如果我用以下参数运行nmap。
nmap -T4 --top-ports 7500 -Pn -oX output.xml xxx.xxx.xxx.xxx
我在XML文件中得到的结果是
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///C:/Program Files (x86)/Nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.80 scan initiated Thu May 14 08:39:46 2020 as: nmap -T4 --top-ports 7500 -Pn -oX output.xml xxx.xxx.xxx.xxx -->
<nmaprun scanner="nmap" args="nmap -T4 --top-ports 7500 -Pn -oX output.xml xxx.xxx.xxx.xxx" start="1589470786" startstr="Thu May 14 08:39:46 2020" version="7.80" xmloutputversion="1.04">
<scaninfo type="syn" protocol="tcp" numservices="7500" services="1-35,37-226,228-231,REDACTED-FOR-BREVITIY" />
<verbose level="0" />
<debugging level="0" />
<host starttime="1589470788" endtime="1589470801">
<status state="up" reason="user-set" reason_ttl="0" />
<address addr="xxx.xxx.xxx.xxx" addrtype="ipv4" />
<hostnames />
<ports>
<extraports state="filtered" count="4290">
<extrareasons reason="no-responses" count="4290" />
</extraports>
<extraports state="closed" count="3209">
<extrareasons reason="resets" count="3209" />
</extraports>
<port protocol="tcp" portid="22">
<state state="open" reason="syn-ack" reason_ttl="53" />
<service name="ssh" method="table" conf="3" />
</port>
</ports>
<times srtt="77169" rttvar="3497" to="100000" />
</host>
<runstats>
<finished time="1589470801" timestr="Thu May 14 08:40:01 2020" elapsed="15.07" summary="Nmap done at Thu May 14 08:40:01 2020; 1 IP address (1 host up) scanned in 15.07 seconds" exit="success" />
<hosts up="1" down="0" total="1" />
</runstats>
</nmaprun>
我试图确定哪些4290端口被过滤了(无响应),哪些3209端口被关闭了(复位)。
是否有一些nmap标志的组合可以用来输出为XML格式,而不是浓缩过滤关闭的端口?
我没能在文档中找到这个规定。 https:/nmap.orgbooknping-man-output-options.html。
但在调试级别为3的情况下运行nmap命令(-d3)会导致nmap将每个端口单独写入文件。它还会将大量的调试信息写到 stdout 中, 这在我的使用中是很不幸的。
nmap -T4 --top-ports 7500 -Pn -d3 -oX output.xml xxx.xxx.xxx.xxx
<ports><port protocol="tcp" portid="1"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="tcpmux" method="table" conf="3"/></port>
<port protocol="tcp" portid="2"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="compressnet" method="table" conf="3"/></port>
<port protocol="tcp" portid="3"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="compressnet" method="table" conf="3"/></port>
<port protocol="tcp" portid="4"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>
<port protocol="tcp" portid="5"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="rje" method="table" conf="3"/></port>
<port protocol="tcp" portid="6"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="unknown" method="table" conf="3"/></port>