带有 IP 和 OUI 供应商的 Nmap 输出
Nmap output with IP and OUI vendor
想要转换此 nmap 输出:
Nmap scan report for 192.168.1.38
Host is up (0.0092s latency).
MAC Address: B8:78:2E:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.39
Host is up (0.0092s latency).
MAC Address: 40:6C:8F:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.201
Host is up (0.019s latency).
MAC Address: 3C:DF:A9:XX:XX:XX (Arris Group)
Nmap scan report for 192.168.1.36
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 1.77 seconds
进入:
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
请注意,最后一个 IP 192.168.1.36(扫描仪 IP)不包括在内。
有:sudo nmap -n -sn 192.168.1.0/24 | awk '/Nmap scan report/{printf ;printf " ";getline;getline;print ;}' > scan-output.txt
我包括扫描仪 IP 和供应商的第一个词。
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris
192.168.1.36 IP
请帮忙。提前致谢!
$ awk '/^Nmap scan report for/ {ip = } /^(MAC Address|Nmap done)/ { = = = ""; print ip, [=10=]}'
为了获得更完整的供应商名称,我删除了三个字段并显示了其余字段。考虑用 tr -d '()' 修剪括号。考虑使用 END 发出最终地址:awk '... END {print ip, "IP"}'
awk 来帮忙,下面可能对你有帮助。
awk '/Nmap scan report for / && ip && vendor{print ip,vendor;ip=vendor=""} /Nmap scan report for /{ip=$NF;next} /MAC Address/{sub(/.*\(/,"(");;vendor=[=10=];next} END{if(ip){print ip,"IP"}}' Input_file
编辑: 添加非单线性形式的解决方案,并在此处进行解释。
awk '
/Nmap scan report for / && ip && vendor{ ##Checking condition here if line has string Nmap scan report for &&(conditional operator) value of variable ip is..
##NOT NULL &&(conditional operator) value of variable named vendor is NOT NULL too, if all conditions met then do following.
print ip,vendor ##Printing the values of variable ip and variable vendor here.
ip=vendor="" ##Nullifying variables ip and vendor here.
}
/Nmap scan report for /{ ##Checking condition if a line contains string Nmap scan report for, if yes, then do following.
ip=$NF; ##creating variable named ip whose value is the $NF value where $NF represents the value of last field.
next ##Using next will skip all further statements.
}
/MAC Address/{ ##Checking condition if a line contains string MAC Address then perform following.
sub(/.*\(/,"("); ##Using sub utility of awk, which will substitute as per your provided regex, so I am substituting everything from starting to
##till ( with (, so that if a vendor name has spaces in it, it should pick those things too, like your sample Input has.
vendor=[=11=]; ##Now assigning the value of new edited line to variable vendor.
}
END{
if(ip){ ##In END block of awk code, checking here if variable ip value is NOT NULL then do following.
print ip,"IP" ##Printing the value of variable ip and string IP here too.
}
}' Input_file ##Mentioning the Input_file name here.
使用awk
一行:
awk '/^(Nmap scan|MAC Address)/{ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS; print}END{printf "IP\n"}' infile
可读性更好:
awk '/^(Nmap scan|MAC Address)/{
ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS;
print
}
END{
printf "IP\n"
}
' infile
测试结果:
$ cat infile
Nmap scan report for 192.168.1.38
Host is up (0.0092s latency).
MAC Address: B8:78:2E:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.39
Host is up (0.0092s latency).
MAC Address: 40:6C:8F:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.201
Host is up (0.019s latency).
MAC Address: 3C:DF:A9:XX:XX:XX (Arris Group)
Nmap scan report for 192.168.1.36
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 1.77 seconds
$ awk '/^(Nmap scan|MAC Address)/{ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS; print}END{printf "IP\n"}' infile
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
192.168.1.36 IP
--编辑评论--
$ awk 'f==2{print s; f=s=""}/^(Nmap scan|MAC Address)/{sub(/^.*(for|:..) /,"");f++;s=(s?s OFS :"")[=13=]}END{if(f==2)print s}' infile
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
想要转换此 nmap 输出:
Nmap scan report for 192.168.1.38
Host is up (0.0092s latency).
