Fix for #66 - Process the last port in nmap’s XML mode

2016-12-20 14:12:29 +00:00 · 2016-12-20 14:12:29 +00:00 · c00b72665a
commit c00b72665a
parent 2b92095822
1 changed files with 28 additions and 19 deletions
--- a/47
+++ b/47
@ -273,7 +273,7 @@ function searchsploitout()
 function nmapxml()
 {
  ## Remove any old traces
-  rm -f /tmp/searchsploitout
+  rm -f /tmp/searchsploit.{tmp,out}

  ## Feedback to the end user
  echo -e "[i] Reading: '${FILE}'\n"
@ -286,28 +286,37 @@ function nmapxml()
      type=$( echo "${line}" | cut -d" " -f 1 )
      input=$( echo "${line}" | cut -d" " -f 2- )

-    case "${type}" in
-      "[IP]")
-        #[[ "${VERBOSE}" -eq 1 ]] && echo -e "\n\n\e[32m[*] IP: ${input}\e[39m" 1>&2
-        ;;
-      "[NAME]")
-        #searchsploitout
-        echo "${software}" >> /tmp/searchsploitout
-        software="${input}"
-        ;;
-      "[PRODUCT]")
-        software="${input}"
-        ;;
-      "[VERSION]")
-        software="${software} ${input}"
-        ;;
+      case "${type}" in
+        "[IP]")
+          #[[ "${VERBOSE}" -eq 1 ]] && echo -e "\n\n\e[32m[*] IP: ${input}\e[39m" 1>&2
+          ;;
+        "[NAME]")
+          ## If we have already looped around and got something, save it before moving onto the current value
+          if [[ "${software}" ]]; then
+            #searchsploitout
+            echo "${software}" >> /tmp/searchsploit.out
+          fi
+          ## Something is better than nothing. Will just go on the default service that matches the port.   e.g. domain
+          software="${input}"
+          ## Might not get any more than this, if -sV failed
+          echo "${software}" > /tmp/searchsploit.tmp
+          ;;
+        "[PRODUCT]")
+          ## We have a name, but no version (yet?)   e.g. dnsmasq
+          software="${input}"
+          echo "${software}" > /tmp/searchsploit.tmp
+          ;;
+        "[VERSION]")
+          software="${software} ${input}"
+          ## Name & version. There isn't any more information to get, game over.   e.g. dnsmasq 2.72
+          echo "${software}" >> /tmp/searchsploit.out
+          echo "" > /tmp/searchsploit.tmp
+          ;;
      esac
  done
-  #searchsploitout
-  echo "${software}" >> /tmp/searchsploitout

  ## Read in from file (so there are no duplicates - ...but unable to print out IPs)
-  cat /tmp/searchsploitout | tr '[:upper:]' '[:lower:]'  | awk '!x[$0]++' | while read software; do
+  cat /tmp/searchsploit.tmp /tmp/searchsploit.out 2>/dev/null | tr '[:upper:]' '[:lower:]' | awk '!x[$0]++' | while read software; do
    searchsploitout
  done
 }