ruby-nmap 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/lib/nmap/xml.rb ADDED
@@ -0,0 +1,181 @@
1
+ require 'nmap/host'
2
+ require 'nmap/scanner'
3
+ require 'nmap/scan'
4
+
5
+ require 'nokogiri'
6
+ require 'enumerator'
7
+
8
+ module Nmap
9
+ class XML
10
+
11
+ include Enumerable
12
+
13
+ # Path of the Nmap XML scan file
14
+ attr_reader :path
15
+
16
+ #
17
+ # Creates a new XML object.
18
+ #
19
+ # @param [String] path
20
+ # The path to the Nmap XML scan file.
21
+ #
22
+ # @yield [xml]
23
+ # If a block is given, it will be passed the new XML object.
24
+ #
25
+ # @yieldparam [XML] xml
26
+ # The newly created XML object.
27
+ #
28
+ def initialize(path,&block)
29
+ @path = File.expand_path(path)
30
+ @doc = Nokogiri::XML(File.new(@path))
31
+
32
+ block.call(self) if block
33
+ end
34
+
35
+ #
36
+ # Parses the scanner information.
37
+ #
38
+ # @return [Scanner]
39
+ # The scanner that was used and generated the scan file.
40
+ #
41
+ def scanner
42
+ @scanner ||= Scanner.new(
43
+ @doc.root['scanner'],
44
+ @doc.root['version'],
45
+ @doc.root['args']
46
+ )
47
+ end
48
+
49
+ #
50
+ # Parses the XML scan file version.
51
+ #
52
+ # @return [String]
53
+ # The version of the XML scan file.
54
+ #
55
+ def version
56
+ @version ||= @doc.root['xmloutputversion']
57
+ end
58
+
59
+ #
60
+ # Parses the scan information.
61
+ #
62
+ # @return [Array<Scan>]
63
+ # The scan information.
64
+ #
65
+ def scan_info
66
+ @doc.xpath("/nmaprun/scaninfo").map do |scaninfo|
67
+ Scan.new(
68
+ scaninfo['type'].to_sym,
69
+ scaninfo['protocol'].to_sym,
70
+ scaninfo['services'].split(',').map { |ports|
71
+ if ports.include?('-')
72
+ Range.new(*(ports.split('-',2)))
73
+ else
74
+ ports.to_i
75
+ end
76
+ }
77
+ )
78
+ end
79
+ end
80
+
81
+ #
82
+ # Parses the verbose level.
83
+ #
84
+ # @return [Integer]
85
+ # The verbose level.
86
+ #
87
+ def verbose
88
+ @verbose ||= @doc.at("verbose/@level").inner_text.to_i
89
+ end
90
+
91
+ #
92
+ # Parses the debugging level.
93
+ #
94
+ # @return [Integer]
95
+ # The debugging level.
96
+ #
97
+ def debugging
98
+ @debugging ||= @doc.at("debugging/@level").inner_text.to_i
99
+ end
100
+
101
+ #
102
+ # Parses the hosts in the scan.
103
+ #
104
+ # @yield [host]
105
+ # Each host will be passed to a given block.
106
+ #
107
+ # @yieldparam [Host] host
108
+ # A host in the scan.
109
+ #
110
+ # @return [XML]
111
+ # The XML object.
112
+ #
113
+ def each_host(&block)
114
+ @doc.xpath("/nmaprun/host").each do |host|
115
+ block.call(Host.new(host)) if block
116
+ end
117
+
118
+ return self
119
+ end
120
+
121
+ #
122
+ # Parses the hosts in the scan.
123
+ #
124
+ # @return [Array<Host>]
125
+ # The hosts in the scan.
126
+ #
127
+ def hosts
128
+ Enumerator.new(self,:each_host).to_a
129
+ end
130
+
131
+ #
132
+ # Parses the hosts that were found to be up during the scan.
133
+ #
134
+ # @yield [host]
135
+ # Each host will be passed to a given block.
136
+ #
137
+ # @yieldparam [Host] host
138
+ # A host in the scan.
139
+ #
140
+ # @return [XML]
141
+ # The XML parser.
142
+ #
143
+ def each_up_host(&block)
144
+ @doc.xpath("/nmaprun/host[status[@state='up']]").each do |host|
145
+ Host.new(host,&block)
146
+ end
147
+
148
+ return self
149
+ end
150
+
151
+ #
152
+ # Parses the hosts found to be up during the scan.
153
+ #
154
+ # @return [Array<Host>]
155
+ # The hosts in the scan.
156
+ #
157
+ def up_hosts
158
+ Enumerator.new(self,:each_up_host).to_a
159
+ end
160
+
161
+ #
162
+ # Parses the hosts that were found to be up during the scan.
163
+ #
164
+ # @see each_up_hosts
165
+ #
166
+ def each(&block)
167
+ each_up_hosts(&block)
168
+ end
169
+
170
+ #
171
+ # Converts the XML parser to a String.
172
+ #
173
+ # @return [String]
174
+ # The path of the XML scan file.
