Open l0nedigit opened 3 days ago
Hi @l0nedigit ! Can you include an excerpt of the XML output please? Thanks :)
Here ya go:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.94SVN scan initiated Thu Oct 24 11:22:44 2024 as: nmap -sN -n -oX test.xml -p 22 --open -- 192.168.20.0/24 -->
<nmaprun scanner="nmap" args="nmap -sN -n -oX test.xml -p 22 --open -- 192.168.20.0/24" start="1729783364" startstr="Thu Oct 24 11:22:44 2024" version="7.94SVN" xmloutputversion="1.05">
<scaninfo type="null" protocol="tcp" numservices="1" services="22"/>
<verbose level="0"/>
<debugging level="0"/>
<hosthint><status state="up" reason="arp-response" reason_ttl="0"/>
<address addr="192.168.20.195" addrtype="ipv4"/>
<address addr="D4:D8:53:48:EF:A9" addrtype="mac" vendor="Intel Corporate"/>
<hostnames>
</hostnames>
</hosthint>
<hosthint><status state="up" reason="arp-response" reason_ttl="0"/>
<address addr="192.168.20.254" addrtype="ipv4"/>
<address addr="D0:21:F9:67:7D:4F" addrtype="mac" vendor="Ubiquiti Networks"/>
<hostnames>
</hostnames>
</hosthint>
<host starttime="1729783372" endtime="1729783374"><status state="up" reason="arp-response" reason_ttl="0"/>
<address addr="192.168.20.195" addrtype="ipv4"/>
<address addr="D4:D8:53:48:EF:A9" addrtype="mac" vendor="Intel Corporate"/>
<hostnames>
</hostnames>
<ports><port protocol="tcp" portid="22"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="ssh" method="table" conf="3"/></port>
</ports>
<times srtt="202341" rttvar="202341" to="1011705"/>
</host>
<host starttime="1729783374" endtime="1729783376"><status state="up" reason="localhost-response" reason_ttl="0"/>
<address addr="192.168.20.55" addrtype="ipv4"/>
<hostnames>
</hostnames>
<ports><port protocol="tcp" portid="22"><state state="open|filtered" reason="no-response" reason_ttl="0"/><service name="ssh" method="table" conf="3"/></port>
</ports>
</host>
<runstats><finished time="1729783376" timestr="Thu Oct 24 11:22:56 2024" summary="Nmap done at Thu Oct 24 11:22:56 2024; 256 IP addresses (3 hosts up) scanned in 12.48 seconds" elapsed="12.48" exit="success"/><hosts up="3" down="253" total="256"/>
</runstats>
</nmaprun>
Ah, I see now - it's under the hosthint tags and not present under host. Also a quick string(result.rawXML) under xml.go:447 isn't showing the mac address either. So, Run doesn't seem to be getting that info - will continue digging a bit later.
Indeed, it looks like HostHint isn't supported by the parser at the moment, I assume because it's something that is not meant to show an end result but rather a hint as to something that happens during the mapping process (which wasn't initially relevant for this package since it only dealt with the end result).
It could make sense to add it now, shouldn't be too much work, but I can't do it right now.
If you feel like it, you could simply extend the structure in xml.go
to add HostHint
and update the tests to make sure it works with your values, it should not require any additional logic. If not, I'll add a help wanted
label in the meantime in case someone wants to tackle this.
Let's do both. I won't have time today or this weekend. But can try next week and if someone picks it up ahead of that, so be it.
And I agree it shouldn't be too bad to integrate (famous last words) as the fields are identical and should unmarshal the same.
On Fri, Oct 25, 2024, 10:24 AM Brendan Le Glaunec @.***> wrote:
Indeed, it looks like HostHint isn't supported by the parser at the moment, I assume because it's something that is not meant to show an end result but rather a hint as to something that happens during the mapping process (which wasn't initially relevant for this package since it only dealt with the end result).
It could make sense to add it now, shouldn't be too much work, but I can't do it right now.
If you feel like it, you could simply extend the structure in xml.go to add HostHint and update the tests to make sure it works with your values, it should not require any additional logic. If not, I'll add a help wanted label in the meantime in case someone wants to tackle this.
— Reply to this email directly, view it on GitHub https://github.com/Ullaakut/nmap/issues/136#issuecomment-2437959148, or unsubscribe https://github.com/notifications/unsubscribe-auth/AF5GAE55Z5RAM4TDDRWVSXLZ5JIDHAVCNFSM6AAAAABQPBECXOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZXHE2TSMJUHA . You are receiving this because you were mentioned.Message ID: @.***>
In the XML output of nmap, I can see the mac associated with the ip discovered, however I am unable to find how I can access this data? Is it being captured in a struct somewhere in xml.go that I am just not seeing? Version 3.0.3 is what I am using.