NAME

nmap2db - store nmap scan data into entries in SQLite/MySQL database

SYNOPSIS

nmap2db.pl [options] --xml  <XML_FILE> [<XML_FILE> ...]
nmap2db.pl [options] --scan <IP_ADDR>  [<IP_ADDR> ...]

Examples connecting to a MySQL database (Robin Bowes):

nmap2db.pl --dbtype mysql --dbname netdb --dbuser netuser --dbpass secret --xml 192.168.25.0.xml

DESCRIPTION

This script uses the nmap security scanner with the Nmap::Parser module in order to take an xml output scan file from nmap (-oX option), and place the information into a SQLite database (ip.db), into table (hosts).

This is a modified version of the nmap2sqlite.pl script written originally by Anthony Persaud but modified by Robin Bowes to support MySQL databases.

Here is the schema for the table stored in the SQLite database

ip              TEXT       PRIMARY  KEY NOT NULL,
mac             TEXT,
status          TEXT,
hostname        TEXT,
open_ports      TEXT,
filtered_ports  TEXT,
osname          TEXT,
osfamily        TEXT,
osgen           TEXT,
last_scanned    TIMESTAMP  DEFAULT  CURRENT_TIMESTAMP,
UNIQUE (ip))

OPTIONS

These options are passed as command line parameters. Please use EITHER --scan or --xml. NOT both.

--dbhost DBHOST

Connect to the DB on server DBHOST.

Default: localhost.

--db DBNAME

Sets the database name to DBNAME.

Default: ip.db

--dbtype DBTYPE

Sets the type of databases to use. Currently supported values are: mysql, SQLite

Default: SQLite

--table TABLE_NAME

Sets the table name to use in the database as TABLE_NAME.

Default: hosts

--dbuser DBUSER

Connect to the database as user DBUSER.

Default: current user

--dbpass DBPASS

Connect to the database with password DBPASS

Default: no password

-h,--help,-?

Shows this help information.

--nmap

The path to the nmap executable. This should be used if nmap is not on your path.

--scan

This will use parsescan() for the scan and take the arguments as IP addreses.

--xml

This will use parsefile() for the input and take the arguments as nmap scan xml files.

TARGET SPECIFICATION

This documentation was taken from the nmap man page. The IP address inputs to this scripts should be in the nmap target specification format.

The simplest case is listing single hostnames or IP addresses onthe command line. If you want to scan a subnet of IP addresses, you can append '/mask' to the hostname or IP address. mask must be between 0 (scan the whole internet) and 32 (scan the single host specified). Use /24 to scan a class 'C' address and /16 for a class 'B'.

You can use a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class 'B' network 128.210.*.* by specifying '128.210.*.*' or '128.210.0-255.0-255' or even use the mask notation: '128.210.0.0/16'. These are all equivalent. If you use asterisks ('*'), remember that most shells require you to escape them with back slashes or protect them with quotes.

Another interesting thing to do is slice the Internet the other way.

Examples:

nmap2db.pl --scan 127.0.0.1
nmap2db.pl --scan target.example.com
nmap2db.pl --scan target.example.com/24
nmap2db.pl --scan 10.210.*.1-127
nmap2db.pl --scan *.*.2.3-5
nmap2db.pl --scan 10.[10-15].10.[2-254]

Examples connecting to a MySQL database:

nmap2db.pl --dbtype mysql --dbname netdb --dbuser netuser --dbpass secret --xml 192.168.25.0.xml

OUTPUT EXAMPLE

See the SQLite database that is created. Default ip.db

SUPPORT

Discussion Forum

If you have questions about how to use the module, or any of its features, you can post messages to the Nmap::Parser module forum on CPAN::Forum. http://www.cpanforum.com/dist/Nmap-Parser

Bug Reports

Please submit any bugs to: http://code.google.com/p/nmap-parser/issues/list

Please make sure that you submit the xml-output file of the scan which you are having trouble. This can be done by running your scan with the -oX filename.xml nmap switch. Please remove any important IP addresses for security reasons.

Feature Requests

Please submit any requests to: http://code.google.com/p/nmap-parser/issues/list

AUTHOR

Anthony G Persaud <apersaud[at]gmail.com> http://anthonypersaud.com

MySQL support added by:

Robin Bowes <robin[at]robinbowes.com> http://robinbowes.com

COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

http://www.opensource.org/licenses/gpl-license.php

1 POD Error

The following errors were encountered while parsing the POD:

Around line 317:: =back doesn't take any parameters, but you said =back 4

To install Nmap::Parser, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Nmap::Parser

CPAN shell

perl -MCPAN -e shell
install Nmap::Parser

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)