masscan/Nmap implement the functionality :)
from masscan.
It is interesting that you can't supply nmap with targets in the form of 'ip:port1,port2,port3' and you can only supply targets as IP addresses. I've created three scripts that automate masscan and nmap together. Based on how automated you are trying to do it, you can use one of the three. Thanks @Crypto-Cat for the idea, i've modeled one of them after yours. Here they are:
https://gist.github.com/iknowjason/f14f0cce2e5fb0c5171f0bbe77521f41
https://gist.github.com/iknowjason/4dc9c99468503341569ed25deddb51c8
https://gist.github.com/iknowjason/00dfd887ff3c700811d0869ac43c6abf
from masscan.
@iknowjason I really suggest using the -oJ output format. The greppable format can be used but splitting by space is not enough (your script doesn't currently work). By using the JSON output you can literally read the file and "transform" it into a python obj/dict and go from there
from masscan.
@thezoomerhacker Thanks for the suggestion. That can be easily done and I can do it in the next iteration. I had thought to do that with JSON but thought greppable would still be nice for analysis afterward. Question for you though, which script doesn't work for you - v1, v2, or v3? What version of masscan are you running? It might be the version of masscan and outputting a space differently than the version I used in my testbed. All three of my scripts worked with greppable output from masscan. That might explain the difference. Regardless, very good suggestion and thanks!
from masscan.
hey @iknowjason, I'm on version 1.0.6
and yeah, testing the script I realized the masscan output messes with the spaces. That's also why I suggested JSON in the first place. I managed to quickly edit your script and get it to work using the -oJ output format. I have it in local but here's the main difference
with open('%s' % str(sys.argv[1])) as f:
loaded_json = json.load(f)
for x in loaded_json:
### Parse the port only if open (if you want TCP ports only - specify here)
if x["ports"][0]["status"] == "open":
port = x["ports"][0]["port"]
ip_addr = x["ip"]
### Add the IP address to dictionary if it doesn't already exist
try:
hosts[ip_addr]
except KeyError:
hosts[ip_addr] = {}
### Add the port list to dictionary if it doesn't already exist
try:
hosts[ip_addr][ports]
except KeyError:
hosts[ip_addr][ports] = []
## append the port to the list
if port in hosts[ip_addr][ports]:
pass
else:
hosts[ip_addr][ports].append(port)
from masscan.
@thezoomerhacker I see an issue for sure. I developed the scripts on Mac OS running masscan 1.04. Your JSON adaption doesn't even work with 1.04 outputted JSON file. Getting a JSON error parsing. I switched over to Linux with masscan 1.06 and your code above works just fine.
from masscan.
@iknowjason I see...it really does depend on the masscan version there's no workaround unfortunately. Good to know, thank you!
from masscan.
Related Issues (20)
- Adapter port issue HOT 2
- Suggestions for automatic adjustment of max-rate HOT 1
- Ref. Id meaning & documentation HOT 1
- How can I only capture the HTML TITLE and not other types of metadata? HOT 1
- please add featrue which suport SOCKS5 proxy scan HOT 2
- Would you be willing to create a recent release with a tag so we can link to that version from the FSD?
- make install cc -g -ggdb -Wall -O2 -c src/pixie-threads.c -o tmp/pixie-threads.o src/pixie-threads.c:51:5: error: call to undeclared function 'pthread_setschedprio'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 51 | pthread_setschedprio(thread, max_prio_for_policy); | ^ src/pixie-threads.c:51:5: note: did you mean 'pthread_setschedparam'? /data/data/com.termux/files/usr/include/pthread.h:348:5: note: 'pthread_setschedparam' declared here 348 | int pthread_setschedparam(pthread_t HOT 1
- UDP scan returning less results than nmap - only one payload per port sent HOT 1
- PF_RING Alternative HOT 2
- custom format output
- -
- IPv6 Scan is unusable for such small ranges
- how can i force the tool to not shows the status line ( while the tool is doing its job )? HOT 1
- Selftest Failure HOT 2
- Debian 6.0.10 HOT 1
- #559 still not fixed? (`CONF: unknown config option: nocapture=servername`)
- Typo in the suggested solution when scanning with IPv6
- Randomize port scanning order HOT 3
- Reproducible segmentation fault HOT 2
- Finally masscan working for termux without connect to wlan. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from masscan.