175
+ #
176
+ def to_s
177
+ @path.to_s
178
+ end
179
+
180
+ end
181
+ end
data/lib/nmap.rb ADDED
@@ -0,0 +1,3 @@
1
+ require 'nmap/program'
2
+ require 'nmap/xml'
3
+ require 'nmap/version'
@@ -0,0 +1,241 @@
1
+ <?xml version="1.0" ?>
2
+ <?xml-stylesheet href="/usr/share/nmap/nmap.xsl" type="text/xsl"?>
3
+ <!-- Nmap 4.68 scan initiated Sat Aug 16 17:50:49 2008 as: nmap -v -oX samples/backspace.xml -O -P0 -sS 192.168.5.* -->
4
+ <nmaprun scanner="nmap" args="nmap -v -oX samples/backspace.xml -O -P0 -sS 192.168.5.*" start="1218934249" startstr="Sat Aug 16 17:50:49 2008" version="4.68" xmloutputversion="1.02">
5
+ <scaninfo type="syn" protocol="tcp" numservices="1715" services="1-1027,1029-1033,1040,1043,1050,1058-1059,1067-1068,1076,1080,1083-1084,1103,1109-1110,1112,1127,1139,1155,1158,1178,1212,1214,1220,1222,1234,1241,1248,1270,1337,1346-1381,1383-1552,1600,1650-1652,1661-1672,1680,1720,1723,1755,1761-1764,1827,1900,1935,1984,1986-2028,2030,2032-2035,2038,2040-2049,2053,2064-2065,2067-2068,2105-2106,2108,2111-2112,2120-2121,2201,2232,2241,2301,2307,2401,2430-2433,2500-2501,2564,2600-2605,2627-2628,2638,2766,2784,2809,2903,2998,3000-3001,3005-3006,3025,3045,3049,3052,3064,3086,3128,3141,3264,3268-3269,3292,3299,3306,3333,3372,3389,3397-3399,3421,3455-3457,3462,3531,3632,3689,3900,3984-3986,3999-4000,4002,4008,4045,4125,4132-4133,4144,4199,4224,4321,4333,4343,4444,4480,4500,4557,4559,4660,4662,4672,4899,4987,4998,5000-5003,5009-5011,5050,5060,5100-5102,5145,5190-5193,5232,5236,5300-5305,5308,5400,5405,5432,5490,5500,5510,5520,5530,5540,5550,5555,5560,5631-5632,5679-5680,5713-5717,5800-5803,5900-5903,5977-5979,5997-6009,6017,6050,6101,6103,6105-6106,6110-6112,6141-6148,6222,6346-6347,6400-6401,6502,6543-6544,6547-6548,6558,6588,6662,6665-6670,6699-6701,6881,6969,7000-7010,7070,7100,7200-7201,7273,7326,7464,7597,7634,7937-7938,8000,8007,8009,8021,8076,8080-8082,8118,8123,8443,8770,8888,8892,9040,9050-9051,9090,9100-9107,9111,9152,9535,9876,9991-9992,9999-10000,10005,10082-10083,11371,12000,12345-12346,13701-13702,13705-13706,13708-13718,13720-13722,13782-13783,14141,15126,15151,16080,16444,16959,17007,17300,18000,18181-18185,18187,19150,20005,22273,22289,22305,22321,22370,26208,27000-27010,27374,27665,31337,31416,32770-32780,32786-32787,38037,38292,43188,44334,44442-44443,47557,49400,50000,50002,54320,61439-61441,65301" />
6
+ <verbose level="1" />
7
+ <debugging level="0" />
8
+ <taskbegin task="ARP Ping Scan" time="1218934249" />
9
+ <taskend task="ARP Ping Scan" time="1218934250" extrainfo="107 total hosts" />
10
+ <taskbegin task="Parallel DNS resolution of 107 hosts." time="1218934250" />
11
+ <taskend task="Parallel DNS resolution of 107 hosts." time="1218934253" />
12
+ <taskbegin task="SYN Stealth Scan" time="1218934253" />
13
+ <taskend task="SYN Stealth Scan" time="1218934274" extrainfo="8575 total ports" />
14
+ <host starttime="1218934249" endtime="1218934276"><status state="up" reason="arp-response"/>
15
+ <address addr="192.168.5.1" addrtype="ipv4" />
16
+ <address addr="00:1D:7E:EF:2A:E5" addrtype="mac" vendor="Cisco-Linksys" />
17
+ <hostnames />
18
+ <ports><extraports state="filtered" count="1712">
19
+ <extrareasons reason="no-responses" count="1712"/>
20
+ </extraports>
21
+ <port protocol="tcp" portid="21"><state state="closed" reason="reset" reason_ttl="64"/><service name="ftp" method="table" conf="3" /></port>
22
+ <port protocol="tcp" portid="23"><state state="closed" reason="reset" reason_ttl="64"/><service name="telnet" method="table" conf="3" /></port>
23
+ <port protocol="tcp" portid="443"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="https" method="table" conf="3" /></port>
24
+ </ports>
25
+ <os><portused state="open" proto="tcp" portid="443" />
26
+ <portused state="closed" proto="tcp" portid="21" />
27
+ <osclass type="WAP" vendor="Netgear" osfamily="embedded" accuracy="100" />
28
+ <osmatch name="Netgear WGR614v6 wireless broadband router" accuracy="100" line="18703" />
