From c00b72665a9ad06c2c3f8204870d316f1fc6ff45 Mon Sep 17 00:00:00 2001
From: g0tmi1k <have.you.g0tmi1k@gmail.com>
Date: Tue, 20 Dec 2016 14:12:29 +0000
Subject: [PATCH] =?UTF-8?q?Fix=20for=20#66=20-=20Process=20the=20last=20po?=
 =?UTF-8?q?rt=20in=20nmap=E2=80=99s=20XML=20mode?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 searchsploit | 47 ++++++++++++++++++++++++++++-------------------
 1 file changed, 28 insertions(+), 19 deletions(-)

diff --git a/searchsploit b/searchsploit
index 08fb310a0..3eb636496 100755
--- a/searchsploit
+++ b/searchsploit
@@ -273,7 +273,7 @@ function searchsploitout()
 function nmapxml()
 {
   ## Remove any old traces
-  rm -f /tmp/searchsploitout
+  rm -f /tmp/searchsploit.{tmp,out}
 
   ## Feedback to the end user
   echo -e "[i] Reading: '${FILE}'\n"
@@ -286,28 +286,37 @@ function nmapxml()
       type=$( echo "${line}" | cut -d" " -f 1 )
       input=$( echo "${line}" | cut -d" " -f 2- )
 
-    case "${type}" in
-      "[IP]")
-        #[[ "${VERBOSE}" -eq 1 ]] && echo -e "\n\n\e[32m[*] IP: ${input}\e[39m" 1>&2
-        ;;
-      "[NAME]")
-        #searchsploitout
-        echo "${software}" >> /tmp/searchsploitout
-        software="${input}"
-        ;;
-      "[PRODUCT]")
-        software="${input}"
-        ;;
-      "[VERSION]")
-        software="${software} ${input}"
-        ;;
+      case "${type}" in
+        "[IP]")
+          #[[ "${VERBOSE}" -eq 1 ]] && echo -e "\n\n\e[32m[*] IP: ${input}\e[39m" 1>&2
+          ;;
+        "[NAME]")
+          ## If we have already looped around and got something, save it before moving onto the current value
+          if [[ "${software}" ]]; then
+            #searchsploitout
+            echo "${software}" >> /tmp/searchsploit.out
+          fi
+          ## Something is better than nothing. Will just go on the default service that matches the port.   e.g. domain
+          software="${input}"
+          ## Might not get any more than this, if -sV failed
+          echo "${software}" > /tmp/searchsploit.tmp
+          ;;
+        "[PRODUCT]")
+          ## We have a name, but no version (yet?)   e.g. dnsmasq
+          software="${input}"
+          echo "${software}" > /tmp/searchsploit.tmp
+          ;;
+        "[VERSION]")
+          software="${software} ${input}"
+          ## Name & version. There isn't any more information to get, game over.   e.g. dnsmasq 2.72
+          echo "${software}" >> /tmp/searchsploit.out
+          echo "" > /tmp/searchsploit.tmp
+          ;;
       esac
   done
-  #searchsploitout
-  echo "${software}" >> /tmp/searchsploitout
 
   ## Read in from file (so there are no duplicates - ...but unable to print out IPs)
-  cat /tmp/searchsploitout | tr '[:upper:]' '[:lower:]'  | awk '!x[$0]++' | while read software; do
+  cat /tmp/searchsploit.tmp /tmp/searchsploit.out 2>/dev/null | tr '[:upper:]' '[:lower:]' | awk '!x[$0]++' | while read software; do
     searchsploitout
   done
 }