dradis-nmap 3.1.0

data/lib/dradis-nmap.rb

@@ -0,0 +1,8 @@
+# Hook to the framework base clases
+require 'dradis-plugins'
+
+# Load this add-on's engine
+require 'dradis/plugins/nmap'
+
+# Require ruby-nmap gem classes
+require 'nmap/xml'

data/lib/dradis/plugins/nmap.rb

@@ -0,0 +1,11 @@
+module Dradis
+  module Plugins
+    module Nmap
+    end
+  end
+end
+
+require 'dradis/plugins/nmap/engine'
+require 'dradis/plugins/nmap/field_processor'
+require 'dradis/plugins/nmap/importer'
+require 'dradis/plugins/nmap/version'

data/lib/dradis/plugins/nmap/engine.rb

@@ -0,0 +1,13 @@
+module Dradis
+  module Plugins
+    module Nmap
+      class Engine < ::Rails::Engine
+        isolate_namespace Dradis::Plugins::Nmap
+
+        include ::Dradis::Plugins::Base
+        description 'Processes Nmap output'
+        provides :upload
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/field_processor.rb

@@ -0,0 +1,74 @@
+module Dradis
+  module Plugins
+    module Nmap
+      class FieldProcessor < Dradis::Plugins::Upload::FieldProcessor
+        def post_initialize(args={})
+          if data.kind_of?(::Nmap::Host) || data.kind_of?(::Nmap::Port)
+            @nmap_object = data
+          elsif data.name == 'host'
+            @nmap_object = ::Nmap::Host.new(data)
+          elsif data.name == 'port'
+            @nmap_object = ::Nmap::Port.new(data)
+          end
+        end
+
+        def value(args={})
+          field = args[:field]
+          # fields in the template are of the form <foo>.<field>, where <foo>
+          # is common across all fields for a given template (and meaningless).
+          type, name, attribute = field.split('.')
+          if type == 'host'
+            host_value(name)
+          elsif type == 'port'
+            port_value(name, attribute)
+          end
+        end
+
+        private
+        def host_value(name)
+          if name == 'hostnames'
+            @nmap_object.hostnames.uniq.map(&:to_s).sort.join(', ')
+          elsif name == 'service_table'
+            host_service_table
+          else
+            @nmap_object.try(name) || 'n/a'
+          end
+        end
+
+        def port_value(name, attribute = nil)
+          if attribute
+            # port.service.name
+            # port.service.product
+            # port.service.version
+            if @nmap_object.service
+              @nmap_object.service.try(attribute) || 'n/a'
+            end
+          else
+            @nmap_object.try(name) || 'n/a'
+          end
+        end
+
+        def host_service_table
+          ports = []
+          # Build up a Services table with all the available information about each
+          # individual port.
+          @nmap_object.each_port do |port|
+            port_info = ''
+            port_info << "| #{port.number} | #{port.protocol} | #{port.state} (#{port.reason}) |"
+            if (srv = port.service)
+              port_info << " #{srv.try('name') || ''} |"
+              port_info << " #{srv.try('product') || ''} |"
+              port_info << " #{srv.try('version') || ''} |"
+            else
+              port_info << "  |  |  |"
+            end
+            port_info << "\n"
+            ports << port_info
+          end
+          ports.join
+        end
+
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/gem_version.rb

@@ -0,0 +1,19 @@
+module Dradis
+  module Plugins
+    module Nmap
+      # Returns the version of the currently loaded Dradis as a <tt>Gem::Version</tt>
+      def self.gem_version
+        Gem::Version.new VERSION::STRING
+      end
+
+      module VERSION
+        MAJOR = 3
+        MINOR = 1
+        TINY = 0
+        PRE = nil
+
+        STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/importer.rb