29
+ <osmatch name="Netgear WGR614v7 or WPN824v2 wireless broadband router" accuracy="100" line="18721" />
30
+ <osfingerprint fingerprint="SCAN(V=4.68%D=8/16%OT=443%CT=21%CU=%PV=Y%DS=1%G=N%M=001D7E%TM=48A77607%P=i686-pc-linux-gnu)&#xa;SEQ(SP=19%GCD=FA00%ISR=9E%TI=I%TS=1)&#xa;OPS(O1=M5B4NW0NNT11%O2=M5B4NW0NNT11%O3=M5B4NW0NNT11%O4=M5B4NW0NNT11%O5=M5B4NW0NNT11%O6=M5B4NNT11)&#xa;WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)&#xa;ECN(R=Y%DF=N%TG=40%W=2000%O=M5B4NW0%CC=N%Q=)&#xa;T1(R=Y%DF=N%TG=40%S=O%A=S+%F=AS%RD=0%Q=)&#xa;T2(R=N)&#xa;T3(R=N)&#xa;T4(R=N)&#xa;T5(R=Y%DF=N%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=N)&#xa;T7(R=N)&#xa;U1(R=N)&#xa;IE(R=N)&#xa;" />
31
+ </os>
32
+ <uptime seconds="3121" lastboot="Sat Aug 16 16:59:18 2008" />
33
+ <distance value="1" />
34
+ <tcpsequence index="25" difficulty="Good luck!" values="AF1B39BD,AF1C33BD,AF1F21BD,AF201BBD,AF2115BD,AF220FBD" />
35
+ <ipidsequence class="Incremental" values="1FB0,1FB2,1FB4,1FB6,1FB8,1FBA" />
36
+ <tcptssequence class="2HZ" values="1858,1858,1859,1859,1859,1859" />
37
+ <times srtt="12972" rttvar="9000" to="100000" />
38
+ </host>
39
+ <host starttime="1218934249" endtime="1218934278"><status state="up" reason="arp-response"/>
40
+ <address addr="192.168.5.102" addrtype="ipv4" />
41
+ <address addr="00:13:02:55:4A:F5" addrtype="mac" vendor="Intel Corporate" />
42
+ <hostnames />
43
+ <ports><extraports state="filtered" count="1715">
44
+ <extrareasons reason="no-responses" count="1715"/>
45
+ </extraports>
46
+ </ports>
47
+ <os><osfingerprint fingerprint="SCAN(V=4.68%D=8/16%OT=%CT=%CU=%PV=Y%DS=1%G=N%M=001302%TM=48A77607%P=i686-pc-linux-gnu)&#xa;U1(R=N)&#xa;IE(R=N)&#xa;" />
48
+ </os>
49
+ <distance value="1" />
50
+ <times srtt="40386" rttvar="40386" to="201930" />
51
+ </host>
52
+ <host starttime="1218934249" endtime="1218934276"><status state="up" reason="arp-response"/>
53
+ <address addr="192.168.5.104" addrtype="ipv4" />
54
+ <address addr="00:1E:52:74:1E:F9" addrtype="mac" vendor="Apple" />
55
+ <hostnames />
56
+ <ports><extraports state="closed" count="1714">
57
+ <extrareasons reason="resets" count="1714"/>
58
+ </extraports>
59
+ <port protocol="tcp" portid="80"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="http" method="table" conf="3" /></port>
60
+ </ports>
61
+ <os><portused state="open" proto="tcp" portid="80" />
62
+ <portused state="closed" proto="tcp" portid="1" />
63
+ <portused state="closed" proto="udp" portid="44491" />
64
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.5.X" accuracy="100" />
65
+ <osmatch name="Apple Mac OS X 10.5 - 10.5.2 (Leopard) (Darwin 9.0.0b5 - 9.2.0)" accuracy="100" line="1589" />
66
+ <osfingerprint fingerprint="OS:SCAN(V=4.68%D=8/16%OT=80%CT=1%CU=44491%PV=Y%DS=1%G=Y%M=001E52%TM=48A7760&#xa;OS:7%P=i686-pc-linux-gnu)SEQ(SP=105%GCD=1%ISR=106%TI=RD%II=RI%TS=3)OPS(O1=M&#xa;OS:5B4NW3NNT11SLL%O2=M5B4NW3NNT11SLL%O3=M5B4NW3NNT11%O4=M5B4NW3NNT11SLL%O5=&#xa;OS:M5B4NW3NNT11SLL%O6=M5B4NNT11SLL)WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4=FFFF%W5=F&#xa;OS:FFF%W6=FFFF)ECN(R=Y%DF=Y%T=40%W=FFFF%O=M5B4NW3SLL%CC=N%Q=)T1(R=Y%DF=Y%T=&#xa;OS:40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%&#xa;OS:O=%RD=0%Q=)T5(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=4&#xa;OS:0%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=N%T=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q&#xa;OS:=)U1(R=Y%DF=N%T=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=0%RUL=G%R&#xa;OS:UD=G)IE(R=Y%DFI=S%T=40%TOSI=S%CD=S%SI=S%DLI=S)&#xa;" />
67
+ </os>
68
+ <uptime seconds="5259159" lastboot="Mon Jun 16 20:58:40 2008" />
69
+ <distance value="1" />
70
+ <tcpsequence index="261" difficulty="Good luck!" values="5167B935,1670334E,17968186,CFACE9C,778429A0,473647B3" />
71
+ <ipidsequence class="Randomized" values="9B17,8200,5228,C13A,435D,BF65" />
72
+ <tcptssequence class="other" values="3227BBD,3227BBE,3227BBF,3227BC0,3227BC1,3227BC2" />
73
+ <times srtt="14271" rttvar="10952" to="100000" />
