Nmap Development mailing list archives
Re: [RFC][patch] XML structured script output (output diff)
From: David Fifield <david () bamsoftware com>
Date: Wed, 13 Jun 2012 16:37:16 -0700
On Sun, May 27, 2012 at 10:19:46PM -0500, Daniel Miller wrote:
I've attached 2 xml files, before.xml and after.xml, which I hope I've sanitized sufficiently from a quick scan of my network (-sC). Note that these represent the output of scripts that have not been modified in any way from their current state. Modifying scripts to use the format recommended by stdnse.format_output will result in more useful organization of results in the new XML format, and further clarifying key-value pairs when returning results will make results even more useful.
Thanks for these sample, Daniel. I have some more comments on structured XML output that I send in a further message. For the sake of comments, here is a diff showing the changes between your sample files. For an example of output from a script that doesn't use format_output, look for http-title. For output using format_output, look for smb-os-discovery. David diff -u <(tidy -utf8 -xml -indent before.xml) <(tidy -utf8 -xml -indent after.xml) - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 501)" /> - <script id="http-title" - output="301 Moved Permanently Did not follow redirect to https://router/" /> + <script id="http-title"> + <elem>301 Moved Permanently + Did not follow redirect to https://router/</elem> + </script> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 501)</elem> + </script> - <script id="ssl-cert" - output="Subject: commonName=XXXXXXXXXXXX/organizationName=Cisco-Linksys,LLC/countryName=US Not valid before: 2008-07-04 00:00:06 Not valid after: 2018-07-02 00:00:06" /> - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 501)" /> - <script id="http-title" - output="Site doesn't have a title (text/html)." /> + <script id="ssl-cert"> + <elem>Subject: + commonName=XXXXXXXXXX/organizationName=Cisco-Linksys,LLC/countryName=US + Not valid before: 2008-07-04 00:00:06 + Not valid after: 2018-07-02 00:00:06</elem> + </script> + <script id="http-title"> + <elem>Site doesn't have a title (text/html).</elem> + </script> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 501)</elem> + </script> - <script id="http-methods" - output="Potentially risky methods: TRACE See http://nmap.org/nsedoc/scripts/http-methods.html" /> - <script id="http-title" output=" PX-EH" /> + <script id="http-title"> + <elem>PX-EH</elem> + </script> + <script id="http-methods"> + <elem>Potentially risky methods: TRACE + See + http://nmap.org/nsedoc/scripts/http-methods.html</elem> + </script> - <script id="nbstat" - output="NetBIOS name: NAS, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>" /> + <script id="nbstat"> + <elem>NetBIOS name: NAS, NetBIOS user: <unknown>, + NetBIOS MAC: <unknown></elem> + </script> - <script id="ssh-hostkey" - output="1024 0b:0f:0c:0a:08:0e:0e:0d:0d:03:00:01:00:05:02:04 (DSA) 2048 a9:0c:08:02:03:04:04:00:08:0d:03:01:09:0e:0c:01 (RSA)" /> + <script id="ssh-hostkey"> + <elem>1024 + 0b:0f:0c:0a:08:0e:0e:0d:0d:03:00:01:00:05:02:04 (DSA) + 2048 a9:0c:08:02:03:04:04:00:08:0d:03:01:09:0e:0c:01 + (RSA)</elem> + </script> - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 500)" /> - <script id="http-title" output="XenServer 5.6.0" /> + <script id="http-title"> + <elem>XenServer 5.6.0</elem> + </script> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 500)</elem> + </script> - <script