dradis-nmap 3.18.0

data/README.md

@@ -0,0 +1,27 @@
+# Nmap plugin for Dradis
+
+[![Build Status](https://secure.travis-ci.org/dradis/dradis-nmap.png?branch=master)](http://travis-ci.org/dradis/dradis-nmap) [![Code Climate](https://codeclimate.com/github/dradis/dradis-nmap.png)](https://codeclimate.com/github/dradis/dradis-nmap.png)
+
+Upload Nmap files into Dradis.
+
+The add-on requires [Dradis CE](https://dradisframework.org/) > 3.0, or [Dradis Pro](https://dradisframework.com/pro/).
+
+
+## More information
+
+See the Dradis Framework's [README.md](https://github.com/dradis/dradisframework/blob/master/README.md)
+
+
+## Contributing
+
+See the Dradis Framework's [CONTRIBUTING.md](https://github.com/dradis/dradisframework/blob/master/CONTRIBUTING.md)
+
+
+## License
+
+Dradis Framework and all its components are released under [GNU General Public License version 2.0](http://www.gnu.org/licenses/old-licenses/gpl-2.0.html) as published by the Free Software Foundation and appearing in the file LICENSE included in the packaging of this file.
+
+
+## Feature requests and bugs
+
+Please use the [Dradis Framework issue tracker](https://github.com/dradis/dradis-ce/issues) for add-on improvements and bug reports.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/dradis-nmap.gemspec

@@ -0,0 +1,34 @@
+$:.push File.expand_path('../lib', __FILE__)
+require 'dradis/plugins/nmap/version'
+version = Dradis::Plugins::Nmap::VERSION::STRING
+
+# Describe your gem and declare its dependencies:
+Gem::Specification.new do |spec|
+  spec.platform    = Gem::Platform::RUBY
+  spec.name        = 'dradis-nmap'
+  spec.version     = version
+  spec.summary     = 'Nmap add-on for the Dradis Framework.'
+  spec.description = 'This add-on allows you to upload and parse output produced from Nmap web server scanner into Dradis.'
+
+  spec.license     = 'GPL-2'
+
+  spec.authors     = ['Daniel Martin']
+  spec.email       = ['etd@nomejortu.com']
+  spec.homepage    = 'http://dradisframework.org'
+
+  spec.files       = `git ls-files`.split($\)
+  spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  spec.test_files  = spec.files.grep(%r{^(test|spec|features)/})
+
+  # By not including Rails as a dependency, we can use the gem with different
+  # versions of Rails (a sure recipe for disaster, I'm sure), which is needed
+  # until we bump Dradis Pro to 4.1.
+  # s.add_dependency 'rails', '~> 4.1.1'
+  spec.add_dependency 'dradis-plugins', '~> 3.6'
+  spec.add_dependency 'ruby-nmap', '~> 0.7'
+
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec-rails'
+  spec.add_development_dependency 'combustion', '~> 0.5.2'
+end

data/lib/dradis-nmap.rb

@@ -0,0 +1,8 @@
+# Hook to the framework base clases
+require 'dradis-plugins'
+
+# Load this add-on's engine
+require 'dradis/plugins/nmap'
+
+# Require ruby-nmap gem classes
+require 'nmap/xml'

data/lib/dradis/plugins/nmap.rb

@@ -0,0 +1,11 @@
+module Dradis
+  module Plugins
+    module Nmap
+    end
+  end
+end
+
+require 'dradis/plugins/nmap/engine'
+require 'dradis/plugins/nmap/field_processor'
+require 'dradis/plugins/nmap/importer'
+require 'dradis/plugins/nmap/version'

data/lib/dradis/plugins/nmap/engine.rb

@@ -0,0 +1,13 @@
+module Dradis
+  module Plugins
+    module Nmap
+      class Engine < ::Rails::Engine
+        isolate_namespace Dradis::Plugins::Nmap
+
+        include ::Dradis::Plugins::Base
+        description 'Processes Nmap output'
+        provides :upload
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/field_processor.rb

