Nmap Development mailing list archives
The unification of Nmap and Zenmap XML output
From: David Fifield <david () bamsoftware com>
Date: Fri, 19 Sep 2008 18:19:41 -0600
On Thu, Jul 17, 2008 at 05:15:42PM -0600, David Fifield wrote:
Nmap can produce output in XML. When you save scan results in Zenmap, they are saved in a format called USR. You may not know that USR is almost the same as Nmap XML, with less output supported and a little bit of extra information describing the profile and the Nmap text output. I want to make the two formats the same, so that there is no difference between the XML produced by Nmap and the XML produced by Zenmap.
This has been done. Zenmap no longer outputs anything that is not in the Nmap DTD. Zenmap's XML files are still missing a few required elements and attributes, but that's comparatively minor. XML file format unification may not be too interesting, but a side effect of this change is pretty cool, so read on. Here's an overview of the problem from before I started working on it, which is now mostly out of date with these new changes: http://www.bamsoftware.com/wiki/Nmap/ComparingNmapAndZenmapXML The .usr (Umit Scan Results) file name extension is deprecated in favor of the .xml commonly used with Nmap. The biggest part of this job was writing a command line parser for Zenmap, so Zenmap could extract Nmap options from XML files without having to encode them in its own way in extension attributes. The command line parser allows a whole bunch of neat features, only a few of which have been implemented. The most visible of these is two-way communication between the target entry and the command entry of the main scan interface. It used to that if you put something in the target entry it would show up in the command entry, but it didn't work the other way. Now Zenmap is psychic! Type in the command entry, and put targets anywhere amidst the options. Zenmap will know which words are targets and insert them automatically in the target entry. Now if you type in a command line complete with targets, then decide to select a scan profile instead, your target list won't be obliterated but will be merged in the the profile's command line. The same two-way interactivity applies in the profile editor. I hope you have as much fun with this as I did. You can click the option widgets and watch the command line change like you always could, but now you can type in the command line and watch the option widgets change. Type "-sX" and watch the "Xmas Tree scan" get selected. Type "-p 1-100" and watch "Ports to scan" get checked and the text entry get filled in. Type "-T Polit" and watch it go in the "Extra options defined by user". Huh? That's because Zenmap knows it's not a real option, but figures since you typed it, it has to go in the command. Then type the final "e" and watch -T2 get selected. As a bonus, the file /usr/share/zenmap/misc/options.xml, which contained the mapping between Zenmap's internal option specification strings and Nmap's command-line options, has been removed. Also the file ~/.zenmap/scan_profile.usp has been simplified, because it no longer needs to store a broken-down representation of Nmap options. Now each profile is represented simply by a command line and a description. These changes are backward-compatible so a new Zenmap will still work with old data files. Give it a try and let me know of any bugs, or ideas for other uses for the command line parser (which is in zenmapCore/NmapOptions.py by the way.) David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- The (eventual) unification of Nmap and Zenmap XML output David Fifield (Jul 17)
- Re: The (eventual) unification of Nmap and Zenmap XML output Arturo 'Buanzo' Busleiman (Jul 17)
- Re: The (eventual) unification of Nmap and Zenmap XML output Fyodor (Jul 22)
- The unification of Nmap and Zenmap XML output David Fifield (Sep 19)