-oX output missing a field

[dmaynor]

In out-xml.c the function xml_out_status does not include a state entity for its output. xml_out_banner does.

An example of the well formed output below:

<port protocol="tcp" portid="80">
    <state state="open" reason="syn-ack" reason_ttl="116"/>
        <service name="http" product="Microsoft IIS httpd" method="probed" conf="10">
           <cpe>cpe:/a:microsoft:iis</cpe>
        </service><script id="http-title" output="Site doesn&apos;t have a title (text/html)."/>
       <script id="http-methods" output="No Allow or Public header in OPTIONS response (status code 400)"/>
</port>

This is the masscan code, its missing: :

The code from xml_out_banner(), line 104:

   fprintf(fp, "<host endtime=\"%u\">"
                "<address addr=\"%u.%u.%u.%u\" addrtype=\"ipv4\"/>"
                "<ports>"
                "<port protocol=\"%s\" portid=\"%u\">"  <<<<<<<<-------STATE element goes after port here!
                "<service name=\"%s\" banner=\"%s\">"
                "</service>"
                "</port>"
                "</ports>"
            "</host>"
            "\r\n",
    (unsigned)timestamp,
    (ip>>24)&0xFF,
    (ip>>16)&0xFF,
    (ip>> 8)&0xFF,
    (ip>> 0)&0xFF,
    name_from_ip_proto(ip_proto),
    port,
    masscan_app_to_string(proto),
    normalize_string(px, length, banner_buffer, sizeof(banner_buffer))
    );

[robertdavidgraham]

I've added those fields.

Older binary scan files don't include the TTL, so it'll be reported as 0. Newer binary scan files will have the TTL and will show the correct value in the XML.