@@ -0,0 +1,74 @@
+module Dradis::Plugins::Nmap
+  class Importer < Dradis::Plugins::Upload::Importer
+    # The framework will call this function if the user selects this plugin from
+    # the dropdown list and uploads a file.
+    # @returns true if the operation was successful, false otherwise
+    def import(params={})
+
+      logger.info{ "Parsing Nmap output from #{ params[:file] }..." }
+      doc = Nmap::XML::new(params[:file])
+      logger.info{ 'Done.' }
+
+      logger.info{ 'Validating Nmap output...' }
+      if doc.hosts.empty?
+        error = {
+          'Title' => 'Invalid file format',
+          'File name' => File.basename(params[:file]),
+          'Description' => "The file you uploaded doesn't seem to be a valid Nmap XML file."
+        }
+        logger.fatal{ error['Description'] }
+        error = error.map{|k,v| "#[%s]#\n%s\n" % [k, v] }.join("\n\n")
+        content_service.create_note text: error
+        return false
+      end
+      logger.info{ 'Done.' }
+
+      # TODO: do something with the Nmap::Parser::Session information
+      port_notes_to_add = {}
+
+      doc.each_host do |host|
+        host_label = host.ip
+        host_node = content_service.create_node(label: host_label, type: :host)
+        logger.info{ "New host: #{ host_label }" }
+
+        # Set basic host properties
+        host_node.set_property(:ip, host.ip)
+        host_node.set_property(:hostname, host.hostnames.map(&:name)) if host.hostnames.present?
+        host_node.set_property(:os, host.os.matches.map(&:name)) if host.os.present?
+
+        # Old-style properties-in-a-note approach
+        host_text = template_service.process_template(template: 'host', data: host)
+        content_service.create_note(text: host_text, node: host_node)
+
+        host.each_port do |port|
+          logger.info{ "\tNew port: #{ port.number }/#{ port.protocol }" }
+
+          # Add service to host properties
+          host_node.set_property(:services, {
+              port: port.number,
+              protocol: port.protocol,
+              state: port.state,
+              reason: port.reason,
+              name: port.try('service').try('name'),
+              product: port.try('service').try('product'),
+              scripts: port.try('scripts'),
+              version: port.try('service').try('version')
+          })
+
+          # HACK: patch in a `host` method to `Nmap::Port`
+          # so we can use it in the template:
+          port.class.module_eval { attr_accessor :host }
+          port.host = host.ip
+
+          # Add a note with the port information
+          port_text = template_service.process_template(template: 'port', data: port)
+          content_service.create_note(
+            text: port_text,
+            node: host_node)
+        end
+
+        host_node.save
+      end
+    end
+  end
+end

data/lib/dradis/plugins/nmap/version.rb

@@ -0,0 +1,13 @@
+require_relative 'gem_version'
+
+module Dradis
+  module Plugins
+    module Nmap
+      # Returns the version of the currently loaded Nmap as a
+      # <tt>Gem::Version</tt>.
+      def self.version
+        gem_version
+      end
+    end
+  end
+end

data/lib/tasks/thorfile.rb

@@ -0,0 +1,42 @@
+class NmapTasks < Thor
+  include Core::Pro::ProjectScopedTask if defined?(::Core::Pro)
+
+  namespace "dradis:plugins:nmap"
+
+  desc      "upload FILE", "upload the results of an Nmap scan"
+  long_desc "Upload an Nmap scan to create nodes and notes for the hosts and "\
+            "ports discovered during scanning."
+  def upload(file_path)
+    require 'config/environment'
+
+    unless File.exists?(file_path)
+      $stderr.puts "** the file [#{file_path}] does not exist"
+      exit(-1)
+    end
+
+    # Set project scope from the PROJECT_ID env variable:
+    detect_and_set_project_scope if defined?(::Core::Pro)
+
+    plugin = Dradis::Plugins::Nmap
+
+    Dradis::Plugins::Nmap::Importer.new(
+      logger:           logger,
+      content_service:  service_namespace::ContentService.new(plugin: plugin),
+      template_service: service_namespace::TemplateService.new(plugin: plugin)
+    ).import(file: file_path)
+
+    logger.close
+  end
+
+
+  private
+
+  def logger
+    @logger ||= Logger.new(STDOUT).tap { |l| l.level = Logger::DEBUG }
+  end
+
+  def service_namespace
+    defined?(Dradis::Pro) ? Dradis::Pro::Plugins : Dradis::Plugins
+  end
+
+end