@@ -0,0 +1,78 @@
+module Dradis
+  module Plugins
+    module Nmap
+      class FieldProcessor < Dradis::Plugins::Upload::FieldProcessor
+        def post_initialize(args={})
+          if data.kind_of?(::Nmap::Host) || data.kind_of?(::Nmap::Port)
+            @nmap_object = data
+          elsif data.name == 'host'
+            @nmap_object = ::Nmap::Host.new(data)
+          elsif data.name == 'port'
+            @nmap_object = ::Nmap::Port.new(data)
+          end
+        end
+
+        def value(args={})
+          field = args[:field]
+          # fields in the template are of the form <foo>.<field>, where <foo>
+          # is common across all fields for a given template (and meaningless).
+          type, name, attribute = field.split('.')
+          if type == 'host'
+            host_value(name)
+          elsif type == 'port'
+            port_value(name, attribute)
+          end
+        end
+
+        private
+        def host_value(name)
+          if name == 'hostnames'
+            @nmap_object.hostnames.uniq.map(&:to_s).sort.join(', ')
+          elsif name == 'service_table'
+            host_service_table
+          else
+            @nmap_object.try(name) || 'n/a'
+          end
+        end
+
+        def port_value(name, attribute = nil)
+          if attribute
+            # port.service.name
+            # port.service.product
+            # port.service.version
+            if @nmap_object.service
+              if attribute == 'tunnel'
+                @nmap_object.service.try(:ssl?) ? 'ssl' : 'n/a'
+              else
+                @nmap_object.service.try(attribute) || 'n/a'
+              end
+            end
+          else
+            @nmap_object.try(name) || 'n/a'
+          end
+        end
+
+        def host_service_table
+          ports = []
+          # Build up a Services table with all the available information about each
+          # individual port.
+          @nmap_object.each_port do |port|
+            port_info = ''
+            port_info << "| #{port.number} | #{port.protocol} | #{port.state} (#{port.reason}) |"
+            if (srv = port.service)
+              port_info << " #{srv.try('name') || ''} |"
+              port_info << " #{srv.try('product') || ''} |"
+              port_info << " #{srv.try('version') || ''} |"
+            else
+              port_info << "  |  |  |"
+            end
+            port_info << "\n"
+            ports << port_info
+          end
+          ports.join
+        end
+
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/gem_version.rb

@@ -0,0 +1,19 @@
+module Dradis
+  module Plugins
+    module Nmap
+      # Returns the version of the currently loaded Dradis as a <tt>Gem::Version</tt>
+      def self.gem_version
+        Gem::Version.new VERSION::STRING
+      end
+
+      module VERSION
+        MAJOR = 3
+        MINOR = 18
+        TINY = 0
+        PRE = nil
+
+        STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/importer.rb

@@ -0,0 +1,80 @@
+module Dradis::Plugins::Nmap
+  class Importer < Dradis::Plugins::Upload::Importer
+    # The framework will call this function if the user selects this plugin from
+    # the dropdown list and uploads a file.
+    # @returns true if the operation was successful, false otherwise
+    def import(params={})
+
+      logger.info{ "Parsing Nmap output from #{ params[:file] }..." }
+      doc = Nmap::XML::new(params[:file])
+      logger.info{ 'Done.' }
+
+      logger.info{ 'Validating Nmap output...' }
+      if doc.hosts.empty?
+        error = {
+          'Title' => 'Invalid file format',
+          'File name' => File.basename(params[:file]),
+          'Description' => "The file you uploaded doesn't seem to be a valid Nmap XML file."
+        }
+        logger.fatal{ error['Description'] }
+        error = error.map{|k,v| "#[%s]#\n%s\n" % [k, v] }.join("\n\n")
+        content_service.create_note text: error
+        return false
+      end
+      logger.info{ 'Done.' }
+
+      # TODO: do something with the Nmap::Parser::Session information
+      port_notes_to_add = {}
+
+      doc.each_host do |host|
+        host_label = host.ip
+        host_node = content_service.create_node(label: host_label, type: :host)
+        logger.info{ "New host: #{ host_label }" }
+
+        # Set basic host properties
+        host_node.set_property(:ip, host.ip)
+        host_node.set_property(:hostname, host.hostnames.map(&:name)) if host.hostnames.present?
+        host_node.set_property(:os, host.os.matches.map(&:name)) if host.os.present?
+
+        # Old-style properties-in-a-note approach
+        host_text = template_service.process_template(template: 'host', data: host)
+        content_service.create_note(text: host_text, node: host_node)
+
+        host.each_port do |port|
+          logger.info { "\tNew port: #{port.number}/#{port.protocol}" }
+
+          service = {
+            port: port.number,
+            protocol: port.protocol.to_s,
+            state: port.state.to_s,
+            reason: port.reason,
+            name: port.try(:service).try(:name),
+            product: port.try(:service).try(:product),
+            tunnel: port.try(:service).try(:ssl?) ? 'ssl' : 'n/a',
+            version: port.try(:service).try(:version),
+            source: :nmap,
+          }
+
+          # Node#set_service will store these under
+          # Node#properties[:service_extras]:
+          port.scripts.each { |k, v| service[k] = v } if port.try(:scripts)
+
+          host_node.set_service(service)
+
+          # HACK: patch in a `host` method to `Nmap::Port`
+          # so we can use it in the template:
+          port.class.module_eval { attr_accessor :host }
+          port.host = host.ip
+
+          # Add a note with the port information
+          port_text = template_service.process_template(template: 'port', data: port)
+          content_service.create_note(
+            text: port_text,
+            node: host_node)
+        end
+
+        host_node.save
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/version.rb