74
+ </host>
75
+ <host starttime="1218934249" endtime="1218934276"><status state="up" reason="arp-response"/>
76
+ <address addr="192.168.5.105" addrtype="ipv4" />
77
+ <address addr="00:1B:63:C5:CB:CE" addrtype="mac" vendor="Apple" />
78
+ <hostnames />
79
+ <ports><extraports state="closed" count="1713">
80
+ <extrareasons reason="resets" count="1713"/>
81
+ </extraports>
82
+ <port protocol="tcp" portid="3689"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="rendezvous" method="table" conf="3" /></port>
83
+ <port protocol="tcp" portid="5101"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="admdog" method="table" conf="3" /></port>
84
+ </ports>
85
+ <os><portused state="open" proto="tcp" portid="3689" />
86
+ <portused state="closed" proto="tcp" portid="1" />
87
+ <portused state="closed" proto="udp" portid="36784" />
88
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.4.X" accuracy="100" />
89
+ <osmatch name="Apple Mac OS X 10.4.10 (Tiger) (Darwin 8.10.0 - 8.11.1)" accuracy="100" line="1212" />
90
+ <osfingerprint fingerprint="OS:SCAN(V=4.68%D=8/16%OT=3689%CT=1%CU=36784%PV=Y%DS=1%G=Y%M=001B63%TM=48A77&#xa;OS:607%P=i686-pc-linux-gnu)SEQ(SP=11%GCD=57BA4C61%ISR=FB%TI=I%II=I%SS=S%TS=&#xa;OS:1)OPS(O1=M5B4NW0NNT11SLL%O2=M5B4NW0NNT11SLL%O3=M5B4NW0NNT11%O4=M5B4NW0NN&#xa;OS:T11SLL%O5=M5B4NW0NNT11SLL%O6=M5B4NNT11SLL)WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4&#xa;OS:=FFFF%W5=FFFF%W6=FFFF)ECN(R=Y%DF=Y%T=40%W=FFFF%O=M5B4NW0SLL%CC=N%Q=)T1(R&#xa;OS:=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=&#xa;OS:A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=&#xa;OS:Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=N%T=40%W=0%S=Z%A=S%F=AR&#xa;OS:%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK&#xa;OS:=0%RUL=G%RUD=G)IE(R=Y%DFI=S%T=40%TOSI=S%CD=S%SI=S%DLI=S)&#xa;" />
91
+ </os>
92
+ <distance value="1" />
93
+ <tcpsequence index="17" difficulty="Good luck!" values="9848B4F4,9848B4F4,408E6893,408E6893,408E6893,408E6893" />
94
+ <ipidsequence class="Incremental" values="B6CB,B6CC,B6CD,B6CE,B6CF,B6D0" />
95
+ <tcptssequence class="2HZ" values="39637A11,39637A11,39637A11,39637A12,39637A12,39637A12" />
96
+ <times srtt="16409" rttvar="11292" to="100000" />
97
+ </host>
98
+ <host starttime="1218934249" endtime="1218934276"><status state="up" reason="arp-response"/>
99
+ <address addr="192.168.5.106" addrtype="ipv4" />
100
+ <address addr="00:1D:60:15:4B:45" addrtype="mac" vendor="Asustek Computer" />
101
+ <hostnames />
102
+ <ports><extraports state="closed" count="1710">
103
+ <extrareasons reason="resets" count="1710"/>
104
+ </extraports>
105
+ <port protocol="tcp" portid="135"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="msrpc" method="table" conf="3" /></port>
106
+ <port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="netbios-ssn" method="table" conf="3" /></port>
107
+ <port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="microsoft-ds" method="table" conf="3" /></port>
108
+ <port protocol="tcp" portid="554"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="rtsp" method="table" conf="3" /></port>
109
+ <port protocol="tcp" portid="3389"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="ms-term-serv" method="table" conf="3" /></port>
110
+ </ports>
111
+ <os><portused state="open" proto="tcp" portid="135" />
112
+ <portused state="closed" proto="tcp" portid="1" />
113
+ <portused state="closed" proto="udp" portid="34311" />
114
+ <osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="Vista" accuracy="100" />
115
+ <osmatch name="Microsoft Windows Vista" accuracy="100" line="16393" />
116
