You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When parsing Nmap XML files with service detection I ran into an interesting scenario: Let's assume I have the following script output in a file: <script id="http-server-header" output="CerberusFTPServer/11.0"><elem>CerberusFTPServer/11.0</elem></script>
This will result in the following object in the attribute services of NmapHost (NmapService): {'id': 'http-server-header', 'output': 'CerberusFTPServer/11.0', 'elements': {None: 'CerberusFTPServer/11.0'}}
As the output shows, the key inside elements is None. This may lead to problems when processing the data with other software, i.e. elasticsearch.
In comparison other elements within the XML have a key attribute which seems to be used like here: <script id="http-methods" output="
 Supported Methods: GET HEAD POST OPTIONS"><table key="Supported Methods"><elem>GET</elem><elem>HEAD</elem><elem>POST</elem><elem>OPTIONS</elem></table></script>
This results in: {'id': 'http-methods', 'output': '\n Supported Methods: GET HEAD POST OPTIONS', 'elements': {'Supported Methods': {None: ['GET', 'HEAD', 'POST', 'OPTIONS']}}}
(Please note the key inside Supported Methods is also None.)
Tested with libnmap versions 0.7.0 and 0.7.2. Nmap version 7.80.
The text was updated successfully, but these errors were encountered:
I experienced this same issue. This only seems to happen with certain NSE scan modules.
The data above (for the http=methods NSE scan results) SHOULD look like this {'id': 'http-methods', 'output': '\n Supported Methods: GET HEAD POST OPTIONS', 'elements': {'Supported Methods': ['GET', 'HEAD', 'POST', 'OPTIONS']}}
Where the Supported Methods key has an array as its value rather than a dictionary (object).
This same issue also occurs in the ssl-cert NSE scan within the extensions sub-key.
To be more specific, I have identified that the problem seems to be occurring in the the elements attribute of an NSE object. I think you can access it by like this:
nmap_process = NmapProcess(targets=target_list)
nmap_process_output = NmapParser.parse(nmap_process.stdout)
hosts = nmap_process_output.hosts
for host in hosts:
services = host.services
for service in services:
nse_results = service.script_results
for nse_script in nse_results:
nse_id = nse_script.get('id')
nse_output = nse_script.get('output')
nse_elements = nse_script.get('elements') # THIS IS WHERE THE PROBLEM APPEARS TO BE
When parsing Nmap XML files with service detection I ran into an interesting scenario: Let's assume I have the following script output in a file:
<script id="http-server-header" output="CerberusFTPServer/11.0"><elem>CerberusFTPServer/11.0</elem></script>
This will result in the following object in the attribute
services
ofNmapHost
(NmapService
):{'id': 'http-server-header', 'output': 'CerberusFTPServer/11.0', 'elements': {None: 'CerberusFTPServer/11.0'}}
As the output shows, the key inside
elements
isNone
. This may lead to problems when processing the data with other software, i.e. elasticsearch.In comparison other elements within the XML have a
key
attribute which seems to be used like here:<script id="http-methods" output="
 Supported Methods: GET HEAD POST OPTIONS"><table key="Supported Methods"><elem>GET</elem><elem>HEAD</elem><elem>POST</elem><elem>OPTIONS</elem></table></script>
This results in:
{'id': 'http-methods', 'output': '\n Supported Methods: GET HEAD POST OPTIONS', 'elements': {'Supported Methods': {None: ['GET', 'HEAD', 'POST', 'OPTIONS']}}}
(Please note the key inside
Supported Methods
is alsoNone
.)Tested with libnmap versions 0.7.0 and 0.7.2. Nmap version 7.80.
The text was updated successfully, but these errors were encountered: