Merge pull request #1938 from drwetter/nmap_portdetection_1931

Improved SSL/TLS portdetection in nmap greppable files
This commit is contained in:
Dirk Wetter 2021-07-30 09:48:50 +02:00 committed by GitHub
commit 2935ecc2e1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 10 deletions

View File

@ -21353,7 +21353,7 @@ nmap_to_plain_file() {
local target_fname="" local target_fname=""
local oneline="" local oneline=""
local ip hostdontcare round_brackets ports_specs starttls local ip hostdontcare round_brackets ports_specs starttls
local tmp port host_spec protocol dontcare dontcare1 local tmp port host_spec protocol ssl_hint dontcare dontcare1
#FIXME: IPv6 is missing here #FIXME: IPv6 is missing here
# Ok, since we are here we are sure to have an nmap file. To avoid questions we make sure it's the right format too # Ok, since we are here we are sure to have an nmap file. To avoid questions we make sure it's the right format too
@ -21394,11 +21394,15 @@ nmap_to_plain_file() {
while read -r oneline; do while read -r oneline; do
# 25/open/tcp//smtp//<banner>/, # 25/open/tcp//smtp//<banner>/,
[[ "$oneline" =~ '/open/tcp/' ]] || continue # no open tcp for this port on this IP --> move on [[ "$oneline" =~ '/open/tcp/' ]] || continue # no open tcp for this port on this IP --> move on
IFS=/ read -r port dontcare protocol dontcare1 <<< "$oneline" IFS=/ read -r port dontcare protocol ssl_hint dontcare1 <<< "$oneline"
if [[ "$ssl_hint" =~ ^(ssl|https) ]] || [[ "$dontcare1" =~ ^(ssl|https) ]]; then
echo "${host_spec}:${port}" >>"$target_fname"
else
starttls="$(ports2starttls $port)" starttls="$(ports2starttls $port)"
[[ $? -eq 1 ]] && continue # nmap got a port but we don't know how to speak to [[ $? -eq 1 ]] && continue # nmap got a port but we don't know how to speak to
[[ "$DEBUG" -ge 1 ]] && echo "${starttls}$host_spec:$port" [[ "$DEBUG" -ge 1 ]] && echo "${starttls}$host_spec:$port"
echo "${starttls}${host_spec}:${port}" >>"$target_fname" echo "${starttls}${host_spec}:${port}" >>"$target_fname"
fi
done < <(tr ',' '\n' <<< "$ports_specs") done < <(tr ',' '\n' <<< "$ports_specs")
done < "$FNAME" done < "$FNAME"
[[ "$DEBUG" -ge 1 ]] && echo [[ "$DEBUG" -ge 1 ]] && echo

View File

@ -1,7 +1,5 @@
#!/usr/bin/env bash #!/usr/bin/env bash
#set -e
# Utility which converts grepable nmap outout to testssl's file input # Utility which converts grepable nmap outout to testssl's file input
# It is just borrowed from testssl.sh # It is just borrowed from testssl.sh
# License see testssl.sh # License see testssl.sh
@ -105,7 +103,7 @@ nmap_to_plain_file () {
local target_fname="" local target_fname=""
local oneline="" local oneline=""
local ip hostdontcare round_brackets ports_specs starttls local ip hostdontcare round_brackets ports_specs starttls
local tmp port host_spec protocol dontcare dontcare1 local tmp port host_spec protocol ssl_hint dontcare dontcare1
# Ok, since we are here we are sure to have an nmap file. To avoid questions we make sure it's the right format too # Ok, since we are here we are sure to have an nmap file. To avoid questions we make sure it's the right format too
if [[ "$(head -1 "$fname")" =~ ( -oG )(.*) ]] || [[ "$(head -1 "$fname")" =~ ( -oA )(.*) ]] ; then if [[ "$(head -1 "$fname")" =~ ( -oG )(.*) ]] || [[ "$(head -1 "$fname")" =~ ( -oA )(.*) ]] ; then
@ -162,7 +160,7 @@ nmap_to_plain_file () {
FNAME="$1" FNAME="$1"
[[ ! -e $FNAME ]] && echo "$FNAME not readable" && exit 2 [[ ! -e $FNAME ]] && echo "$FNAME not readable" && exit 2
nmap_to_plain_file $FNAME nmap_to_plain_file "$FNAME"
exit $? exit $?