+ <osfingerprint fingerprint="OS:SCAN(V=4.68%D=8/16%OT=135%CT=1%CU=34311%PV=Y%DS=1%G=Y%M=001D60%TM=48A776&#xa;OS:07%P=i686-pc-linux-gnu)SEQ(SP=105%GCD=1%ISR=10E%TI=I%II=I%SS=S%TS=7)OPS(&#xa;OS:O1=M5B4NW8ST11%O2=M5B4NW8ST11%O3=M5B4NW8NNT11%O4=M5B4NW8ST11%O5=M5B4NW8S&#xa;OS:T11%O6=M5B4ST11)WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)ECN(&#xa;OS:R=Y%DF=Y%T=80%W=2000%O=M5B4NW8NNS%CC=N%Q=)T1(R=Y%DF=Y%T=80%S=O%A=S+%F=AS&#xa;OS:%RD=0%Q=)T2(R=Y%DF=Y%T=80%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=)T3(R=Y%DF=Y%T=80%W&#xa;OS:=0%S=Z%A=O%F=AR%O=%RD=0%Q=)T4(R=Y%DF=Y%T=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)T&#xa;OS:5(R=Y%DF=Y%T=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=80%W=0%S=A%A=&#xa;OS:O%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF&#xa;OS:=N%T=80%TOS=0%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)IE(R=&#xa;OS:Y%DFI=N%T=80%TOSI=Z%CD=Z%SI=S%DLI=S)&#xa;" />
117
+ </os>
118
+ <uptime seconds="1384" lastboot="Sat Aug 16 17:28:15 2008" />
119
+ <distance value="1" />
120
+ <tcpsequence index="261" difficulty="Good luck!" values="CD9C6B65,410AED23,9A27457B,84D9FFE4,3270D8D3,AB2AE7C3" />
121
+ <ipidsequence class="Incremental" values="33FC,33FD,33FE,3400,3403,3404" />
122
+ <tcptssequence class="100HZ" values="21AF6,21B01,21B0B,21B15,21B20,21B2A" />
123
+ <times srtt="11462" rttvar="4510" to="100000" />
124
+ </host>
125
+ <taskbegin task="Parallel DNS resolution of 1 host." time="1218934279" />
126
+ <taskend task="Parallel DNS resolution of 1 host." time="1218934279" />
127
+ <taskbegin task="ARP Ping Scan" time="1218934279" />
128
+ <taskend task="ARP Ping Scan" time="1218934281" extrainfo="148 total hosts" />
129
+ <taskbegin task="Parallel DNS resolution of 148 hosts." time="1218934281" />
130
+ <taskend task="Parallel DNS resolution of 148 hosts." time="1218934283" />
131
+ <taskbegin task="SYN Stealth Scan" time="1218934283" />
132
+ <taskend task="SYN Stealth Scan" time="1218934283" extrainfo="1715 total ports" />
133
+ <host starttime="1218934283" endtime="1218934285"><status state="up" reason="localhost-response"/>
134
+ <address addr="192.168.5.107" addrtype="ipv4" />
135
+ <hostnames />
136
+ <ports><extraports state="closed" count="1715">
137
+ <extrareasons reason="resets" count="1715"/>
138
+ </extraports>
139
+ </ports>
140
+ <os><portused state="closed" proto="tcp" portid="1" />
141
+ <portused state="closed" proto="udp" portid="37912" />
142
+ <osfingerprint fingerprint="SCAN(V=4.68%D=8/16%OT=%CT=1%CU=37912%PV=Y%DS=0%G=N%TM=48A7760D%P=i686-pc-linux-gnu)&#xa;T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)&#xa;T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;U1(R=Y%DF=N%T=40%TOS=C0%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)&#xa;IE(R=Y%DFI=N%T=40%TOSI=S%CD=S%SI=S%DLI=S)&#xa;" />
143
+ </os>
144
+ <distance value="0" />
145
+ <times srtt="28" rttvar="9" to="100000" />
146
+ </host>
147
+ <taskbegin task="SYN Stealth Scan" time="1218934285" />
148
+ <taskend task="SYN Stealth Scan" time="1218934323" extrainfo="6860 total ports" />
149
+ <host starttime="1218934279" endtime="1218934325"><status state="up" reason="arp-response"/>
150
+ <address addr="192.168.5.111" addrtype="ipv4" />
151
+ <address addr="00:11:24:25:FF:D5" addrtype="mac" vendor="Apple Computer" />
152
+ <hostnames />
153
+ <ports><extraports state="closed" count="1714">
154
+ <extrareasons reason="resets" count="1714"/>
155
+ </extraports>
156
+ <port protocol="tcp" portid="5000"><state state="open" reason="syn-ack" reason_ttl="64"/><service name="upnp" method="table" conf="3" /></port>
157
+ </ports>
158
+ <os><portused state="open" proto="tcp" portid="5000" />
159
+ <portused state="closed" proto="tcp" portid="1" />
160
+ <portused state="closed" proto="udp" portid="30609" />
161
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.4.X" accuracy="100" />
162
+ <osmatch name="Apple Mac OS X 10.4.10 (Tiger) (Darwin 8.10.0 - 8.11.1)" accuracy="100" line="1212" />
163
