logstash-codec-nmap 0.0.6 → 0.0.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/logstash/codecs/nmap.rb +6 -4
- data/logstash-codec-nmap.gemspec +1 -1
- data/spec/codecs/nmap_spec.rb +5 -0
- data/spec/fixtures/scanme.nmap.org +11 -0
- data/spec/fixtures/scanme_A.xml +76 -0
- metadata +5 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7ff37aabd978959373cfb2dc42a13a24fb8f5609
|
|
4
|
+
data.tar.gz: 5af74a2cb0944aa6aa07f6d690fb1e327ab0bbf0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f3dd7f3acd90936a68fa2dfdf17e96cbf0d2da7409550c1a57f32739b7ffc37a19276fb9b56bfc0f0afd9cbf8ae317c55876f961fb43cd1c810913d4ab899f78
|
|
7
|
+
data.tar.gz: 2d92bc2b3858763095413cc1259c42bf9cde9d6df675adc6d27caf2dfabad3ebe154155c1be80f1098981f5944a6b6de8ea9cb8c364e2d72b2b384cc5350bc81
|
data/lib/logstash/codecs/nmap.rb
CHANGED
|
@@ -128,18 +128,20 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
128
128
|
def hashify_os(os)
|
|
129
129
|
return unless os
|
|
130
130
|
|
|
131
|
+
# we need this nil guard here till https://github.com/sophsec/ruby-nmap/pull/41 is accepted
|
|
132
|
+
fingerprint = os.fingerprint rescue nil
|
|
131
133
|
{
|
|
132
134
|
'ports_used' => os.ports_used,
|
|
133
|
-
'fingerprint' =>
|
|
134
|
-
'classes' =>
|
|
135
|
-
'matches' => hashify_structs(
|
|
135
|
+
'fingerprint' => fingerprint,
|
|
136
|
+
'classes' => hashify_os_classes(os.classes),
|
|
137
|
+
'matches' => hashify_structs(os.matches)
|
|
136
138
|
}
|
|
137
139
|
end
|
|
138
140
|
|
|
139
141
|
def hashify_os_classes(classes)
|
|
140
142
|
return if !classes || classes.empty?
|
|
141
143
|
|
|
142
|
-
classes.
|
|
144
|
+
classes.map do |klass|
|
|
143
145
|
{
|
|
144
146
|
'type' => klass.type.to_s, # returned as sym originally
|
|
145
147
|
'vendor' => klass.vendor.to_s,
|
data/logstash-codec-nmap.gemspec
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-codec-nmap'
|
|
4
|
-
s.version = '0.0.
|
|
4
|
+
s.version = '0.0.7'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "This codec may be used to decode Nmap XML"
|
|
7
7
|
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|
data/spec/codecs/nmap_spec.rb
CHANGED
|
@@ -52,6 +52,11 @@ describe LogStash::Codecs::Nmap do
|
|
|
52
52
|
it_should_behave_like "a valid parse"
|
|
53
53
|
end
|
|
54
54
|
|
|
55
|
+
describe "scanme_A.xml" do
|
|
56
|
+
let(:xml_string) { File.open("spec/fixtures/localscan.xml").read }
|
|
57
|
+
it_should_behave_like "a valid parse"
|
|
58
|
+
end
|
|
59
|
+
|
|
55
60
|
end
|
|
56
61
|
|
|
57
62
|
end
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<!DOCTYPE nmaprun>
|
|
3
|
+
<?xml-stylesheet href="file:///usr/local/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
|
|
4
|
+
<!-- Nmap 7.01 scan initiated Sun Jan 17 12:46:35 2016 as: nmap -A -T4 -tr -oX scanme.nmap.org -->
|
|
5
|
+
