Weblog entry #11 for nicc777

See all weblog entries made by nicc777.

XML logo

#11
NMAP One Liner
Posted by nicc777 on Mon 2 Oct 2006 at 12:04
Tags: none.

I recently wanted to check which servers on a large sub-net was listening on port 22/tcp.

Now nmap is obviously the tool to use, but the output was very long, and not all that clear. Here is a quick one liner I did, and maybe some one else can use this as well. 

$ nmap -P0 -sT -p22 10.0.102.0/23 | perl -e 'while(<>){ chomp; push( @l, $_ ); } $lc = -1; foreach $t ( @l ) { $lc++; if( $t =~ /Interesting ports on (\d+\.\d+\.\d+\.\d+)/ ) { $ip = $1; $nlc = $lc + 2; if( $l[$nlc] =~ /open/ ) { print "IP: $ip\t\t$l[$nlc]\n"; } } }'
IP: 10.0.102.3                22/tcp open  ssh
IP: 10.0.102.4                22/tcp open  ssh
IP: 10.0.102.5                22/tcp open  ssh
IP: 10.0.102.54               22/tcp open  ssh
IP: 10.0.102.57               22/tcp open  ssh
IP: 10.0.102.58               22/tcp open  ssh
IP: 10.0.102.59               22/tcp open  ssh
IP: 10.0.102.69               22/tcp open  ssh
IP: 10.0.102.250              22/tcp open  ssh
IP: 10.0.102.251              22/tcp open  ssh
IP: 10.0.103.54               22/tcp open  ssh
IP: 10.0.103.57               22/tcp open  ssh
IP: 10.0.103.58               22/tcp open  ssh
IP: 10.0.103.59               22/tcp open  ssh
IP: 10.0.103.69               22/tcp open  ssh
[ 2 Comments | Add Comment | XML logo ]
<<< Previous Next >>>

 

Comments on this Entry

#1
Re: NMAP One Liner
Posted by spiney (85.124.xx.xx) on Tue 10 Oct 2006 at 08:25
[ Send Message ]
Just a suggestion: using the option 
-oG -
you don't have to fiddle around so much, since that writes the result in 'grep-able' form in one line per host.

Kind regards
--
Debian GNU/Linux on an IBM Thinkpad T43p

[ Parent | Reply to this comment ]

#2
Re: NMAP One Liner
Posted by Anonymous (67.189.xx.xx) on Wed 11 Oct 2006 at 11:45
Dude, I don't think that qualifies as a one liner. I mean, technically, yeah, maybe, since you did get it to fit on a single line, but that is script. Have fun typing that every time you use nmap. This one is shorter: nmap -p 22 127.0.0.1 | grep open -B2 | grep Interesting | cut -d' ' -f5 It's kind of messy, with the colon and parenthises. But it is a lot shorter, easier to type, less prone to typos, and doesn't require installing perl. Here's one that is a little bit longer, but cleaner: nmap -p 22 127.0.0.1 | grep open -B2 | grep Interesting | cut -d' ' -f5 | cut -d'(' -f2 | cut -d')' -f1 I do have to give you credit for having the open port number on the line though. With these simpler one-liners, you have to remember what port you were looking for. Your "one-liner" would fit well in a script. It's true. Grep is great for formatting output. So is cut. So is perl. And don't forget to optimize nmap!

[ Parent | Reply to this comment ]

User Login

Username:

Password:

[ Advanced Login ]

Register Account

Quick Site Search