data/spec/fixtures/files/invalid.xml

@@ -0,0 +1 @@
+<foo></foo>

data/spec/fixtures/files/nse-01.xml

@@ -0,0 +1,127 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
+<!-- Nmap 6.00 scan initiated Fri Aug  5 01:49:41 2016 as: nmap -sC -vv -T4 -oX scanme-01.xml scanme.nmap.org -->
+<nmaprun scanner="nmap" args="nmap -sC -vv -T4 -oX scanme-01.xml scanme.nmap.org" start="1470376181" startstr="Fri Aug  5 01:49:41 2016" version="6.00" xmloutputversion="1.04">
+  <scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
+  <verbose level="2"/>
+  <debugging level="0"/>
+  <taskbegin task="Ping Scan" time="1470376181"/>
+  <taskend task="Ping Scan" time="1470376181" extrainfo="1 total hosts"/>
+  <taskbegin task="Parallel DNS resolution of 1 host." time="1470376181"/>
+  <taskend task="Parallel DNS resolution of 1 host." time="1470376181"/>
+  <taskbegin task="SYN Stealth Scan" time="1470376181"/>
+  <taskend task="SYN Stealth Scan" time="1470376187" extrainfo="1000 total ports"/>
+  <taskbegin task="NSE" time="1470376187"/>
+  <taskend task="NSE" time="1470376192"/>
+  <host starttime="1470376181" endtime="1470376192">
+    <status state="up" reason="reset"/>
+    <address addr="45.33.32.156" addrtype="ipv4"/>
+    <hostnames>
+      <hostname name="scanme.nmap.org" type="user"/>
+      <hostname name="scanme.nmap.org" type="PTR"/>
+    </hostnames>
+    <ports>
+      <extraports state="closed" count="979">
+        <extrareasons reason="resets" count="979"/>
+      </extraports>
+      <port protocol="tcp" portid="22">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="ssh" method="table" conf="3"/>
+        <script id="ssh-hostkey" output="1024 ac:00:a0:1a:82:ff:cc:55:99:dc:67:2b:34:97:6b:75 (DSA)&#10;ssh-dss AAAAB3NzaC1kc3MAAACBAOe8o59vFWZGaBmGPVeJBObEfi1AR8yEUYC/Ufkku3sKhGF7wM2m2ujIeZDK5vqeC0S5EN2xYo6FshCP4FQRYeTxD17nNO4PhwW65qAjDRRU0uHFfSAh5wk+vt4yQztOE++sTd1G9OBLzA8HO99qDmCAxb3zw+GQDEgPjzgyzGZ3AAAAFQCBmE1vROP8IaPkUmhM5xLFta/xHwAAAIEA3EwRfaeOPLL7TKDgGX67Lbkf9UtdlpCdC4doMjGgsznYMwWH6a7Lj3vi4/KmeZZdix6FMdFqq+2vrfT1DRqx0RS0XYdGxnkgS+2g333WYCrUkDCn6RPUWR/1TgGMPHCj7LWCa1ZwJwLWS2KX288Pa2gLOWuhZm2VYKSQx6NEDOIAAACBANxIfprSdBdbo4Ezrh6/X6HSvrhjtZ7MouStWaE714ByO5bS2coM9CyaCwYyrE5qzYiyIfb+1BG3O5nVdDuN95sQ/0bAdBKlkqLFvFqFjVbETF0ri3v97w6MpUawfF75ouDrQ4xdaUOLLEWTso6VFJcM6Jg9bDl0FA0uLZUSDEHL&#10;2048 20:3d:2d:44:62:2a:b0:5a:9d:b5:b3:05:14:c2:a6:b2 (RSA)&#10;ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6afooTZ9mVUGFNEhkMoRR1Btzu64XXwElhCsHw/zVlIx/HXylNbb9+11dm2VgJQ21pxkWDs+L6+EbYyDnvRURTrMTgHL0xseB0EkNqexs9hYZSiqtMx4jtGNtHvsMxZnbxvVUk2dasWvtBkn8J5JagSbzWTQo4hjKMOI1SUlXtiKxAs2F8wiq2EdSuKw/KNk8GfIp1TA+8ccGeAtnsVptTJ4D/8MhAWsROkQzOowQvnBBz2/8ecEvoMScaf+kDfNQowK3gENtSSOqYw9JLOza6YJBPL/aYuQQ0nJ74Rr5vL44aNIlrGI9jJc2x0bV7BeNA5kVuXsmhyfWbbkB8yGd"/>
+      </port>
+      <port protocol="tcp" portid="25">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="smtp" method="table" conf="3"/>
+        <script id="smtp-commands" output="linqhotel-auth.coxhn.net Hello scanme.nmap.org [10.11.25.150], SIZE 52428800, 8BITMIME, PIPELINING, HELP, &#10; Commands supported: AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP "/>
+      </port>