id="http-title" output="XenServer 5.6.0" /> - <script id="ssl-cert" - output="Subject: commonName=192.168.1.5 Not valid before: 2010-06-30 16:40:11 Not valid after: 2020-06-27 16:40:11" /> - <script id="sslv2" - output="server supports SSLv2 protocol, but no SSLv2 cyphers" /> - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 500)" /> + <script id="http-title"> + <elem>XenServer 5.6.0</elem> + </script> + <script id="ssl-cert"> + <elem>Subject: commonName=192.168.1.5 + Not valid before: 2010-06-30 16:40:11 + Not valid after: 2020-06-27 16:40:11</elem> + </script> + <script id="sslv2"> + <elem>server supports SSLv2 protocol, but no SSLv2 + cyphers + </elem> + </script> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 500)</elem> + </script> - <script id="ssh-hostkey" - output="1024 66:04:00:09:01:0f:0c:0c:00:02:0d:0a:05:07:0e:0c (DSA) 2048 0f:01:0e:07:0c:03:09:0b:02:0f:0a:0e:0e:0c:0f:08 (RSA)" /> + <script id="ssh-hostkey"> + <elem>1024 + 66:04:00:09:01:0f:0c:0c:00:02:0d:0a:05:07:0e:0c (DSA) + 2048 0f:01:0e:07:0c:03:09:0b:02:0f:0a:0e:0e:0c:0f:08 + (RSA)</elem> + </script> - <script id="http-title" output="XenServer 5.6.0" /> - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 500)" /> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 500)</elem> + </script> + <script id="http-title"> + <elem>XenServer 5.6.0</elem> + </script> - <script id="ssl-cert" - output="Subject: commonName=192.168.1.6 Not valid before: 2010-06-30 16:49:57 Not valid after: 2020-06-27 16:49:57" /> - <script id="sslv2" - output="server supports SSLv2 protocol, but no SSLv2 cyphers" /> - <script id="http-title" output="XenServer 5.6.0" /> - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 500)" /> + <script id="sslv2"> + <elem>server supports SSLv2 protocol, but no SSLv2 + cyphers + </elem> + </script> + <script id="http-title"> + <elem>XenServer 5.6.0</elem> + </script> + <script id="ssl-cert"> + <elem>Subject: commonName=192.168.1.6 + Not valid before: 2010-06-30 16:49:57 + Not valid after: 2020-06-27 16:49:57</elem> + </script> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 500)</elem> + </script> - <script id="ssh-hostkey" - output="1024 ca:03:0d:00:0f:0e:01:07:07:00:05:0a:09:0a:0c:06 (DSA) 2048 e6:09:0f:0d:05:0a:0a:0b:03:0c:0f:00:0e:04:0f:01 (RSA)" /> + <script id="ssh-hostkey"> + <elem>1024 + ca:03:0d:00:0f:0e:01:07:07:00:05:0a:09:0a:0c:06 (DSA) + 2048 e6:09:0f:0d:05:0a:0a:0b:03:0c:0f:00:0e:04:0f:01 + (RSA)</elem> + </script> - <script id="http-methods" - output="No Allow or Public header in OPTIONS response (status code 301)" /> - <script id="http-title" output="Our Wiki" /> - <script id="http-generator" output="MediaWiki 1.15.1" /> + <script id="http-methods"> + <elem>No Allow or Public header in OPTIONS response + (status code 301)</elem> + </script> + <script id="http-generator"> + <elem>MediaWiki 1.15.1</elem> + </script> + <script id="http-title"> + <elem>Our Wiki</elem> + </script> - <script id="rpcinfo" - output="program version port/proto service 100000 2 111/tcp rpcbind 100000 2 111/udp rpcbind 100003 2,3,4 2049/tcp nfs 100003 2,3,4 2049/udp nfs 100005 1,2,3 43468/tcp mountd 100005 1,2,3 51346/udp mountd 100021 1,3,4 50944/udp nlockmgr 100021 1,3,4 53915/tcp nlockmgr 100024 1 37300/tcp status 100024 1 51621/udp status" /> + <script id="rpcinfo"> + <elem>program version port/proto service</elem> + <elem>100000 2 111/tcp rpcbind</elem> + <elem>100000 2 111/udp rpcbind</elem> + <elem>100003 2,3,4 2049/tcp nfs</elem> + <elem>100003 