Nmap Development mailing list archives
Re: --append_output option with XML files
From: "Duilio J. Protti" <dprotti () flowgate net>
Date: Sun, 02 Oct 2005 22:24:52 -0300
The problem still arise on nmap 3.93: the --append_output brokes the XML file, turning it into a non valid one. I think at least a warning must be showed when the --append_output option is used in conjunction with -oX or -oA. Regards, Duilio. Duilio J. Protti wrote:
Current stable version of nmap (3.81) doesn't handle correctly the -- append_output option when results are logged to XML files. If you have a file my-run.xml like the following: <?xml version="1.0" ?> <?xml-stylesheet ... > <nmaprun scanner="nmap" args=...> ... </nmaprun> and you run: # nmap -sS -F -oX my-run.xml --append_output $IP now my-run.xml content is: <?xml version="1.0" ?> <?xml-stylesheet ... > <nmaprun scanner="nmap" args=...> ... </nmaprun> <?xml version="1.0" ?> <?xml-stylesheet ... > <nmaprun scanner="nmap" args=...> ... </nmaprun> Which does not meet the DTD and even worse, it's not well formed XML. The attached patch solve this issue, avoiding the prologue when the -- append_output is present. However, this not solve all the problems. When trying to process the generated XML, the XSL transformation will fail, because there are two root elements (two <nmaprun>). The problem is that the present DTD for nmap do not take into account multiple runs. IMHO, the better way to solve this, is enclosing all the <nmaprun> tags into a new root element, i.e. <nmapruns> (note the 's'), which will contain a list of <nmaprun> childs. This way, adding new nmap results to an existing set of previous nmap runs, is just a matter to add them within a new <nmaprun> child into the root element. Of course, this requires a change on the current DTD, but it's a minor change. I do these changes, because in my job as pentester, I periodically run surgical nmap tests against one target (not a range of targets), and I want to keep this results in a one-file-per-ip basis. Previously, I did this using normal and grepable formats, but since the new XML feature of nmap is available, I really want to use it, because it's too much suitable for later report generation. The attached patch is for version 3.81, and include required changes to nmap.cc, output.cc, nmap.xsl and nmap.dtd. I hope this help! Regards, Duilio Protti.
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Re: --append_output option with XML files Duilio J. Protti (Oct 02)
- <Possible follow-ups>
- Re: --append_output option with XML files Duilio J. Protti (Oct 10)