Tuesday, March 15, 2022

[SOLVED] Clean Nmap output [IP:Port]

Issue

I would like to obtain the Nmap output in the following format (if possible, with a one-line command):

2001:4860:4860::8888:53
2001:4860:4860::8888:443
2001:4860:4860::8888:853
2001:4860:4860::8844:53
2001:4860:4860::8844:443

Here is the original output:

Nmap 7.80 scan initiated Thu Dec  3 17:04:38 2020 as: nmap -6 -p- -iL out.txt
Host: 2001:4860:4860::8888 (dns.google) Status: Up
Host: 2001:4860:4860::8888 (dns.google) Ports: 53/open/tcp//domain///, 443/open/tcp//https///, 853/open/tcp//domain-s///
Host: 2001:4860:4860::8844 (dns.google) Status: Up
Host: 2001:4860:4860::8844 (dns.google) Ports: 53/open/tcp//domain///, 443/open/tcp//https///
Nmap done at Thu Dec  3 17:05:31 2020 -- 2 IP addresses (2 hosts up) scanned in 52.90 seconds

Solution

nmap ... | awk '/^Host/ && /Ports/ { for (i=1;i<=NF;i++) { if (match($i,/open/)) { split($i,map,"/"); printf "%s:%s\n",$2,map[1] } } }'

Search the output for lines starting with Host and also containing Port. Loop through each space delimited field and check for open in the field using the match function. If there is a match, split the field into an array map using the split function and use the first index of the array as the port. Print the second delimited field along with the port.



Answered By - Raman Sailopal
Answer Checked By - Dawn Plyler (WPSolving Volunteer)