egghelp.org community Forum Index
[ egghelp.org home | forum home ]		 egghelp.org community
Discussion of eggdrop bots, shell accounts and tcl scripts.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

filter out ports + state

 
Post new topic   Reply to topic    egghelp.org community Forum Index -> Scripting Help
View previous topic :: View next topic  
Author Message
r0t3n
Owner


Joined: 31 May 2005
Posts: 507
Location: UK
PostPosted: Tue Feb 27, 2007 10:08 am    Post subject: filter out ports + state Reply with quote
Im using nmap to do portscan's.

I use:

Code:
set result "[exec nmap -sT -P0 -p <port1,port2,port3,etc> <host/ip>]"


The return result from nmap is:

Quote:
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2007-02-27 08:53 EST
Interesting ports on <resolved.hostname> (0.0.0.0):
PORT STATE SERVICE
1080/tcp closed socks
8080/tcp closed http-proxy
????/??? open/closed ????

Nmap finished: 1 IP address (1 host up) scanned in 0.018 seconds


I need to filter out the:
resolved.hostname (0.0.0.0)
and the port, state, and service name for each port

How can i do this, a simple regexp or a few lrange's or something?

Thanks in advance!
_________________
r0t3n @ #r0t3n @ Quakenet
Back to top
View user's profile Send private message MSN Messenger
user
 


Joined: 18 Mar 2003
Posts: 1452
Location: Norway
PostPosted: Tue Feb 27, 2007 11:54 am    Post subject: Reply with quote
Code:
regexp -line {^Interesting ports on <([^>]+)> \(([^)]+)\)} $result x name ip

_________________
Have you ever read "The Manual"?
Back to top
View user's profile Send private message
r0t3n
Owner


Joined: 31 May 2005
Posts: 507
Location: UK
PostPosted: Wed Feb 28, 2007 7:06 am    Post subject: Reply with quote
Thanks user, that filters out the <resolved.hostmask> (0.0.0.0) bit, but how can i get the port state and service into a list.

I tried a regexp,
It works, but it just returns the first match, i need to filter out all the ports into a list like:

set portlist {
"xxxx/tcp open/closed/filtered ????"
"iiii/tcl open/closed/filtered oooo"
}

So then i can use a foreach loop on portlist

Thanks in advance!
_________________
r0t3n @ #r0t3n @ Quakenet
Back to top
View user's profile Send private message MSN Messenger
rosc2112
Revered One


Joined: 19 Feb 2006
Posts: 1454
Location: Northeast Pennsylvania
PostPosted: Wed Feb 28, 2007 9:16 am    Post subject: Reply with quote
Using regexp:
Code:

foreach line [split $result \n] {
   if {[regexp {(\d/.*?\n)} $result match port]} {
           lappend ports $port
    }
}

Someone else can prolly give a better regex but that should grab the data you want. Then you'll have all of the data in the $ports var.
Back to top
View user's profile Send private message
r0t3n
Owner


Joined: 31 May 2005
Posts: 507
Location: UK
PostPosted: Wed Feb 28, 2007 11:55 am    Post subject: Reply with quote
Thanks guys Smile It works now SmileSmile
_________________
r0t3n @ #r0t3n @ Quakenet
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    egghelp.org community Forum Index -> Scripting Help All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Forum hosting provided by Reverse.net

Powered by phpBB © 2001, 2005 phpBB Group
subGreen style by ktauber