+      <port protocol="tcp" portid="53">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="domain" method="table" conf="3"/>
+        <script id="dns-nsid" output="&#10;  bind.version: 9.6.1&#10;"/>
+      </port>
+      <port protocol="tcp" portid="80">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="http" method="table" conf="3"/>
+        <script id="http-methods" output="GET HEAD POST OPTIONS"/>
+        <script id="http-title" output="Go ahead and ScanMe!"/>
+        <script id="http-favicon" output="Unknown favicon MD5: 156515DA3C0F7DC6B2493BD5CE43F795"/>
+      </port>
+      <port protocol="tcp" portid="135">
+        <state state="filtered" reason="no-response" reason_ttl="0"/>
+        <service name="msrpc" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="161">
+        <state state="filtered" reason="no-response" reason_ttl="0"/>
+        <service name="snmp" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="163">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="cmip-man" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="445">
+        <state state="filtered" reason="no-response" reason_ttl="0"/>
+        <service name="microsoft-ds" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="749">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="kerberos-adm" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="2381">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="compaq-https" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="2920">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="roboeda" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="5000">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="upnp" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="6669">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="irc" method="table" conf="3"/>
+        <script id="irc-info" output="Unable to open connection"/>
+      </port>
+      <port protocol="tcp" portid="7496">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="7920">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="9929">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="nping-echo" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="10778">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="31337">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="Elite" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="42510">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="caerpc" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="44176">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+      <port protocol="tcp" portid="49163">
+        <state state="open" reason="syn-ack" reason_ttl="64"/>
+        <service name="unknown" method="table" conf="3"/>
+      </port>
+    </ports>
+    <times srtt="23838" rttvar="2863" to="100000"/>
+  </host>
+  <taskbegin task="NSE" time="1470376192"/>
+  <taskend task="NSE" time="1470376192"/>
+  <runstats>
+    <finished time="1470376192" timestr="Fri Aug  5 01:49:52 2016" elapsed="11.13" summary="Nmap done at Fri Aug  5 01:49:52 2016; 1 IP address (1 host up) scanned in 11.13 seconds" exit="success"/>
+    <hosts up="1" down="0" total="1"/>
+  </runstats>
+</nmaprun>