+ <osfingerprint fingerprint="OS:SCAN(V=4.68%D=8/16%OT=5000%CT=1%CU=30609%PV=Y%DS=1%G=Y%M=001124%TM=48A77&#xa;OS:636%P=i686-pc-linux-gnu)SEQ(SP=11%GCD=74852FB0%ISR=FF%TI=I%II=I%SS=S%TS=&#xa;OS:1)OPS(O1=M5B4NW0NNT11SLL%O2=M5B4NW0NNT11SLL%O3=M5B4NW0NNT11%O4=M5B4NW0NN&#xa;OS:T11SLL%O5=M5B4NW0NNT11SLL%O6=M5B4NNT11SLL)WIN(W1=FFFF%W2=FFFF%W3=FFFF%W4&#xa;OS:=FFFF%W5=FFFF%W6=FFFF)ECN(R=Y%DF=Y%T=40%W=FFFF%O=M5B4NW0SLL%CC=N%Q=)T1(R&#xa;OS:=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=&#xa;OS:A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=&#xa;OS:Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=N%T=40%W=0%S=Z%A=S%F=AR&#xa;OS:%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK&#xa;OS:=0%RUL=G%RUD=G)IE(R=Y%DFI=S%T=40%TOSI=S%CD=S%SI=S%DLI=S)&#xa;" />
164
+ </os>
165
+ <uptime seconds="54768855" lastboot="Tue Nov 21 19:17:51 2006" />
166
+ <distance value="1" />
167
+ <tcpsequence index="17" difficulty="Good luck!" values="CA35BC58,55B08CA8,55B08CA8,55B08CA8,55B08CA8,55B08CA8" />
168
+ <ipidsequence class="Incremental" values="221C,221D,221E,221F,2220,2221" />
169
+ <tcptssequence class="2HZ" values="68769AB,68769AB,68769AB,68769AB,68769AB,68769AC" />
170
+ <times srtt="22425" rttvar="32215" to="151285" />
171
+ </host>
172
+ <host starttime="1218934279" endtime="1218934325"><status state="up" reason="arp-response"/>
173
+ <address addr="192.168.5.125" addrtype="ipv4" />
174
+ <address addr="00:1F:5B:CF:0A:9C" addrtype="mac" vendor="Apple" />
175
+ <hostnames />
176
+ <ports><extraports state="closed" count="1715">
177
+ <extrareasons reason="resets" count="1715"/>
178
+ </extraports>
179
+ </ports>
180
+ <os><portused state="closed" proto="tcp" portid="1" />
181
+ <portused state="closed" proto="udp" portid="31277" />
182
+ <osclass type="phone" vendor="Apple" osfamily="embedded" accuracy="100" />
183
+ <osclass type="media device" vendor="Apple" osfamily="embedded" accuracy="100" />
184
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.2.X" accuracy="100" />
185
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.3.X" accuracy="100" />
186
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.4.X" accuracy="100" />
187
+ <osclass type="general purpose" vendor="Apple" osfamily="Mac OS X" osgen="10.5.X" accuracy="100" />
188
+ <osclass type="web proxy" vendor="Blue Coat" osfamily="SGOS" osgen="5.X" accuracy="100" />
189
+ <osclass type="general purpose" vendor="FreeBSD" osfamily="FreeBSD" osgen="4.X" accuracy="100" />
190
+ <osclass type="specialized" vendor="VMWare" osfamily="ESX Server" osgen="3.0.X" accuracy="100" />
191
+ <osfingerprint fingerprint="SCAN(V=4.68%D=8/16%OT=%CT=1%CU=31277%PV=Y%DS=1%G=N%M=001F5B%TM=48A77636%P=i686-pc-linux-gnu)&#xa;T5(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)&#xa;T7(R=Y%DF=N%T=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=)&#xa;U1(R=Y%DF=N%T=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=0%RUL=G%RUD=G)&#xa;IE(R=Y%DFI=S%T=40%TOSI=S%CD=S%SI=S%DLI=S)&#xa;" />
192
+ </os>
193
+ <distance value="1" />
194
+ <times srtt="32472" rttvar="31983" to="160404" />
195
+ </host>
196
+ <host starttime="1218934279" endtime="1218934325"><status state="up" reason="arp-response"/>
197
+ <address addr="192.168.5.148" addrtype="ipv4" />
198
+ <address addr="00:1A:92:1C:72:64" addrtype="mac" vendor="Asustek Computer" />
199
+ <hostnames />
200
+ <ports><extraports state="closed" count="1710">
201
+ <extrareasons reason="resets" count="1710"/>
202
+ </extraports>
203
+ <port protocol="tcp" portid="135"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="msrpc" method="table" conf="3" /></port>
204
+ <port protocol="tcp" portid="137"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="netbios-ns" method="table" conf="3" /></port>
205
+ <port protocol="tcp" portid="138"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="netbios-dgm" method="table" conf="3" /></port>
206
+ <port protocol="tcp" portid="139"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="netbios-ssn" method="table" conf="3" /></port>
207
+ <port protocol="tcp" portid="445"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="microsoft-ds" method="table" conf="3" /></port>
208
+ </ports>
209
+ <os><portused state="closed" proto="tcp" portid="1" />
210
+ <portused state="closed" proto="udp" portid="33395" />