<nmaprun scanner="nmap" args="nmap -A -T4 -tr -oX scanme.nmap.org" start="1453056395" startstr="Sun Jan 17 12:46:35 2016" version="7.01" xmloutputversion="1.04">
|
|
6
|
+
<scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
|
|
7
|
+
<verbose level="0"/>
|
|
8
|
+
<debugging level="0"/>
|
|
9
|
+
<runstats><finished time="1453056396" timestr="Sun Jan 17 12:46:36 2016" elapsed="0.87" summary="Nmap done at Sun Jan 17 12:46:36 2016; 0 IP addresses (0 hosts up) scanned in 0.87 seconds" exit="success"/><hosts up="0" down="0" total="0"/>
|
|
10
|
+
</runstats>
|
|
11
|
+
</nmaprun>
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<!DOCTYPE nmaprun>
|
|
3
|
+
<?xml-stylesheet href="file:///usr/local/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
|
|
4
|
+
<!-- Nmap 7.01 scan initiated Sun Jan 17 12:49:16 2016 as: nmap -A -oX - scanme.nmap.org -->
|
|
5
|
+
<nmaprun scanner="nmap" args="nmap -A -oX - scanme.nmap.org" start="1453056556" startstr="Sun Jan 17 12:49:16 2016" version="7.01" xmloutputversion="1.04">
|
|
6
|
+
<scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
|
|
7
|
+
<verbose level="0"/>
|
|
8
|
+
<debugging level="0"/>
|
|
9
|
+
<host starttime="1453056556" endtime="1453056585"><status state="up" reason="timestamp-reply" reason_ttl="52"/>
|
|
10
|
+
<address addr="45.33.32.156" addrtype="ipv4"/>
|
|
11
|
+
<hostnames>
|
|
12
|
+
<hostname name="scanme.nmap.org" type="user"/>
|
|
13
|
+
<hostname name="scanme.nmap.org" type="PTR"/>
|
|
14
|
+
</hostnames>
|
|
15
|
+
<ports><extraports state="closed" count="992">
|
|
16
|
+
<extrareasons reason="resets" count="992"/>
|
|
17
|
+
</extraports>
|
|
18
|
+
<port protocol="tcp" portid="22"><state state="open" reason="syn-ack" reason_ttl="52"/><service name="ssh" product="OpenSSH" version="6.6.1p1 Ubuntu 2ubuntu2.3" extrainfo="Ubuntu Linux; protocol 2.0" ostype="Linux" method="probed" conf="10"><cpe>cpe:/a:openbsd:openssh:6.6.1p1</cpe><cpe>cpe:/o:linux:linux_kernel</cpe></service><script id="ssh-hostkey" output="
 1024 ac:00:a0:1a:82:ff:cc:55:99:dc:67:2b:34:97:6b:75 (DSA)
 2048 20:3d:2d:44:62:2a:b0:5a:9d:b5:b3:05:14:c2:a6:b2 (RSA)
 256 96:02:bb:5e:57:54:1c:4e:45:2f:56:4c:4a:24:b2:57 (ECDSA)"><table>
|
|
19
|
+
<elem key="type">ssh-dss</elem>
|
|
20
|
+
<elem key="fingerprint">ac00a01a82ffcc5599dc672b34976b75</elem>
|
|
21
|
+
<elem key="key">AAAAB3NzaC1kc3MAAACBAOe8o59vFWZGaBmGPVeJBObEfi1AR8yEUYC/Ufkku3sKhGF7wM2m2ujIeZDK5vqeC0S5EN2xYo6FshCP4FQRYeTxD17nNO4PhwW65qAjDRRU0uHFfSAh5wk+vt4yQztOE++sTd1G9OBLzA8HO99qDmCAxb3zw+GQDEgPjzgyzGZ3AAAAFQCBmE1vROP8IaPkUmhM5xLFta/xHwAAAIEA3EwRfaeOPLL7TKDgGX67Lbkf9UtdlpCdC4doMjGgsznYMwWH6a7Lj3vi4/KmeZZdix6FMdFqq+2vrfT1DRqx0RS0XYdGxnkgS+2g333WYCrUkDCn6RPUWR/1TgGMPHCj7LWCa1ZwJwLWS2KX288Pa2gLOWuhZm2VYKSQx6NEDOIAAACBANxIfprSdBdbo4Ezrh6/X6HSvrhjtZ7MouStWaE714ByO5bS2coM9CyaCwYyrE5qzYiyIfb+1BG3O5nVdDuN95sQ/0bAdBKlkqLFvFqFjVbETF0ri3v97w6MpUawfF75ouDrQ4xdaUOLLEWTso6VFJcM6Jg9bDl0FA0uLZUSDEHL</elem>
