GLIPER - Grepable Logifile IP ExtractoR - 12/02/03 05:28 AM
nmap has this cool random search option that lets you scan random IP numbers. It can come if very handy if you are looking for a certain service or someplace to try out a new exploit.
nmap -sS -iR 0 -p 21
this will randomly search for FTP servers. Now, you are going to get a lot of servers that have the port closed or filtered and it's a pain in the [censored] going through the output looking for an open server. If you add the -oG option you can save the output to a grepable file but you still get all the closed hosts . This is where GLIPER comes in. you feed it a nmap logfile and it spits out a file of only the IP addresses which have the port open, which then can be used for further testing with tools like nessus etc. when you issue the nmap command jus specify a logfile and run it through GLIPER and you save yourself a whole lotta time.
nmap -sS -iR 0 -p 21 -oG logfile
I realize this will make a lot of script kiddies happy but hey, I needed somethin like this for myself and why not share it with the rest of the world. Here's the source, it's in Perl. Do what you want with it..
------------------cut ----------------------
#!/usr/bin/perl -w
#hope you like all the comments
#even your grand mother could make sense of this code
print "*************************************************\n";
print "\t\tGliper (v 0.1)\n";
print "Extracts IP addresses from Nmap grepable logfiles\n";
print "Issue nmap command with '-oG' option\n";
print "by: Damien (damienak1\@hotmail.com)\n";
print "*************************************************\n\n";
#open nmap logfile
print "Enter name of logfile: ";
chomp($logfile = <STDIN>);
open(LOG, $logfile) || die;
#open a file for output
print "Enter name of output file: ";
chomp($output = <STDIN>);
open(OUTPUT, ">$output");
#array of lines from logfile
@lines = <LOG>;
#go through array looking for strings matching the regular expressions
foreach(@lines){
if (/Host: / && /open/){ #only lines starting with Host: that have an open port
s/Host:(\s)//; #delete the Host: string
s/(\s).{1,100}//; #delete anythin after white-space
print OUTPUT; #print IP address to the output file
}
}
#close both file-handles
close(OUTPUT);
close(LOG);
-----------------------------cut--------------------------------
p.s. I wasn't sure where to post this. we don't have a perl forum, perl and nmap are available on linux and windows, and the other programming section is about website programming, and this isn't. so if it's in the wrong forum somebody can move it.
nmap -sS -iR 0 -p 21
this will randomly search for FTP servers. Now, you are going to get a lot of servers that have the port closed or filtered and it's a pain in the [censored] going through the output looking for an open server. If you add the -oG option you can save the output to a grepable file but you still get all the closed hosts . This is where GLIPER comes in. you feed it a nmap logfile and it spits out a file of only the IP addresses which have the port open, which then can be used for further testing with tools like nessus etc. when you issue the nmap command jus specify a logfile and run it through GLIPER and you save yourself a whole lotta time.
nmap -sS -iR 0 -p 21 -oG logfile
I realize this will make a lot of script kiddies happy but hey, I needed somethin like this for myself and why not share it with the rest of the world. Here's the source, it's in Perl. Do what you want with it..
------------------cut ----------------------
#!/usr/bin/perl -w
#hope you like all the comments
#even your grand mother could make sense of this code
print "*************************************************\n";
print "\t\tGliper (v 0.1)\n";
print "Extracts IP addresses from Nmap grepable logfiles\n";
print "Issue nmap command with '-oG' option\n";
print "by: Damien (damienak1\@hotmail.com)\n";
print "*************************************************\n\n";
#open nmap logfile
print "Enter name of logfile: ";
chomp($logfile = <STDIN>);
open(LOG, $logfile) || die;
#open a file for output
print "Enter name of output file: ";
chomp($output = <STDIN>);
open(OUTPUT, ">$output");
#array of lines from logfile
@lines = <LOG>;
#go through array looking for strings matching the regular expressions
foreach(@lines){
if (/Host: / && /open/){ #only lines starting with Host: that have an open port
s/Host:(\s)//; #delete the Host: string
s/(\s).{1,100}//; #delete anythin after white-space
print OUTPUT; #print IP address to the output file
}
}
#close both file-handles
close(OUTPUT);
close(LOG);
-----------------------------cut--------------------------------
p.s. I wasn't sure where to post this. we don't have a perl forum, perl and nmap are available on linux and windows, and the other programming section is about website programming, and this isn't. so if it's in the wrong forum somebody can move it.