data/spec/fixtures/files/sample.xml

@@ -0,0 +1,72 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="file:///usr/local/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
+<!-- Nmap 5.59BETA3 scan initiated Fri Sep  9 18:33:41 2011 as:
+     nmap -T4 -A -p 1-1000 -oX - scanme.nmap.org -->
+<nmaprun scanner="nmap" args="nmap -T4 -A -p 1-1000 -oX - scanme.nmap.org" start="1315618421"
+         startstr="Fri Sep  9 18:33:41 2011" version="5.59BETA3" xmloutputversion="1.03">
+ <scaninfo type="syn" protocol="tcp" numservices="1000" services="1-1000"/>
+ <verbose level="0"/>
+ <debugging level="0"/>
+ <host starttime="1315618421" endtime="1315618434">
+  <status state="up" reason="echo-reply"/>
+  <address addr="74.207.244.221" addrtype="ipv4"/>
+  <hostnames>
+   <hostname name="scanme.nmap.org" type="user"/>
+   <hostname name="li86-221.members.linode.com" type="PTR"/>
+  </hostnames>
+  <ports>
+   <extraports state="closed" count="997">
+    <extrareasons reason="resets" count="997"/>
+   </extraports>
+   <port protocol="tcp" portid="22">
+    <state state="open" reason="syn-ack" reason_ttl="53"/>
+    <service name="ssh" product="OpenSSH" version="5.3p1 Debian 3ubuntu7"
+             extrainfo="protocol 2.0" ostype="Linux" method="probed" conf="10">
+     <cpe>cpe:/a:openbsd:openssh:5.3p1</cpe>
+     <cpe>cpe:/o:linux:kernel</cpe>
+    </service>
+    <script id="ssh-hostkey"
+            output="1024 8d:60:f1:7c:ca:b7:3d:0a:d6:67:54:9d:69:d9:b9:dd (DSA)&#xa;
+                    2048 79:f8:09:ac:d4:e2:32:42:10:49:d3:bd:20:82:85:ec (RSA)"/>
+   </port>
+   <port protocol="tcp" portid="80">
+    <state state="open" reason="syn-ack" reason_ttl="53"/>
+    <service name="http" product="Apache httpd" version="2.2.14"
+             extrainfo="(Ubuntu)" method="probed" conf="10">
+     <cpe>cpe:/a:apache:http_server:2.2.14</cpe>
+    </service>
+    <script id="http-title" output="Go ahead and ScanMe!"/>
+   </port>
+  </ports>
+  <os>
+   <portused state="open" proto="tcp" portid="22"/>
+   <portused state="closed" proto="tcp" portid="1"/>
+   <portused state="closed" proto="udp" portid="31289"/>
+   <osclass type="general purpose" vendor="Linux" osfamily="Linux"
+            osgen="2.6.X" accuracy="100">
+    <cpe>cpe:/o:linux:linux_kernel:2.6.39</cpe>
+   </osclass>
+   <osmatch name="Linux 2.6.39" accuracy="100" line="39278"/>
+  </os>
+  <uptime seconds="23450" lastboot="Fri Sep  9 12:03:04 2011"/>
+  <distance value="11"/>
+  <tcpsequence index="199" difficulty="Good luck!"
+               values="49018209,48C3EBED,495A2E7F,493EF30C,48ED43B3,495A9B0C"/>
+  <ipidsequence class="All zeros" values="0,0,0,0,0,0"/>
+  <tcptssequence class="1000HZ"
+                 values="165CC09,165CC6E,165CCD2,165CD36,165CD9A,165CE48"/>
+  <trace port="256" proto="tcp">
+   <!-- Several hop elements removed for brevity -->
+   <hop ttl="9" ipaddr="72.52.92.109" rtt="15.69" host="10gigabitethernet1-1.core1.fmt1.he.net"/>
+   <hop ttl="10" ipaddr="64.62.250.6" rtt="12.06" host="linode-llc.10gigabitethernet2-3.core1.fmt1.he.net"/>
+   <hop ttl="11" ipaddr="74.207.244.221" rtt="16.55" host="li86-221.members.linode.com"/>
+  </trace>
+  <times srtt="26517" rttvar="19989" to="106473"/>
+ </host>
+ <runstats>
+  <finished time="1315618434" timestr="Fri Sep  9 18:33:54 2011" elapsed="13.66"
+            summary="Nmap done at Fri Sep  9 18:33:54 2011; 1 IP address (1 host up)
+                     scanned in 13.66 seconds" exit="success"/>
+  <hosts up="1" down="0" total="1"/>
+ </runstats>
+</nmaprun>