search

savon-noir / python-libnmap

libnmap is a python library to run nmap scans, parse and diff scan results. It supports python 2.7 up to 3.8. It's wonderful.
https://libnmap.readthedocs.org
Other
489 stars 182 forks source link

scan_type #54

Open Starow opened 9 years ago

Starow commented 9 years ago

Hello :) With some options given to the nmap such as (type ping):

nm = NmapProcess('192.168.0.0/24', options='-e wlan0 -n -sP -PR')
nm.sudo_run()
report = NmapParser.parse(nm.stdout)
print report.scan_type

The scan_type is absent which lead to a KeyError:

In [13]: print report.scan_type
scan_type(self)
--> 113         return self._scaninfo['type']
KeyError: 'type'

And because of this error it's impossible to proceed a diff on the report. Maybe it would be nice to put a default _scaninfo['type'] to avoid this kind of behavior ?

savon-noir commented 9 years ago

error in parsing? nmap dtd defines scaninfo.type as required: see http://nmap.org/book/nmap-dtd.html

<!ATTLIST scaninfo type %scan_types; #REQUIRED scanflags CDATA #IMPLIED protocol %port_protocols; #REQUIRED numservices %attr_numeric; #REQUIRED services CDATA #REQUIRED

could you paste the corresponding nmap xml portion which fails parsing?

Starow commented 9 years ago

when I read nm.stdout The attribute scaninfo is missing:

But actually I found the problem: http://seclists.org/nmap-dev/2005/q1/77

Beggining:

1 <?xml version="1.0"?>                                                           
  2 <?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
  3 <!-- Nmap 6.40 scan initiated Wed Apr 22 09:19:18 2015 as: /usr/bin/nmap -oX - -vvv -&#45;stats-every 1s -e wlan0 -n -PR -sP 192.168.30.0/24 -->
  4 <nmaprun scanner="nmap" args="/usr/bin/nmap -oX - -vvv -&#45;stats-every 1s -e wlan0 -n -PR -sP 192.168.30.0/24" start="1429687158" startstr="Wed Apr 22 09:19:18       2015" version="6.40" xmloutputversion="1.04">
  5 <verbose level="3"/>                                                            
  6 <debugging level="0"/>                                                          
  7 <taskbegin task="ARP Ping Scan" time="1429687158"/>                             
  8 <taskprogress task="ARP Ping Scan" time="1429687159" percent="21.09" remaining="4" etc="1429687163"/>
  9 <taskprogress task="ARP Ping Scan" time="1429687160" percent="38.48" remaining="4" etc="1429687163"/>
 10 <taskprogress task="ARP Ping Scan" time="1429687161" percent="58.01" remaining="3" etc="1429687163"/>
 11 <taskprogress task="ARP Ping Scan" time="1429687162" percent="88.09" remaining="1" etc="1429687163"/>
 12 <taskend task="ARP Ping Scan" time="1429687163" extrainfo="256 total hosts"/>   
 13 <host><status state="down" reason="no-response" reason_ttl="0"/>                
 14 <address addr="192.168.30.0" addrtype="ipv4"/>                                  
 15 </host>
Starow commented 9 years ago

Are you going to consider it as a bug? Because when the scaninfo is missing it's impossible to make a diff between two reports :)

savon-noir commented 9 years ago

yep! needs to be corrected.