MAC Address: B8:78:2E:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.39
Host is up (0.0092s latency).
MAC Address: 40:6C:8F:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.201
Host is up (0.019s latency).
MAC Address: 3C:DF:A9:XX:XX:XX (Arris Group)
Nmap scan report for 192.168.1.36
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 1.77 seconds
进入:
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
请注意,最后一个 IP 192.168.1.36(扫描仪 IP)不包括在内。
有:sudo nmap -n -sn 192.168.1.0/24 | awk '/Nmap scan report/{printf ;printf " ";getline;getline;print ;}' > scan-output.txt
我包括扫描仪 IP 和供应商的第一个词。
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris
192.168.1.36 IP
请帮忙。提前致谢!
$ awk '/^Nmap scan report for/ {ip = } /^(MAC Address|Nmap done)/ { = = = ""; print ip, [=10=]}'
为了获得更完整的供应商名称,我删除了三个字段并显示了其余字段。考虑用 tr -d '()' 修剪括号。考虑使用 END 发出最终地址:awk '... END {print ip, "IP"}'
awk 来帮忙,下面可能对你有帮助。
awk '/Nmap scan report for / && ip && vendor{print ip,vendor;ip=vendor=""} /Nmap scan report for /{ip=$NF;next} /MAC Address/{sub(/.*\(/,"(");;vendor=[=10=];next} END{if(ip){print ip,"IP"}}' Input_file
编辑: 添加非单线性形式的解决方案,并在此处进行解释。
awk '
/Nmap scan report for / && ip && vendor{ ##Checking condition here if line has string Nmap scan report for &&(conditional operator) value of variable ip is..
##NOT NULL &&(conditional operator) value of variable named vendor is NOT NULL too, if all conditions met then do following.
print ip,vendor ##Printing the values of variable ip and variable vendor here.
ip=vendor="" ##Nullifying variables ip and vendor here.
}
/Nmap scan report for /{ ##Checking condition if a line contains string Nmap scan report for, if yes, then do following.
ip=$NF; ##creating variable named ip whose value is the $NF value where $NF represents the value of last field.
next ##Using next will skip all further statements.
}
/MAC Address/{ ##Checking condition if a line contains string MAC Address then perform following.
sub(/.*\(/,"("); ##Using sub utility of awk, which will substitute as per your provided regex, so I am substituting everything from starting to
##till ( with (, so that if a vendor name has spaces in it, it should pick those things too, like your sample Input has.
vendor=[=11=]; ##Now assigning the value of new edited line to variable vendor.
}
END{
if(ip){ ##In END block of awk code, checking here if variable ip value is NOT NULL then do following.
print ip,"IP" ##Printing the value of variable ip and string IP here too.
}
}' Input_file ##Mentioning the Input_file name here.
使用awk
一行:
awk '/^(Nmap scan|MAC Address)/{ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS; print}END{printf "IP\n"}' infile
可读性更好:
awk '/^(Nmap scan|MAC Address)/{
ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS;
print
}
END{
printf "IP\n"
}
' infile
测试结果:
$ cat infile
Nmap scan report for 192.168.1.38
Host is up (0.0092s latency).
MAC Address: B8:78:2E:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.39
Host is up (0.0092s latency).
MAC Address: 40:6C:8F:XX:XX:XX (Apple)
Nmap scan report for 192.168.1.201
Host is up (0.019s latency).
MAC Address: 3C:DF:A9:XX:XX:XX (Arris Group)
Nmap scan report for 192.168.1.36
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 1.77 seconds
$ awk '/^(Nmap scan|MAC Address)/{ORS=(f+=sub(/^.*(for|:..) /,""))%2?OFS:RS; print}END{printf "IP\n"}' infile
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)
192.168.1.36 IP
--编辑评论--
$ awk 'f==2{print s; f=s=""}/^(Nmap scan|MAC Address)/{sub(/^.*(for|:..) /,"");f++;s=(s?s OFS :"")[=13=]}END{if(f==2)print s}' infile
192.168.1.38 (Apple)
192.168.1.39 (Apple)
192.168.1.201 (Arris Group)