python nmap 使用

Usage http://xael.org/norman/python/python-nmap/#usage

From python :

>>> import nmap>>> nm = nmap.PortScanner()>>> nm.scan('127.0.0.1', '22-443')>>> nm.command_line()'nmap -oX - -p 22-443 -sV 127.0.0.1'>>> nm.scaninfo(){'tcp': {'services': '22-443', 'method': 'connect'}}>>> nm.all_hosts()['127.0.0.1']>>> nm['127.0.0.1'].hostname()'localhost'>>> nm['127.0.0.1'].state()'up'>>> nm['127.0.0.1'].all_protocols()['tcp']>>> nm['127.0.0.1']['tcp'].keys()[80, 25, 443, 22, 111]>>> nm['127.0.0.1'].has_tcp(22)True>>> nm['127.0.0.1'].has_tcp(23)False>>> nm['127.0.0.1']['tcp'][22]{'state': 'open', 'reason': 'syn-ack', 'name': 'ssh'}>>> nm['127.0.0.1'].tcp(22){'state': 'open', 'reason': 'syn-ack', 'name': 'ssh'}>>> nm['127.0.0.1']['tcp'][22]['state']'open'>>> for host in nm.all_hosts():>>>     print('----------------------------------------------------')>>>     print('Host : %s (%s)' % (host, nm[host].hostname()))>>>     print('State : %s' % nm[host].state())>>>     for proto in nm[host].all_protocols():>>>         print('----------')>>>         print('Protocol : %s' % proto)>>> >>>         lport = nm[host][proto].keys()>>>         lport.sort()>>>         for port in lport:>>>             print ('port : %s\tstate : %s' % (port, nm[host][proto][port]['state']))----------------------------------------------------Host : 127.0.0.1 (localhost)State : up----------Protocol : tcpport : 22state : openport : 25state : openport : 80state : openport : 111state : openport : 443state : open>>> print(nm.csv())host;protocol;port;name;state;product;extrainfo;reason;version;conf127.0.0.1;tcp;22;ssh;open;OpenSSH;protocol 2.0;syn-ack;5.9p1 Debian 5ubuntu1;10127.0.0.1;tcp;25;smtp;open;Exim smtpd;;syn-ack;4.76;10127.0.0.1;tcp;53;domain;open;dnsmasq;;syn-ack;2.59;10127.0.0.1;tcp;80;http;open;Apache httpd;(Ubuntu);syn-ack;2.2.22;10127.0.0.1;tcp;111;rpcbind;open;;;syn-ack;;10127.0.0.1;tcp;139;netbios-ssn;open;Samba smbd;workgroup: WORKGROUP;syn-ack;3.X;10127.0.0.1;tcp;443;;open;;;syn-ack;;>>> nm.scan(hosts='192.168.1.0/24', arguments='-n -sP -PE -PA21,23,80,3389')>>> hosts_list = [(x, nm[x]['status']['state']) for x in nm.all_hosts()]>>> for host, status in hosts_list:>>>     print('{0}:{1}'.host)192.168.1.0:down192.168.1.1:up192.168.1.10:down192.168.1.100:down192.168.1.101:down192.168.1.102:down192.168.1.103:down192.168.1.104:down192.168.1.105:down[...]>>> nma = nmap.PortScannerAsync()>>> def callback_result(host, scan_result):>>>     print '------------------'>>>     print host, scan_result>>> >>> nma.scan(hosts='192.168.1.0/30', arguments='-sP', callback=callback_result)>>> while nma.still_scanning():>>>     print("Waiting >>>")>>>     nma.wait(2)   # you can do whatever you want but I choose to wait after the end of the scan>>> 192.168.1.1 {'nmap': {'scanstats': {'uphosts': '1', 'timestr': 'Mon Jun  7 11:31:11 2010', 'downhosts': '0', 'totalhosts': '1', 'elapsed': '0.43'}, 'scaninfo': {}, 'command_line': 'nmap -oX - -sP 192.168.1.1'}, 'scan': {'192.168.1.1': {'status': {'state': 'up', 'reason': 'arp-response'}, 'hostname': 'neufbox'}}}------------------192.168.1.2 {'nmap': {'scanstats': {'uphosts': '0', 'timestr': 'Mon Jun  7 11:31:11 2010', 'downhosts': '1', 'totalhosts': '1', 'elapsed': '0.29'}, 'scaninfo': {}, 'command_line': 'nmap -oX - -sP 192.168.1.2'}, 'scan': {'192.168.1.2': {'status': {'state': 'down', 'reason': 'no-response'}, 'hostname': ''}}}------------------192.168.1.3 {'nmap': {'scanstats': {'uphosts': '0', 'timestr': 'Mon Jun  7 11:31:11 2010', 'downhosts': '1', 'totalhosts': '1', 'elapsed': '0.29'}, 'scaninfo': {}, 'command_line': 'nmap -oX - -sP 192.168.1.3'}, 'scan': {'192.168.1.3': {'status': {'state': 'down', 'reason': 'no-response'}, 'hostname': ''}}}

>>> nm = nmap.PortScannerYield() >>> for progressive_result in nm.scan('127.0.0.1/24', '22-25'): >>> print(progressive_result)

See also example.py in archive file.