我正在编写一个脚本来解析nmap输出以获取易受攻击的系统及其IP地址。
nmap内容如下所示:
Nmap scan report for 10.x.x.x
Host is up (-0.031s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
MAC Address: 00:50:56:89:6E:4B (VMware)
Host script results:
| smb-vuln-cve2009-3103:
| VULNERABLE:
| SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
| State: VULNERABLE
| IDs: CVE:CVE-2009-3103
| Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2,
| Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a
| denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE
寻找这样的输出(如果可能):
10.x.x.x
SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
State: VULNERABLE
Next Entry...
Next Entry...
任何想法怎么做???感谢您抽出时间看这个......
答案 0 :(得分:2)
如果使用Nmap 7.50或更新版本,可以在命令中添加--script-args vulns.short,输出将缩短为:
| smb-vuln-cve2009-3103:
|_ 10.x.x.x VULNERABLE CVE-2009-3103
这更易于解析,因为所有必要的信息都在一行上。