| skipped 4 lines |
5 | 5 | | "io/ioutil" |
6 | 6 | | "os" |
7 | 7 | | "os/exec" |
| 8 | + | "regexp" |
8 | 9 | | "strings" |
9 | 10 | | |
10 | 11 | | "github.com/PuerkitoBio/goquery" |
| skipped 83 lines |
94 | 95 | | } |
95 | 96 | | // result := "" |
96 | 97 | | data := core.GetFileContent(realNmapOutput) |
97 | | - | rawResult := ParsingNmap(data) |
| 98 | + | rawResult := ParsingNmap(data, options) |
98 | 99 | | |
99 | 100 | | for k, v := range rawResult { |
100 | 101 | | if options.Scan.Flat { |
| skipped 42 lines |
143 | 144 | | } |
144 | 145 | | |
145 | 146 | | // ParsingNmap parse result from nmap XML format |
146 | | - | func ParsingNmap(raw string) map[string][]string { |
| 147 | + | func ParsingNmap(raw string, options core.Options) map[string][]string { |
147 | 148 | | result := make(map[string][]string) |
148 | 149 | | |
149 | 150 | | doc, err := goquery.NewDocumentFromReader(strings.NewReader(raw)) |
| skipped 2 lines |
152 | 153 | | } |
153 | 154 | | doc.Find("host").Each(func(i int, h *goquery.Selection) { |
154 | 155 | | ip, _ := h.Find("address").First().Attr("addr") |
| 156 | + | |
155 | 157 | | h.Find("port").Each(func(j int, s *goquery.Selection) { |
156 | 158 | | service, _ := s.Find("service").First().Attr("name") |
157 | 159 | | product, ok := s.Find("service").First().Attr("product") |
| skipped 2 lines |
160 | 162 | | } |
161 | 163 | | port, _ := s.Attr("portid") |
162 | 164 | | info := fmt.Sprintf("%v/%v/%v", port, service, product) |
163 | | - | // fmt.Println(ip, port, service) |
164 | 165 | | result[ip] = append(result[ip], strings.TrimSpace(info)) |
165 | 166 | | }) |
| 167 | + | |
| 168 | + | if options.Scan.NmapScripts != "" { |
| 169 | + | h.Find("script").Each(func(j int, s *goquery.Selection) { |
| 170 | + | id, _ := s.Attr("id") |
| 171 | + | scriptOutput, _ := s.Attr("output") |
| 172 | + | |
| 173 | + | if scriptOutput != "" { |
| 174 | + | // grep script output with grepString |
| 175 | + | if options.Scan.GrepString != "" { |
| 176 | + | var vulnerable bool |
| 177 | + | if strings.Contains(scriptOutput, options.Scan.GrepString) { |
| 178 | + | vulnerable = true |
| 179 | + | } else { |
| 180 | + | r, err := regexp.Compile(options.Scan.GrepString) |
| 181 | + | if err == nil { |
| 182 | + | matches := r.FindStringSubmatch(scriptOutput) |
| 183 | + | if len(matches) > 0 { |
| 184 | + | vulnerable = true |
| 185 | + | } |
| 186 | + | } |
| 187 | + | } |
| 188 | + | if vulnerable { |
| 189 | + | vul := fmt.Sprintf("/vulnerable|%v", id) |
| 190 | + | result[ip] = append(result[ip], strings.TrimSpace(vul)) |
| 191 | + | } |
| 192 | + | } |
| 193 | + | |
| 194 | + | scriptOutput = strings.Replace(scriptOutput, "\n", "\\n", -1) |
| 195 | + | info := fmt.Sprintf("/script|%v;;out|%v", id, scriptOutput) |
| 196 | + | result[ip] = append(result[ip], strings.TrimSpace(info)) |
| 197 | + | } |
| 198 | + | }) |
| 199 | + | } |
166 | 200 | | }) |
167 | 201 | | |
168 | 202 | | return result |
| skipped 2 lines |