Question

masscan实用程序使用-oG选项生成的输出存在问题（＆＃34; grep-able＆＃34;输出）;例如，它输出：

# Masscan 1.0.3 scan initiated Wed Jun  4 01:35:02 2014
# Ports scanned: TCP(3;21-23,) UDP(0;) SCTP(0;) PROTOCOLS(0;)
Host: 192.168.100.19 () Ports: 2222/open/tcp////
Host: 192.168.100.13 () Ports: 2222/open/tcp////
Host: 192.168.100.16 () Ports: 443/open/tcp////
Host: 192.168.100.8 ()  Ports: 21/open/tcp////
Host: 192.168.100.5 ()  Ports: 22/open/tcp////
Host: 192.168.100.5 ()  Ports: 443/open/tcp////
Host: 192.168.100.16 () Ports: 80/open/tcp////
Host: 192.168.100.19 () Ports: 22/open/tcp////
Host: 192.168.100.7 ()  Ports: 80/open/tcp////
Host: 192.168.100.8 ()  Ports: 80/open/tcp////
Host: 192.168.100.12 () Ports: 2222/open/tcp////
Host: 192.168.100.13 () Ports: 22/open/tcp////
# Masscan done at Wed Jun  4 01:35:16 2014

上述内容既不易读也不易理解。

如何使用Linux命令行实用程序，例如sed，awk或grep，使用上面的文件输出如下内容？

Host: 192.168.100.5
Ports: 22, 443

Host: 192.168.100.7
Ports: 80

Host: 192.168.100.8
Ports: 21, 80

Host: 192.168.100.12
Ports: 2222

Host: 192.168.100.13
Ports: 2222, 22

......

如您所见，此布局中的输出更具可读性：按IP地址排序，使用下面列出的所有关联端口，在具有相同IP地址的多个输入行中进行合并。

Answer 1

试试这个：

awk -F' +|/' '
  !/\s*#/ {    # ignore comment lines
      # Add the port on the current line to the associative array 
      # element for the IP address on the current line.
    ips[$2] = ips[$2] (ips[$2] == "" ? $5 : ", " $5)
  }
  END {
      # Enumerate all IPs and the ports for each.
      # Since the IPs will be listed in no specific order, the output
      # is piped as a _single_ line to "sort" in order to sort by IP address,
      # and then expanded into 2 lines via "tr".
    for (ip in ips) {
      printf "Host: %s@Ports: %s@\n", ip, ips[ip] | \
        "sort -t. -n -k 1.6,1 -k 2,2 -k 3,3 -k 4,4 | tr @ \"\n\""
    } 
  }
  ' file

此解决方案正确按IP地址对输出进行排序，并用逗号分隔端口。
相比之下，对于给定的IP地址，端口号按输入中遇到的顺序列出（如问题中的示例输出数据）。

如何清理质量扫描输出（-oG）

1 个答案: