nmap.py - version and date, see below
Author : Alexandre Norman - norman at xael.org
Contributors: Steve 'Ashcrow' Milner - steve at gnulinux.net
Brian Bustin - brian at bustin.us
old.schepperhand
Johan Lundberg
Licence : GPL v3 or any later version
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Test strings :
^^^^^^^^^^^^
>>> import nmap
>>> if __get_last_online_version() != __version__:
... raise ValueError('Current version is {0} - Last published version is {1}'.format(__version__, __get_last_online_version()))
>>> nm = nmap.PortScanner()
>>> try:
... nm.scan(arguments='-wrongargs')
... except nmap.PortScannerError:
... pass
>>> 'error' in nm.scan('yahoo.fs', arguments='-sP')['nmap']['scaninfo']
True
>>> r=nm.scan('127.0.0.1', '22-443')
>>> nm.command_line()
'nmap -oX - -p 22-443 -sV 127.0.0.1'
>>> nm.scaninfo()
{'tcp': {'services': '22-443', 'method': 'syn'}}
>>> nm.all_hosts()
['127.0.0.1']
>>> nm['127.0.0.1'].hostname()
'localhost'
>>> nm['127.0.0.1'].state()
'up'
>>> nm['127.0.0.1'].all_protocols()
['addresses', 'tcp']
>>> nm['127.0.0.1']['tcp'].keys()
dict_keys([139, 111, 80, 53, 22, 25, 443])
>>> nm['127.0.0.1'].has_tcp(22)
True
>>> nm['127.0.0.1'].has_tcp(23)
False
>>> nm['127.0.0.1']['tcp'][22]
{'product': 'OpenSSH', 'name': 'ssh', 'extrainfo': 'protocol 2.0', 'reason': 'syn-ack', 'state': 'open', 'version': '5.9p1 Debian 5ubuntu1', 'conf': '10'}
>>> nm['127.0.0.1'].tcp(22)
{'product': 'OpenSSH', 'name': 'ssh', 'extrainfo': 'protocol 2.0', 'reason': 'syn-ack', 'state': 'open', 'version': '5.9p1 Debian 5ubuntu1', 'conf': '10'}
>>> nm['127.0.0.1']['tcp'][22]['state']
'open'
>>> nm.scanstats()['uphosts']
'1'
>>> nm.scanstats()['downhosts']
'0'
>>> nm.scanstats()['totalhosts']
'1'
>>> 'timestr' in nm.scanstats().keys()
True
>>> 'elapsed' in nm.scanstats().keys()
True
>>> nm.listscan('192.168.1.0/30')
['192.168.1.0', '192.168.1.1', '192.168.1.2', '192.168.1.3']
>>> nm.listscan('localhost/30')
['127.0.0.0', '127.0.0.1', '127.0.0.2', '127.0.0.3']
>>> r=nm.scan('127.0.0.1', arguments='-O')
>>> nm['127.0.0.1']['osclass']
[{'vendor': 'Linux', 'osfamily': 'Linux', 'type': 'general purpose', 'osgen': '2.6.X', 'accuracy': '96'}, {'vendor': 'AXIS', 'osfamily': 'Linux', 'type': 'webcam', 'osgen': '2.6.X', 'accuracy': '91'}, {'vendor': 'Crestron', 'osfamily': '2-Series', 'type': 'specialized', 'osgen': '', 'accuracy': ''}, {'vendor': 'Gemtek', 'osfamily': 'embedded', 'type': 'WAP', 'osgen': '', 'accuracy': ''}, {'vendor': 'Siemens', 'osfamily': 'embedded', 'type': 'WAP', 'osgen': '', 'accuracy': ''}, {'vendor': 'Linux', 'osfamily': 'Linux', 'type': 'general purpose', 'osgen': '2.4.X', 'accuracy': '88'}, {'vendor': 'Linux', 'osfamily': 'Linux', 'type': 'WAP', 'osgen': '2.6.X', 'accuracy': '88'}, {'vendor': 'Check Point', 'osfamily': 'embedded', 'type': 'firewall', 'osgen': '', 'accuracy': ''}, {'vendor': 'Check Point', 'osfamily': 'Linux', 'type': 'firewall', 'osgen': '2.4.X', 'accuracy': '88'}, {'vendor': 'Linux', 'osfamily': 'Linux', 'type': 'WAP', 'osgen': '2.4.X', 'accuracy': '88'}, {'vendor': 'Linux', 'osfamily': 'Linux', 'type': 'general purpose', 'osgen': '', 'accuracy': ''}, {'vendor': 'Vodavi', 'osfamily': 'embedded', 'type': 'PBX', 'osgen': '', 'accuracy': ''}, {'vendor': 'Lexmark', 'osfamily': 'embedded', 'type': 'printer', 'osgen': '', 'accuracy': ''}]
