Merge pull request #121 from eli-schwartz/master

nmapxml: don't use unnecessary temporary files
This commit is contained in:
g0tmi1k 2018-10-04 21:03:32 +01:00 committed by GitHub
commit 973786857d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -346,9 +346,6 @@ function searchsploitout()
## Read XML file
function nmapxml()
{
## Remove any old traces
rm -f /tmp/searchsploit.{tmp,out}
## Feedback to the end user
echo -e "[i] Reading: '${FILE}'\n"
@ -368,29 +365,24 @@ function nmapxml()
## If we have already looped around and got something, save it before moving onto the current value
if [[ "${software}" ]]; then
#searchsploitout
echo "${software}" >> /tmp/searchsploit.out
echo "${software}"
fi
## Something is better than nothing. Will just go on the default service that matches the port. e.g. domain
software="${input}"
## Might not get any more than this, if -sV failed
echo "${software}" > /tmp/searchsploit.tmp
;;
"[PRODUCT]")
## We have a name, but no version (yet?) e.g. dnsmasq
software="${input}"
echo "${software}" > /tmp/searchsploit.tmp
;;
"[VERSION]")
software="${software} ${input}"
## Name & version. There isn't any more information to get, game over. e.g. dnsmasq 2.72
echo "${software}" >> /tmp/searchsploit.out
echo "" > /tmp/searchsploit.tmp
echo "${software}"
software=
;;
esac
done
## Read in from file (so there are no duplicates - ...but unable to print out IPs)
cat /tmp/searchsploit.out /tmp/searchsploit.tmp 2>/dev/null | tr '[:upper:]' '[:lower:]' | awk '!x[$0]++' | while read software; do
done | tr '[:upper:]' '[:lower:]' | awk '!x[$0]++' | while read software; do
searchsploitout
done
}