211
+ <osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="2003" accuracy="100" />
212
+ <osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="XP" accuracy="100" />
213
+ <osfingerprint fingerprint="SCAN(V=4.68%D=8/16%OT=%CT=1%CU=33395%PV=Y%DS=1%G=N%M=001A92%TM=48A77636%P=i686-pc-linux-gnu)&#xa;T5(R=Y%DF=N%T=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=Y%DF=N%T=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)&#xa;T7(R=Y%DF=N%T=80%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;U1(R=Y%DF=N%T=80%TOS=0%IPL=B0%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)&#xa;IE(R=Y%DFI=S%T=80%TOSI=Z%CD=Z%SI=S%DLI=S)&#xa;" />
214
+ </os>
215
+ <distance value="1" />
216
+ <times srtt="10282" rttvar="6908" to="100000" />
217
+ </host>
218
+ <host starttime="1218934279" endtime="1218934325"><status state="up" reason="arp-response"/>
219
+ <address addr="192.168.5.166" addrtype="ipv4" />
220
+ <address addr="00:90:4B:6F:12:38" addrtype="mac" vendor="GemTek Technology Co." />
221
+ <hostnames />
222
+ <ports><extraports state="filtered" count="1713">
223
+ <extrareasons reason="no-responses" count="1713"/>
224
+ </extraports>
225
+ <port protocol="tcp" portid="139"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="netbios-ssn" method="table" conf="3" /></port>
226
+ <port protocol="tcp" portid="445"><state state="open" reason="syn-ack" reason_ttl="128"/><service name="microsoft-ds" method="table" conf="3" /></port>
227
+ </ports>
228
+ <os><portused state="open" proto="tcp" portid="139" />
229
+ <osclass type="general purpose" vendor="Microsoft" osfamily="Windows" osgen="2000" accuracy="100" />
230
+ <osmatch name="Microsoft Windows 2000 SP4 or Windows XP SP2" accuracy="100" line="15285" />
231
+ <osfingerprint fingerprint="SCAN(V=4.68%D=8/16%OT=139%CT=%CU=%PV=Y%DS=1%G=N%M=00904B%TM=48A77636%P=i686-pc-linux-gnu)&#xa;SEQ(SP=106%GCD=1%ISR=10B%TI=I%II=I%SS=S%TS=0)&#xa;OPS(O1=M5B4NW0NNT00NNS%O2=M5B4NW0NNT00NNS%O3=M5B4NW0NNT00%O4=M5B4NW0NNT00NNS%O5=M5B4NW0NNT00NNS%O6=M5B4NNT00NNS)&#xa;WIN(W1=4470%W2=41A0%W3=4100%W4=40E8%W5=40E8%W6=402E)&#xa;ECN(R=Y%DF=Y%TG=80%W=4470%O=M5B4NW0NNS%CC=N%Q=)&#xa;T1(R=Y%DF=Y%TG=80%S=O%A=S+%F=AS%RD=0%Q=)&#xa;T2(R=N)&#xa;T3(R=N)&#xa;T4(R=Y%DF=N%TG=80%W=0%S=A%A=O%F=R%O=%RD=0%Q=)&#xa;U1(R=N)&#xa;IE(R=Y%DFI=S%TG=80%TOSI=Z%CD=Z%SI=S%DLI=S)&#xa;" />
232
+ </os>
233
+ <distance value="1" />
234
+ <tcpsequence index="262" difficulty="Good luck!" values="E268F991,62562AB6,20EF132D,5EE515F2,660E2BE6,23E04F2B" />
235
+ <ipidsequence class="Incremental" values="79D4,79D5,79D6,79D7,79D8,79D9" />
236
+ <tcptssequence class="zero timestamp" values="0,0,0,0,0,0" />
237
+ <times srtt="25192" rttvar="36819" to="172468" />
238
+ </host>
239
+ <runstats><finished time="1218934326" timestr="Sat Aug 16 17:52:06 2008"/><hosts up="10" down="246" total="256" />
240
+ <!-- Nmap done at Sat Aug 16 17:52:06 2008; 256 IP addresses (10 hosts up) scanned in 77.148 seconds -->
241
+ </runstats></nmaprun>
@@ -0,0 +1,3 @@
1
+ module Helpers
2
+ SCAN_FILE = File.join(File.dirname(__FILE__),'scan.xml')
3
+ end
data/spec/host_spec.rb ADDED
@@ -0,0 +1,106 @@
1
+ require 'nmap/xml'
2
+ require 'nmap/host'
3
+
4
+ require 'spec_helper'
5
+ require 'helpers/xml'
6
+
7
+ describe Host do
8
+ include Helpers
9
+
10
+ before(:all) do
11
+ @xml = XML.new(Helpers::SCAN_FILE)
12
+ @host = @xml.hosts.first
13
+ end
14
+
15
+ it "should parse the status" do
16
+ status = @host.status
17
+
18
+ status.state.should == :up
19
+ status.reason.should == 'arp-response'
20
+ end
21
+
22
+ it "should parse the addresses" do
23
+ addresses = @host.addresses
24
+
25
+ addresses.length.should == 2
26
+
27
+ addresses[0].type.should == :ipv4
28
+ addresses[0].addr.should == '192.168.5.1'
29
+
30
+ addresses[1].type.should == :mac
31
+ addresses[1].addr.should == '00:1D:7E:EF:2A:E5'
32
+ end
33
+
34
+ it "should parse the MAC address" do
35
+ @host.mac.should == '00:1D:7E:EF:2A:E5'
36
+ end
37
+
38
