Anthony G Persaud > Nmap-Parser-1.3 > nmap2sqlite

Download:
Nmap-Parser-1.3.tar.gz

Annotate this POD

CPAN RT

New  5
Open  0
View/Report Bugs
Source   Latest Release: Nmap-Parser-1.31

NAME ^

nmap2sqlite - turn nmap scan data into entries in SQLite DB

SYNOPSIS ^

 nmap2sqlite.pl [--db ip.db][--table hosts] --xml  <XML_FILE> [<XML_FILE> ...]
 nmap2sqlite.pl [--db ip.db][--table hosts] --scan <IP_ADDR>  [<IP_ADDR> ...]

DESCRIPTION ^

This script uses the nmap security scanner with the Nmap::Parser module in order to take an xml output scan file from nmap (-oX option), and place the information into a SQLite database (ip.db), into table (hosts).

Here is the schema for the table stored in the SQLite database

  ip              TEXT       PRIMARY  KEY NOT NULL,
  mac             TEXT,
  status          TEXT       DEFAULT  'down',
  hostname        TEXT,
  open_ports      TEXT       DEFAULT  'none',
  filtered_ports  TEXT       DEFAULT  'none',
  osname          TEXT,
  osfamily        TEXT,
  osgen           TEXT,
  last_scanned    TIMESTAMP  DEFAULT  CURRENT_TIMESTAMP,
  UNIQUE (ip))

OPTIONS ^

These options are passed as command line parameters. Please use EITHER --scan or --xml. NOT both.

--db DBNAME

Sets the database name to DBNAME.

-h,--help,-?

Shows this help information.

--nmap

The path to the nmap executable. This should be used if nmap is not on your path.

--scan

This will use parsescan() for the scan and take the arguments as IP addreses.

--table TABLE_NAME

Sets the table name to use in the database as TABLE_NAME.

--xml

This will use parsefile() for the input and take the arguments as nmap scan xml files.

TARGET SPECIFICATION ^

This documentation was taken from the nmap man page. The IP address inputs to this scripts should be in the nmap target specification format.

The simplest case is listing single hostnames or IP addresses onthe command line. If you want to scan a subnet of IP addresses, you can append '/mask' to the hostname or IP address. mask must be between 0 (scan the whole internet) and 32 (scan the single host specified). Use /24 to scan a class 'C' address and /16 for a class 'B'.

You can use a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class 'B' network 128.210.*.* by specifying '128.210.*.*' or '128.210.0-255.0-255' or even use the mask notation: '128.210.0.0/16'. These are all equivalent. If you use asterisks ('*'), remember that most shells require you to escape them with back slashes or protect them with quotes.

Another interesting thing to do is slice the Internet the other way.

Examples:

 nmap2sqlite.pl --scan 127.0.0.1
 nmap2sqlite.pl --scan target.example.com
 nmap2sqlite.pl --scan target.example.com/24
 nmap2sqlite.pl --scan 10.210.*.1-127
 nmap2sqlite.pl --scan *.*.2.3-5
 nmap2sqlite.pl --scan 10.[10-15].10.[2-254]

OUTPUT EXAMPLE ^

See the SQLite database that is created. Default ip.db

SUPPORT ^

Discussion Forum

If you have questions about how to use the module, or any of its features, you can post messages to the Nmap::Parser module forum on CPAN::Forum. http://www.cpanforum.com/dist/Nmap-Parser

Bug Reports

Please submit any bugs to: https://github.com/apersaud/Nmap-Parser/issues

Please make sure that you submit the xml-output file of the scan which you are having trouble. This can be done by running your scan with the -oX filename.xml nmap switch. Please remove any important IP addresses for security reasons.

Feature Requests

Please submit any requests to: https://github.com/apersaud/Nmap-Parser/issues

SEE ALSO ^

Nmap::Parser

The Nmap::Parser page can be found at: https://github.com/apersaud/Nmap-Parser/. It contains the latest developments on the module. The nmap security scanner homepage can be found at: http://www.insecure.org/nmap/.

AUTHOR ^

Anthony G Persaud http://anthonypersaud.com

COPYRIGHT ^

Copyright (c) <2003-2009> <Anthony G. Persaud>

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

syntax highlighting: