Accessing NTP-MONLIST NSE results

[xqxq]

Hi

I am trying to scan for and retrieve the NTP-MONLIST Results.

I end with with a KEYERROR when trying to reference the NTP-MONLIST results.

Please see below my scripts and testing.

Any guidance will be much appreciated!

-John

When I run the nmap command manually I get the results as part of the XML results:

[root@localhost python]# /usr/bin/nmap -oX - -vvv --stats-every 2s -sU -pU:123 -n -Pn --script=ntp-monlist 127.0.0.1

<script id="ntp-monlist" output=" Target is synchronised with 206.186.121.118 Alternative Target Interfaces: 192.168.64.144 Public Servers (4) 24.87.64.125 67.215.197.149 142.137.247.109 206.186.121.118 Private Clients (1) 127.0.0.1 "/>

---

This is my script:

!/usr/bin/python

from libnmap.process import NmapProcess
from libnmap.parser import NmapParser, NmapParserException
from libnmap.objects import NmapReport, NmapHost, NmapService

start a new nmap scan on localhost with some specific options

def do_scan(targets, options):
nm = NmapProcess(targets, options, safe_mode=False)
rc = nm.run()
if rc != 0:
print "nmap scan failed: %s" % (nm.stderr)

try:
    parsed = NmapParser.parse(nm.stdout)
except NmapParserException as e:
    print "Exception raised while parsing scan: %s" % (e.msg)

return parsed

print scan results from a nmap report

def print_scan(nmap_report):
print "Starting Nmap {0} ( http://nmap.org ) at {1}".format(
nmap_report._nmaprun['version'],
nmap_report._nmaprun['startstr'])

for host in nmap_report.hosts:
    if len(host.hostnames):
        tmp_host = host.hostnames.pop()
    else:
        tmp_host = host.address

    print "Nmap scan report for {0} ({1})".format(
        tmp_host,
        host.address)
    print "Host is {0}.".format(host.status)
    print "  PORT     STATE         SERVICE"

    for serv in host.services:
        pserv = "{0:>5s}/{1:3s}  {2:12s}  {3}".format(
                str(serv.port),
                serv.protocol,
                serv.state,
                serv.service)
        if len(serv.banner):
            pserv += " ({0})".format(serv.banner)
        print pserv
print nmap_report.summary

print "++++++++++++++++++++++"
print "nmap_report.commandline: ", nmap_report.commandline
print "++++++++++++++++++++++"

print "===================="
print "HOST.address: ", host.address
print "HOST.mac: ", host.mac
print "HOST.scripts_results: ", (host.scripts_results['ntp-monlist'])
print "TGTPORT: ", TGTPORT
print "HOST.services: ", host.services
print "===================="

if name == "main":
global DEBUG
DEBUG = 0

TGTHOST = "127.0.0.1"
TGTPROTO = "udp"
NMAP_PROTO = " -sU -pU:"
TGTPORT = 123

report = do_scan(TGTHOST, NMAP_PROTO + str(TGTPORT) + " -n -Pn --script=ntp-monlist ")

print_scan(report)

This is the output I get from the command_line:

[root@localhost python]# ./libnmap_testing.py
Starting Nmap 5.51 ( http://nmap.org ) at Fri May 16 13:10:26 2014
Nmap scan report for 127.0.0.1 (127.0.0.1)
Host is up.
PORT STATE SERVICE
123/udp open ntp
Nmap done at Fri May 16 13:10:26 2014; 1 IP address (1 host up) scanned in 0.08 seconds
++++++++++++++++++++++
nmap_report.commandline: /usr/bin/nmap -oX - -vvv --stats-every 2s -sU -pU:123 -n -Pn --script=ntp-monlist 127.0.0.1

++++++++++++++++++++++

HOST.address: 127.0.0.1
HOST.mac:
HOST.scripts_results:
Traceback (most recent call last):
File "./libnmap_testing.py", line 76, in
print_scan(report)
File "./libnmap_testing.py", line 57, in print_scan
print "HOST.scripts_results: ", (host.scripts_results['ntp-monlist'])

KeyError: 'ntp-monlist'

[savon-noir]

could you please gist your script and paste the link?

[savon-noir]

1. this nse script seems to require root privs and you are running NmapProcess.run()
2. your code is not check NmapProcess.rc ==0
3. you should also check if key exists in scripts_results (although, i must admit, a clear API should be implemented here
4. scripts_results is accessible from NmapService object, not NmapHost
5. as documented, NmapService.scripts_results returns an array of dict (again I should implement proper API, but still, documentation is there)

... i think the issue is related to the way you use the lib. I'll make you a quick sample.

[savon-noir]

this works for me. good luck.

https://gist.github.com/savon-noir/84c6165e8ce130135e0d

[xqxq]

I am quite new to object oriented programming so I apologize in advance if I seem dense.

I looked at your example and I am wondering if you pasted the wrong script as the output shows the script name ntp-monlist and the script posted is ntpmon.py.

Your example is reading the results from a file.

I was trying to get the result directly from NMAP output without writing to a file first, is that possible or do I have to write the results out and then go back and read the file?

Thanx in advance for your assistance!

[xqxq]

Here is the GIST Link: https://gist.github.com/xqxq/8ddae3bb9a82be5089ec

[savon-noir]

https://gist.github.com/savon-noir/63969d0a4001cba60fcf

try this kind of things... should work but i haven't tested...no time. Your problems are not related to this lib. If you need python guidance, I would suggest you to go on #python on irc.freenode.net there is an awesome community of ppl there willing to help.

Also, I suggest you to read the doc: https://libnmap.readthedocs.org/en/latest/ and understand how to use the lib (and check other code examples).

[xqxq]

The issue I had was with referencing the objects - your example clarified the correct syntax.

Thanx so much for your time - I am on the road now.

[xqxq]

Have a working script now - thanks so much for your time!! Still getting the hang of object oriented referencing.

Have a great week!