+ it "should parse the IPv4 address" do
39
+ @host.ipv4.should == '192.168.5.1'
40
+ end
41
+
42
+ it "should parse the IPv6 address" do
43
+ pending "generate a Nmap XML scan file including IPv6 addresses"
44
+ end
45
+
46
+ it "should have an IP" do
47
+ @host.ip.should == '192.168.5.1'
48
+ end
49
+
50
+ it "should have an address" do
51
+ @host.address.should == '192.168.5.1'
52
+ end
53
+
54
+ it "should parse the hostnames" do
55
+ pending "generate a Nmap XML scan file including hostnames"
56
+ end
57
+
58
+ it "should parse the OS guessing information" do
59
+ @host.os.should_not be_nil
60
+ end
61
+
62
+ it "should parse the ports" do
63
+ ports = @host.ports
64
+
65
+ ports.length.should == 3
66
+ ports[0].protocol.should == :tcp
67
+ ports[0].number.should == 21
68
+ ports[0].state.should == :closed
69
+ ports[0].reason.should == 'reset'
70
+ ports[0].service.should == 'ftp'
71
+
72
+ ports[1].protocol.should == :tcp
73
+ ports[1].number.should == 23
74
+ ports[1].state.should == :closed
75
+ ports[1].reason.should == 'reset'
76
+ ports[1].service.should == 'telnet'
77
+
78
+ ports[2].protocol.should == :tcp
79
+ ports[2].number.should == 443
80
+ ports[2].state.should == :open
81
+ ports[2].reason.should == 'syn-ack'
82
+ ports[2].service.should == 'https'
83
+ end
84
+
85
+ it "should list the open ports" do
86
+ ports = @host.open_ports
87
+
88
+ ports.length.should == 1
89
+ ports.all? { |port| port.state == :open }.should == true
90
+ end
91
+
92
+ it "should list TCP ports" do
93
+ ports = @host.tcp_ports
94
+
95
+ ports.length.should == 3
96
+ ports.all? { |port| port.protocol == :tcp }.should == true
97
+ end
98
+
99
+ it "should list the UDP ports" do
100
+ pending "generate a Nmap XML scan file including scanned UDP ports"
101
+ end
102
+
103
+ it "should convert to a String" do
104
+ @host.to_s.should == '192.168.5.1'
105
+ end
106
+ end
data/spec/nmap_spec.rb ADDED
@@ -0,0 +1,9 @@
1
+ require 'nmap/version'
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Nmap do
6
+ it "should have a VERSION constant" do
7
+ Nmap.const_defined?('VERSION').should == true
8
+ end
9
+ end
data/spec/os_spec.rb ADDED
@@ -0,0 +1,45 @@
1
+ require 'nmap/os'
2
+ require 'nmap/xml'
3
+ require 'cgi'
4
+
5
+ require 'spec_helper'
6
+ require 'helpers/xml'
7
+
8
+ describe OS do
9
+ include Helpers
10
+
11
+ before(:all) do
12
+ @xml = XML.new(Helpers::SCAN_FILE)
13
+ @os = @xml.hosts.first.os
14
+ end
15
+
16
+ it "should parse the OS classes" do
17
+ classes = @os.classes
18
+
19
+ classes.length.should == 1
20
+ classes[0].type.should == :WAP
21
+ classes[0].vendor.should == 'Netgear'
22
+ classes[0].family.should == :embedded
23
+ classes[0].accuracy.should == 100
24
+ end
25
+
26
+ it "should parse the OS matches" do
27
+ matches = @os.matches
28
+
29
+ matches.length.should == 2
30
+
31
+ matches[0].name.should == 'Netgear WGR614v6 wireless broadband router'
32
+ matches[0].accuracy.should == 100
33
+
34
+ matches[1].name.should == 'Netgear WGR614v7 or WPN824v2 wireless broadband router'
35
+ matches[1].accuracy.should == 100
36
+ end
37
+
38
+ it "should parse the ports used" do
39
+ @os.ports_used.should == [443, 21]
40
+ end
41
+
42
+ it "should parse the OS fingerprints" do
43
+ @os.fingerprint.should == CGI.unescapeHTML("SCAN(V=4.68%D=8/16%OT=443%CT=21%CU=%PV=Y%DS=1%G=N%M=001D7E%TM=48A77607%P=i686-pc-linux-gnu)&#xa;SEQ(SP=19%GCD=FA00%ISR=9E%TI=I%TS=1)&#xa;OPS(O1=M5B4NW0NNT11%O2=M5B4NW0NNT11%O3=M5B4NW0NNT11%O4=M5B4NW0NNT11%O5=M5B4NW0NNT11%O6=M5B4NNT11)&#xa;WIN(W1=2000%W2=2000%W3=2000%W4=2000%W5=2000%W6=2000)&#xa;ECN(R=Y%DF=N%TG=40%W=2000%O=M5B4NW0%CC=N%Q=)&#xa;T1(R=Y%DF=N%TG=40%S=O%A=S+%F=AS%RD=0%Q=)&#xa;T2(R=N)&#xa;T3(R=N)&#xa;T4(R=N)&#xa;T5(R=Y%DF=N%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)&#xa;T6(R=N)&#xa;T7(R=N)&#xa;U1(R=N)&#xa;IE(R=N)&#xa;")
44
+ end
45
+ end
@@ -0,0 +1,7 @@
1
+ require 'rubygems'
2
+ gem 'rspec', '>=1.1.12'
3
+ require 'spec'
4
+
5
+ require 'nmap/version'
6
+
7
+ include Nmap