|
|
22
|
+
<elem key="bits">1024</elem>
|
|
23
|
+
</table>
|
|
24
|
+
<table>
|
|
25
|
+
<elem key="type">ssh-rsa</elem>
|
|
26
|
+
<elem key="fingerprint">203d2d44622ab05a9db5b30514c2a6b2</elem>
|
|
27
|
+
<elem key="key">AAAAB3NzaC1yc2EAAAADAQABAAABAQC6afooTZ9mVUGFNEhkMoRR1Btzu64XXwElhCsHw/zVlIx/HXylNbb9+11dm2VgJQ21pxkWDs+L6+EbYyDnvRURTrMTgHL0xseB0EkNqexs9hYZSiqtMx4jtGNtHvsMxZnbxvVUk2dasWvtBkn8J5JagSbzWTQo4hjKMOI1SUlXtiKxAs2F8wiq2EdSuKw/KNk8GfIp1TA+8ccGeAtnsVptTJ4D/8MhAWsROkQzOowQvnBBz2/8ecEvoMScaf+kDfNQowK3gENtSSOqYw9JLOza6YJBPL/aYuQQ0nJ74Rr5vL44aNIlrGI9jJc2x0bV7BeNA5kVuXsmhyfWbbkB8yGd</elem>
|
|
28
|
+
<elem key="bits">2048</elem>
|
|
29
|
+
</table>
|
|
30
|
+
<table>
|
|
31
|
+
<elem key="type">ecdsa-sha2-nistp256</elem>
|
|
32
|
+
<elem key="fingerprint">9602bb5e57541c4e452f564c4a24b257</elem>
|
|
33
|
+
<elem key="key">AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMD46g67x6yWNjjQJnXhiz/TskHrqQ0uPcOspFrIYW382uOGzmWDZCFV8FbFwQyH90u+j0Qr1SGNAxBZMhOQ8pc=</elem>
|
|
34
|
+
<elem key="bits">256</elem>
|
|
35
|
+
</table>
|
|
36
|
+
</script></port>
|
|
37
|
+
<port protocol="tcp" portid="25"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="smtp" method="table" conf="3"/></port>
|
|
38
|
+
<port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="52"/><service name="http" product="Apache httpd" version="2.4.7" extrainfo="(Ubuntu)" method="probed" conf="10"><cpe>cpe:/a:apache:http_server:2.4.7</cpe></service><script id="http-server-header" output="Apache/2.4.7 (Ubuntu)"><elem>Apache/2.4.7 (Ubuntu)</elem>
|
|
39
|
+
</script><script id="http-title" output="Go ahead and ScanMe!"><elem key="title">Go ahead and ScanMe!</elem>
|
|
40
|
+
</script></port>
|
|
41
|
+
<port protocol="tcp" portid="135"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="msrpc" method="table" conf="3"/></port>
|
|
42
|
+
<port protocol="tcp" portid="139"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="netbios-ssn" method="table" conf="3"/></port>
|
|
43
|
+
<port protocol="tcp" portid="445"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="microsoft-ds" method="table" conf="3"/></port>
|
|
44
|
+
<port protocol="tcp" portid="9929"><state state="open" reason="syn-ack" reason_ttl="52"/><service name="nping-echo" product="Nping echo" method="probed" conf="10"/></port>
|
|
45
|
+
<port protocol="tcp" portid="31337"><state state="open" reason="syn-ack" reason_ttl="52"/><service name="tcpwrapped" method="probed" conf="8"/></port>
|
|
46
|
+
</ports>
|
|
47
|
+
<os><portused state="open" proto="tcp" portid="22"/>
|
|
48
|
+
<portused state="closed" proto="tcp" portid="1"/>
|
|
49
|
+
<portused state="closed" proto="udp" portid="43644"/>
|
|
50
|
+
<osmatch name="Linux 3.10 - 3.19" accuracy="100" line="57135">
|
|
51
|
+