>>> nm['127.0.0.1']['fingerprint']
'OS:SCAN(V=5.21%D=2/24%OT=22%CT=1%CU=42516%PV=N%DS=0%DC=L%G=Y%TM=512A8382%P=\nOS:x86_64-unknown-linux-gnu)SEQ(SP=106%GCD=1%ISR=10A%TI=Z%CI=Z%II=I%TS=8)OP\nOS:S(O1=M400CST11NW6%O2=M400CST11NW6%O3=M400CNNT11NW6%O4=M400CST11NW6%O5=M4\nOS:00CST11NW6%O6=M400CST11)WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=8\nOS:000)ECN(R=Y%DF=Y%T=40%W=8018%O=M400CNNSNW6%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%\nOS:A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0\nOS:%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S\nOS:=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R\nOS:=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N\nOS:%T=40%CD=S)\n'
>>> nm.csv()
'host;protocol;port;name;state;product;extrainfo;reason;version;conf\r\n127.0.0.1;tcp;22;ssh;open;;;syn-ack;;3\r\n127.0.0.1;tcp;25;smtp;open;;;syn-ack;;3\r\n127.0.0.1;tcp;53;domain;open;;;syn-ack;;3\r\n127.0.0.1;tcp;80;http;open;;;syn-ack;;3\r\n127.0.0.1;tcp;111;rpcbind;open;;;syn-ack;;3\r\n127.0.0.1;tcp;139;netbios-ssn;open;;;syn-ack;;3\r\n127.0.0.1;tcp;443;https;open;;;syn-ack;;3\r\n127.0.0.1;tcp;445;microsoft-ds;open;;;syn-ack;;3\r\n127.0.0.1;tcp;631;ipp;open;;;syn-ack;;3\r\n127.0.0.1;tcp;2049;nfs;open;;;syn-ack;;3\r\n127.0.0.1;tcp;3306;mysql;open;;;syn-ack;;3\r\n127.0.0.1;tcp;5222;unknown;open;;;syn-ack;;3\r\n127.0.0.1;tcp;5269;unknown;open;;;syn-ack;;3\r\n'
Classes |
| | |
- builtins.Exception(builtins.BaseException)
-
- PortScannerError
- builtins.dict(builtins.object)
-
- PortScannerHostDict
- builtins.object
-
- PortScanner
- PortScannerAsync
class PortScanner(builtins.object) |
| |
PortScanner allows to use nmap from python
|
| |
Methods defined here:
- __getitem__(self, host)
- returns a host detail
- __init__(self, nmap_search_path=('nmap', '/usr/bin/nmap', '/usr/local/bin/nmap', '/sw/bin/nmap', '/opt/local/bin/nmap'))
- Initialize the module
detects nmap on the system and nmap version
may raise PortScannerError exception if nmap is not found in the path
nmap_search_path = tupple of string where to search for nmap executable. Change this if you want to use a specific version of nmap.
- all_hosts(self)
- returns a sorted list of all hosts
- command_line(self)
- returns command line used for the scan
may raise AssertionError exception if called before scanning
- csv(self)
- returns CSV output as text
Example :
host;protocol;port;name;state;product;extrainfo;reason;version;conf
127.0.0.1;tcp;22;ssh;open;OpenSSH;protocol 2.0;syn-ack;5.9p1 Debian 5ubuntu1;10
127.0.0.1;tcp;23;telnet;closed;;;conn-refused;;3
127.0.0.1;tcp;24;priv-mail;closed;;;conn-refused;;3
- get_nmap_last_output(self)
- returns the last text output of nmap in raw text
this may be used for debugging purpose
- has_host(self, host)
- returns True if host has result, False otherwise
- listscan(self, hosts='127.0.0.1')
- do not scan but interpret target hosts and return a list a hosts
- nmap_version(self)
- returns nmap version if detected (int version, int subversion)
or (0, 0) if unknown
- scan(self, hosts='127.0.0.1', ports=None, arguments='-sV')
- Scan given hosts
May raise PortScannerError exception if nmap output was not xml
Test existance of the following key to know if something went wrong : ['nmap']['scaninfo']['error']
If not present, everything was ok.