@@ -0,0 +1,13 @@
+require_relative 'gem_version'
+
+module Dradis
+  module Plugins
+    module Nmap
+      # Returns the version of the currently loaded Nmap as a
+      # <tt>Gem::Version</tt>.
+      def self.version
+        gem_version
+      end
+    end
+  end
+end

data/lib/tasks/thorfile.rb

@@ -0,0 +1,23 @@
+class NmapTasks < Thor
+  include Rails.application.config.dradis.thor_helper_module
+
+  namespace "dradis:plugins:nmap"
+
+  desc      "upload FILE", "upload the results of an Nmap scan"
+  long_desc "Upload an Nmap scan to create nodes and notes for the hosts and "\
+            "ports discovered during scanning."
+
+  def upload(file_path)
+    require 'config/environment'
+
+    unless File.exists?(file_path)
+      $stderr.puts "** the file [#{file_path}] does not exist"
+      exit(-1)
+    end
+
+    detect_and_set_project_scope
+
+    importer = Dradis::Plugins::Nmap::Importer.new(task_options)
+    importer.import(file: file_path)
+  end
+end

data/spec/fixtures/files/invalid.xml

@@ -0,0 +1 @@
+<foo></foo>

data/spec/fixtures/files/nse-01.xml

@@ -0,0 +1,127 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
+<!-- Nmap 6.00 scan initiated Fri Aug  5 01:49:41 2016 as: nmap -sC -vv -T4 -oX scanme-01.xml scanme.nmap.org -->
+<nmaprun scanner="nmap" args="nmap -sC -vv -T4 -oX scanme-01.xml scanme.nmap.org" start="1470376181" startstr="Fri Aug  5 01:49:41 2016" version="6.00" xmloutputversion="1.04">
+  <scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
+  <verbose level="2"/>
+  <debugging level="0"/>
+  <taskbegin task="Ping Scan" time="1470376181"/>
+  <taskend task="Ping Scan" time="1470376181" extrainfo="1 total hosts"/>
+  <taskbegin task="Parallel DNS resolution of 1 host." time="1470376181"/>
+  <taskend task="Parallel DNS resolution of 1 host." time="1470376181"/>
+  <taskbegin task="SYN Stealth Scan" time="1470376181"/>
+  <taskend task="SYN Stealth Scan" time="1470376187" extrainfo="1000 total ports"/>
+  <taskbegin task="NSE" time="1470376187"/>
+  <taskend task="NSE" time="1470376192"/>
+  <host starttime="1470376181" endtime="1470376192">
+    <status state="up" reason="reset"/>
+    <address addr="45.33.32.156" addrtype="ipv4"/>
+    <hostnames>
+      <hostname name="scanme.nmap.org" type="user"/>
+      <hostname name="scanme.nmap.org" type="PTR"/>
+    </hostnames>
+    <ports>
+      <extraports state="closed" count="979">
+        <extrareasons reason="resets" count="979"/>
+      </extraports>
+      <port protocol="tcp" portid="22">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="ssh" method="table" conf="3"/>
+        <script id="ssh-hostkey" output="1024 ac:00:a0:1a:82:ff:cc:55:99:dc:67:2b:34:97:6b:75 (DSA)&#10;ssh-dss AAAAB3NzaC1kc3MAAACBAOe8o59vFWZGaBmGPVeJBObEfi1AR8yEUYC/Ufkku3sKhGF7wM2m2ujIeZDK5vqeC0S5EN2xYo6FshCP4FQRYeTxD17nNO4PhwW65qAjDRRU0uHFfSAh5wk+vt4yQztOE++sTd1G9OBLzA8HO99qDmCAxb3zw+GQDEgPjzgyzGZ3AAAAFQCBmE1vROP8IaPkUmhM5xLFta/xHwAAAIEA3EwRfaeOPLL7TKDgGX67Lbkf9UtdlpCdC4doMjGgsznYMwWH6a7Lj3vi4/KmeZZdix6FMdFqq+2vrfT1DRqx0RS0XYdGxnkgS+2g333WYCrUkDCn6RPUWR/1TgGMPHCj7LWCa1ZwJwLWS2KX288Pa2gLOWuhZm2VYKSQx6NEDOIAAACBANxIfprSdBdbo4Ezrh6/X6HSvrhjtZ7MouStWaE714ByO5bS2coM9CyaCwYyrE5qzYiyIfb+1BG3O5nVdDuN95sQ/0bAdBKlkqLFvFqFjVbETF0ri3v97w6MpUawfF75ouDrQ4xdaUOLLEWTso6VFJcM6Jg9bDl0FA0uLZUSDEHL&#10;2048 20:3d:2d:44:62:2a:b0:5a:9d:b5:b3:05:14:c2:a6:b2 (RSA)&#10;ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6afooTZ9mVUGFNEhkMoRR1Btzu64XXwElhCsHw/zVlIx/HXylNbb9+11dm2VgJQ21pxkWDs+L6+EbYyDnvRURTrMTgHL0xseB0EkNqexs9hYZSiqtMx4jtGNtHvsMxZnbxvVUk2dasWvtBkn8J5JagSbzWTQo4hjKMOI1SUlXtiKxAs2F8wiq2EdSuKw/KNk8GfIp1TA+8ccGeAtnsVptTJ4D/8MhAWsROkQzOowQvnBBz2/8ecEvoMScaf+kDfNQowK3gENtSSOqYw9JLOza6YJBPL/aYuQQ0nJ74Rr5vL44aNIlrGI9jJc2x0bV7BeNA5kVuXsmhyfWbbkB8yGd"/>