2,3,4 2049/udp nfs</elem> + <elem>100005 1,2,3 43468/tcp mountd</elem> + <elem>100005 1,2,3 51346/udp mountd</elem> + <elem>100021 1,3,4 50944/udp nlockmgr</elem> + <elem>100021 1,3,4 53915/tcp nlockmgr</elem> + <elem>100024 1 37300/tcp status</elem> + <elem>100024 1 51621/udp status</elem> + </script> - <script id="ssh-hostkey" - output="1024 84:0d:0b:0b:0a:01:0a:03:09:0f:09:03:06:02:0b:02 (DSA) 2048 7f:02:0e:0a:04:00:07:08:05:02:0d:08:0e:0f:01:07 (RSA)" /> + <script id="ssh-hostkey"> + <elem>1024 + 84:0d:0b:0b:0a:01:0a:03:09:0f:09:03:06:02:0b:02 (DSA) + 2048 7f:02:0e:0a:04:00:07:08:05:02:0d:08:0e:0f:01:07 + (RSA)</elem> + </script> - <script id="http-title" output="Moved" /> + <script id="http-title"> + <elem>Moved</elem> + </script> - <script id="smbv2-enabled" - output="Server supports SMBv2 protocol" /> - <script id="nbstat" - output="NetBIOS name: XXXX, NetBIOS user: <unknown>, NetBIOS MAC: xx:xx:xx:xx:xx:xx (unknown)" /> - <script id="smb-os-discovery" - output=" OS: Windows Vista (TM) Enterprise 6002 Service Pack 2 (Windows Vista (TM) Enterprise 6.0) Computer name: XXXX NetBIOS computer name: XXXX Workgroup: WORKGROUP System time: 2012-05-27 21:58:06 UTC-5" /> - <script id="smb-security-mode" - output=" Account that was used for smb scripts: <blank> User-level authentication SMB Security: Challenge/response passwords supported Message signing disabled (dangerous, but default)" /> + <script id="smb-security-mode"> + <elem>Account that was used for smb scripts: guest</elem> + <elem>User-level authentication</elem> + <elem>SMB Security: Challenge/response passwords + supported</elem> + <elem>Message signing disabled (dangerous, but + default)</elem> + </script> + <script id="nbstat"> + <elem>NetBIOS name: XXXX, NetBIOS user: <unknown>, + NetBIOS MAC: xx:xx:xx:xx:xx:xx (unknown)</elem> + </script> + <script id="smbv2-enabled"> + <elem>Server supports SMBv2 protocol</elem> + </script> + <script id="smb-os-discovery"> + <elem>OS: Windows Vista (TM) Enterprise 6002 Service Pack 2 + (Windows Vista (TM) Enterprise 6.0)</elem> + <elem>Computer name: XXXX</elem> + <elem>NetBIOS computer name: XXXX</elem> + <elem>Workgroup: WORKGROUP</elem> + <elem>System time: 2012-05-27 21:35:31 UTC-5</elem> + </script> - <script id="http-title" output="Teh Internets!" /> + <script id="http-title"> + <elem>Teh Internets!</elem> + </script> _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [RFC][patch] XML structured script output, (continued)
- Re: [RFC][patch] XML structured script output Djalal Harouni (May 27)
- Re: [RFC][patch] XML structured script output Daniel Miller (May 27)
- Re: [RFC][patch] XML structured script output Daniel Miller (May 29)
- Re: [RFC][patch] XML structured script output Fyodor (Jun 03)
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) David Fifield (Jun 13)
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) Daniel Miller (Jun 14)
- RE: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) Rob Nicholls (Jun 29)
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) Daniel Miller (Jun 29)
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) Patrick Donnelly (Jun 30)
- Re: [RFC][patch] XML structured script output (evaluation of nse-structured3 patch) Daniel Miller (Jun 30)
- Re: [RFC][patch] XML structured script output Daniel Miller (May 27)
- Re: [RFC][patch] XML structured script output Djalal Harouni (May 27)
- Re: [RFC][patch] XML structured script output (output diff) David Fifield (Jun 13)