hosts = string for hosts as nmap use it 'scanme.nmap.org' or '198.116.0-255.1-127' or '216.163.128.20/20'
ports = string for ports as nmap use it '22,53,110,143-4564'
arguments = string of arguments for nmap '-sU -sX -sC'
- scaninfo(self)
- returns scaninfo structure
{'tcp': {'services': '22', 'method': 'connect'}}
may raise AssertionError exception if called before scanning
- scanstats(self)
- returns scanstats structure
{'uphosts': '3', 'timestr': 'Thu Jun 3 21:45:07 2010', 'downhosts': '253', 'totalhosts': '256', 'elapsed': '5.79'}
may raise AssertionError exception if called before scanning
Data descriptors defined here:
- __dict__
- dictionary for instance variables (if defined)
- __weakref__
- list of weak references to the object (if defined)
|
class PortScannerAsync(builtins.object) |
| |
PortScannerAsync allows to use nmap from python asynchronously
for each host scanned, callback is called with scan result for the host
|
| |
Methods defined here:
- __del__(self)
- Cleanup when deleted
- __init__(self)
- Initialize the module
detects nmap on the system and nmap version
may raise PortScannerError exception if nmap is not found in the path
- scan(self, hosts='127.0.0.1', ports=None, arguments='-sV', callback=None)
- Scan given hosts in a separate process and return host by host result using callback function
PortScannerError exception from standard nmap is catched and you won't know about it
hosts = string for hosts as nmap use it 'scanme.nmap.org' or '198.116.0-255.1-127' or '216.163.128.20/20'
ports = string for ports as nmap use it '22,53,110,143-4564'
arguments = string of arguments for nmap '-sU -sX -sC'
callback = callback function which takes (host, scan_data) as arguments
- still_scanning(self)
- Return True if a scan is currently running, False otherwise
- stop(self)
- Stop the current scan process
- wait(self, timeout=None)
- Wait for the current scan process to finish, or timeout
Data descriptors defined here:
- __dict__
- dictionary for instance variables (if defined)
- __weakref__
- list of weak references to the object (if defined)
|
class PortScannerHostDict(builtins.dict) |
| |
Special dictionnary class for storing and accessing host scan result
|
| |
- Method resolution order:
- PortScannerHostDict
- builtins.dict
- builtins.object
Methods defined here:
- all_ip(self)
- returns list of ip ports
- all_protocols(self)
- returns a list of all scanned protocols
- all_sctp(self)
- returns list of sctp ports
- all_tcp(self)
- returns list of tcp ports
- all_udp(self)
- returns list of udp ports
- has_ip(self, port)
- returns True if ip port has info, False otherwise
- has_sctp(self, port)
- returns True if sctp port has info, False otherwise
- has_tcp(self, port)
- returns True if tcp port has info, False otherwise
- has_udp(self, port)
- returns True if udp port has info, False otherwise
- hostname(self)
- returns hostname
- ip(self, port)
- returns info for ip port
- sctp(self, port)
- returns info for sctp port
- state(self)
- returns host state
- tcp(self, port)
- returns info for tpc port
- udp(self, port)
- returns info for udp port
- uptime(self)
- returns host state
Data descriptors defined here:
- __dict__
- dictionary for instance variables (if defined)
- __weakref__
- list of weak references to the object (if defined)
Methods inherited from builtins.dict:
- __contains__(...)
- D.__contains__(k) -> True if D has a key k, else False
- __delitem__(...)
- x.__delitem__(y) <==> del x[y]
- __eq__(...)
- x.__eq__(y) <==> x==y
- __ge__(...)
- x.__ge__(y) <==> x>=y
- __getattribute__(...)
- x.__getattribute__('name') <==> x.name
- __getitem__(...)
- x.__getitem__(y) <==> x[y]
- __gt__(...)
- x.__gt__(y) <==> x>y
- __init__(...)
- x.__init__(...) initializes x; see help(type(x)) for signature
- __iter__(...)
- x.__iter__() <==> iter(x)
- __le__(...)
- x.__le__(y) <==> x<=y
- __len__(...)
- x.__len__() <==> len(x)
- __lt__(...)
- x.__lt__(y) <==> x<y
- __ne__(...)
- x.__ne__(y) <==> x!=y
- __repr__(...)
- x.__repr__() <==> repr(x)
- __setitem__(...)
- x.__setitem__(i, y) <==> x[i]=y
- __sizeof__(...)
- D.__sizeof__() -> size of D in memory, in bytes
- clear(...)
- D.clear() -> None. Remove all items from D.
- copy(...)
- D.copy() -> a shallow copy of D
- fromkeys(...)
- dict.fromkeys(S[,v]) -> New dict with keys from S and values equal to v.
v defaults to None.
- get(...)
- D.get(k[,d]) -> D[k] if k in D, else d. d defaults to None.
- items(...)
- D.items() -> a set-like object providing a view on D's items
- keys(...)
- D.keys() -> a set-like object providing a view on D's keys
- pop(...)
- D.pop(k[,d]) -> v, remove specified key and return the corresponding value.
If key is not found, d is returned if given, otherwise KeyError is raised
- popitem(...)
- D.popitem() -> (k, v), remove and return some (key, value) pair as a
2-tuple; but raise KeyError if D is empty.
- setdefault(...)
- D.setdefault(k[,d]) -> D.get(k,d), also set D[k]=d if k not in D
- update(...)
- D.update([E, ]**F) -> None. Update D from dict/iterable E and F.
If E present and has a .keys() method, does: for k in E: D[k] = E[k]
If E present and lacks .keys() method, does: for (k, v) in E: D[k] = v
In either case, this is followed by: for k in F: D[k] = F[k]
- values(...)
- D.values() -> an object providing a view on D's values
Data and other attributes inherited from builtins.dict:
- __hash__ = None
- __new__ = <built-in method __new__ of type object>
- T.__new__(S, ...) -> a new object with type S, a subtype of T
| |
Data |
| | |
__last_modification__ = '2012.12.13' |
Author |
| | |
Alexandre Norman (norman@xael.org) |