+      </port>
+      <port protocol="tcp" portid="25">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="smtp" method="table" conf="3"/>
+        <script id="smtp-commands" output="linqhotel-auth.coxhn.net Hello scanme.nmap.org [10.11.25.150], SIZE 52428800, 8BITMIME, PIPELINING, HELP, &#10; Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP "/>
+      </port>
+      <port protocol="tcp" portid="53">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="domain" method="table" conf="3"/>
+        <script id="dns-nsid" output="&#10;  bind.version: 9.6.1&#10;"/>
+      </port>
+      <port protocol="tcp" portid="80">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="http" method="table" conf="3"/>
+        <script id="http-methods" output="GET HEAD POST OPTIONS"/>
+        <script id="http-title" output="Go ahead and ScanMe!"/>
+        <script id="http-favicon" output="Unknown favicon MD5: 156515DA3C0F7DC6B2493BD5CE43F795"/>
+      </port>
+      <port protocol="tcp" portid="135">
+        <state state="filtered" reason="no-response" reason_ttl="0"/>
+        <service name="msrpc" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="161">
+        <state state="filtered" reason="no-response" reason_ttl="0"/>
+        <service name="snmp" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="163">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="cmip-man" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="445">
+        <state state="filtered" reason="no-response" reason_ttl="0"/>
+        <service name="microsoft-ds" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="749">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="kerberos-adm" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="2381">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="compaq-https" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="2920">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="roboeda" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="5000">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="upnp" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="6669">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="irc" method="table" conf="3"/>
+        <script id="irc-info" output="Unable to open connection"/>
+      </port>
+      <port protocol="tcp" portid="7496">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="7920">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="9929">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="nping-echo" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="10778">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="31337">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="Elite" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="42510">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="caerpc" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="44176">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="49163">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+    </ports>
+    <times srtt="23838" rttvar="2863" to="100000"/>
+  </host>
+  <taskbegin task="NSE" time="1470376192"/>
+  <taskend task="NSE" time="1470376192"/>
+  <runstats>
+    <finished time="1470376192" timestr="Fri Aug  5 01:49:52 2016" elapsed="11.13" summary="Nmap done at Fri Aug  5 01:49:52 2016; 1 IP address (1 host up) scanned in 11.13 seconds" exit="success"/>
+    <hosts up="1" down="0" total="1"/>
+  </runstats>
+</nmaprun>