No announcement yet.

Nmap Batch Script

  • Filter
  • Time
  • Show
Clear All
new posts

  • Nmap Batch Script

    Nmap's new version now has the ability to scan for the conflicker worm. As far as I know, there isn't a functionality from Nmap that allows you to output the results in a nice way.

    This is the Nmap command:

    nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [target]
    The output which has multiple hosts and results looks something like this:

    Host is up (0.016s latency).
    Interesting ports on
    139/tcp open  netbios-ssn
    445/tcp open  microsoft-ds
    MAC Address: 00:50:DA:57:A5:87 (3com)
    Host script results:
    |  smb-check-vulns:  
    |  MS08-067: Check disabled (remove 'safe=1' argument to run)
    |  Conficker: Likely INFECTED
    |_ regsvc DoS: Check disabled (add --script-args=unsafe=1 to run)
    Anyone know how to just parse out the hosts that are "Likely INFECTED"?
    Last edited by ekrengel; 6th April 2009, 19:07.

  • #2
    Re: Nmap Batch Script

    I think I found what I need here:

    But I just need some help modifying the code below in blue. It is looking to open a text file...but I need it to read the current output of the nmap scan. If it can't do that, I guess I can wait for the scan to finish and then run this script on the text file itself.

    @echo off & setlocal disabledelayedexpansion
    SET _help=Usage: nmap_conflicker {target_ip}
    if "%1" == "" goto help
    SET linesb4=10
    SET linesafter=1
    SET /a Totallines=1+%linesb4%+%Linesafter%
    SET _target=%1
    SET _what=-PN -T4 -p139,445 -n -v
    SET _opt=--script=smb-check-vulns --script-args safe=1
    ECHO Running conflicker scan on %_target%...
    for %%a in (nmap.exe %_what% %_opt% %_target%) do (
        Set StartLines=
        echo %%~na | find /i "_markers"
        if errorlevel 1 for /f "Tokens=1 delims=[]" %%b in ('type "%%a" ^| find /n "Likely INFECTED"') do (
            Set /a Lineb4Marker=%%b-%Linesb4%
            If !Lineb4Marker! LSS 1 Set Lineb4Marker=1
            Set StartLines=!StartLines!#!Lineb4Marker!
        if defined StartLines CALL :GetLines "%%a" "%%~na_Markers.txt" !StartLines:~1! %Totallines%
    DEL %2
    Set StartLines=%3
    Set StartLines=!StartLines:#=;!
    Set line=1
    Set WithinMarker=
    Set NextLine=
    Set RemainLines=
    for %%d in (!StartLines!) do If not defined NextLine (Set NextLine=%%d) ELSE (Set RemainLines=!RemainLines!;%%d)
    Set RemainLines=!RemainLines:~1!
    for /f "tokens=1,* delims=]" %%c in ('type %1 ^| find /n /v ""') do (
        if !line! == !NextLine! (
            Set WithinMarker=%4
            Set NextLine=
            Set StartLines=
            for %%e in (!RemainLines!) do If not defined NextLine (Set NextLine=%%e) ELSE (Set StartLines=!StartLines!;%%e)
            Set RemainLines=!StartLines:~1!
            if not defined StartLines set RemainLines=
        if defined WithinMarker (
            echo %%d | find /i "echo is on."
            if not errorlevel 1 (
            ) else (   
                echo %%d>>%2
            Set /a WithinMarker-=1
            if !WithinMarker! == 0 Set WithinMarker=
        Set /a line+=1
    ECHO %_help%


    • #3
      Re: Nmap Batch Script

      Not exactly working out how I thought...I guess I don't really understand this script.

      The results file has to be created...but even when it exists...the script deletes it after running, weird. Something with this line:

      if defined StartLines CALL :GetLines "%%a" "%%~na_Markers.txt" !StartLines:~1! %Totallines%


      • #4
        Re: Nmap Batch Script

        There is a perl script from nmap that will do no need for a batch script anymore.