<osclass type="general purpose" vendor="Linux" osfamily="Linux" osgen="3.X" accuracy="100"><cpe>cpe:/o:linux:linux_kernel:3</cpe></osclass>
|
|
52
|
+
</osmatch>
|
|
53
|
+
</os>
|
|
54
|
+
<uptime seconds="5099488" lastboot="Thu Nov 19 12:18:17 2015"/>
|
|
55
|
+
<distance value="12"/>
|
|
56
|
+
<tcpsequence index="263" difficulty="Good luck!" values="D0DA739B,49BCBDD0,F69267F2,4D98764B,BFE081DE,BD297740"/>
|
|
57
|
+
<ipidsequence class="All zeros" values="0,0,0,0,0,0"/>
|
|
58
|
+
<tcptssequence class="other" values="5B2F8F6D,5B2F8F8C,5B2F8FAD,5B2F8FC9,5B2F8FE8,5B2F9006"/>
|
|
59
|
+
<trace port="554" proto="tcp">
|
|
60
|
+
<hop ttl="1" ipaddr="192.168.1.1" rtt="1.44" host="router.asus.com"/>
|
|
61
|
+
<hop ttl="2" ipaddr="96.120.48.165" rtt="9.76"/>
|
|
62
|
+
<hop ttl="3" ipaddr="68.85.165.209" rtt="13.61" host="te-0-3-0-20-sur02.swmpls.mn.minn.comcast.net"/>
|
|
63
|
+
<hop ttl="4" ipaddr="69.139.219.225" rtt="16.61" host="te-0-8-0-11-ar01.roseville.mn.minn.comcast.net"/>
|
|
64
|
+
<hop ttl="5" ipaddr="68.86.94.81" rtt="25.81" host="be-13367-cr02.350ecermak.il.ibone.comcast.net"/>
|
|
65
|
+
<hop ttl="6" ipaddr="68.86.89.106" rtt="23.73" host="as30094-1-c.ashburn.va.ibone.comcast.net"/>
|
|
66
|
+
<hop ttl="7" ipaddr="50.248.119.86" rtt="28.74"/>
|
|
67
|
+
<hop ttl="8" ipaddr="184.105.81.98" rtt="25.83" host="100ge5-2.core1.chi1.he.net"/>
|
|
68
|
+
<hop ttl="9" ipaddr="184.105.222.173" rtt="66.15" host="10ge11-4.core1.pao1.he.net"/>
|
|
69
|
+
<hop ttl="10" ipaddr="184.105.222.89" rtt="75.24" host="10ge4-4.core3.fmt2.he.net"/>
|
|
70
|
+
<hop ttl="12" ipaddr="45.33.32.156" rtt="62.42" host="scanme.nmap.org"/>
|
|
71
|
+
</trace>
|
|
72
|
+
<times srtt="64700" rttvar="1860" to="100000"/>
|
|
73
|
+
</host>
|
|
74
|
+
<runstats><finished time="1453056585" timestr="Sun Jan 17 12:49:45 2016" elapsed="29.41" summary="Nmap done at Sun Jan 17 12:49:45 2016; 1 IP address (1 host up) scanned in 29.41 seconds" exit="success"/><hosts up="1" down="0" total="1"/>
|
|
75
|
+
</runstats>
|
|
76
|
+
</nmaprun>
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-codec-nmap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
@@ -76,6 +76,8 @@ files:
|
|
|
76
76
|
- spec/fixtures/ipv6_all.xml
|
|
77
77
|
- spec/fixtures/localscan.xml
|
|
78
78
|
- spec/fixtures/pingsweep.xml
|
|
79
|
+
- spec/fixtures/scanme.nmap.org
|
|
80
|
+
- spec/fixtures/scanme_A.xml
|
|
79
81
|
- spec/fixtures/scanme_traceroute.xml
|
|
80
82
|
- spec/fixtures/traceroutes.xml
|
|
81
83
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
|
@@ -109,5 +111,7 @@ test_files:
|
|
|
109
111
|
- spec/fixtures/ipv6_all.xml
|
|
110
112
|
- spec/fixtures/localscan.xml
|
|
111
113
|
- spec/fixtures/pingsweep.xml
|
|
114
|
+
- spec/fixtures/scanme.nmap.org
|
|
115
|
+
- spec/fixtures/scanme_A.xml
|
|
112
116
|
- spec/fixtures/scanme_traceroute.xml
|
|
113
117
|
- spec/fixtures/traceroutes.xml
|