#TRUSTED 5265856a54cecc98d92637e9d6d69a4fb5a0f74e7492e3a1ee658f992ac40b91495e6c9f6b1beca3e480f09164bd140de82e6fad41c3201d72f777e479aa56423e687eeaa6c538245d95114ab9f66737178027818b0306e70dd451616250f149f200295850b27fdfab02ea69392bbdefb38cab26acd408f31da8a2c23dd9e631d9174251c051a6538153801bf6ae129c703ef53e9ccc7b9f4dd9833049d6e469a43e586cb11d302a08581aadb7737c7ea455208004f43e4e9ada1a77ae18f033d966bbf7f5ab7e327c0097b15cf54983f6908edd2470a32a8aa27be4ef3b9264db95c46daf52c5bdc86de456be70bf0a5a13d99b1b9526cc618a0c8672b1e44c0bb5dda637301d0ad7f5de6bc014f647a08f4d1ec9a037d4821250ee50564947c6427b97651fbb2ae9e6f8edadbac76c916b3c1f23489ba5202655246706ca1bb2ae4ec50518456677871717a1aae3fc1cab6f2f418bd8063474ef36c79414dda49803b41a44a6b382017b01c26f19f8a91668c8c486686bba43cc8f1e94fdcd1870d775785fcc00d51f0cea53e7a9533816ecf758c99fa6f77398b481ce7e12c39f2b21af5e677e3b3339c086ef23bfd8bb05f68ae617ca0c678f80bbf06d6c6e190f819ef97b6e4b3c3ef56244d7338d427f3561e0d2adb93de788fdd62c37be83c501a744aba2ee1eca0aac11c6d54944214ee2d070b9c57f6272fea5c2f6
#
# (C) Tenable Network Security, Inc.
#
# Nmap can be found at :
#
#
# ChangeLog:
# 2010/08/27: Reduced memory usage
#
if (! defined_func("xmlparse") ) exit(0);
include("compat.inc");
if(description)
{
script_id(33818);
script_version ("1.2");
script_name(english:"Nmap (XML file importer)");
script_set_attribute(attribute:"synopsis", value:
"Nmap XML file import." );
script_set_attribute(attribute:"description", value:
"This plugin reads XML files that were generated by nmap -oX ...
It does not run Nmap." );
script_set_attribute(attribute:"risk_factor", value:
"None" );
script_set_attribute(attribute:"solution", value:
"n/a" );
script_end_attributes();
script_summary(english: "Imports Nmap XML results");
script_category(ACT_SCANNER);
script_copyright(english:"This script is Copyright (C) 2009 - 2010 Tenable Network Security, Inc.");
script_family(english: "Port scanners");
script_dependencies("ping_host.nasl", "portscanners_settings.nasl");
script_add_preference(name: "File containing XML results : ", value: "", type: "file");
exit(0);
}
#
ip = get_host_ip();
res = script_get_preference_file_content("File containing XML results : ");
if (isnull(res) || strlen(res) == 0) exit(0);
if ('!< res )
exit(1, "Result file does not like XML");
#
# Extract only the relevant section instead of parsing the entire XML file
#
idx = stridx(res, '= 0 ) idx = idx2;
for ( i = idx; i < strlen(res) ; i ++ )
{
if ( res[i] == '/' && res[i+1] == '>' ) break;
}
if ( i == strlen(res) ) exit(1, "Malformed XML file");
head = substr(res, 0, i + 1);
idx = stridx(res, '= 0 ; i -- )
{
if ( substr(res, i, i + strlen("', start_idx + 1);
if ( idx < 0 ) exit(1, "Malformed XML file (2)");
idx += strlen('');
res = substr(res, start_idx, idx);
# Reconstruct the XML
res = strcat(head, res, '');
x = xmlparse(res);
if (isnull(x)) exit(1, "XML cannot be parsed");
y = x['attributes'];
if (y['scanner'] != 'nmap') exit(1, "Bad XML: scanner is not nmap");
x = x['children'];
if (isnull(x)) exit(1, "No children in top node");
full_scanned = make_array();
scanned = make_array();
found = 0;
for (i = 0; ! isnull(x[i]) && ! found; i ++)
{
c = x[i];
if (c['name'] == 'scaninfo')
{
a = c['attributes'];
scanned[a['protocol']] = 1;
# debug_print("numservices=", a['numservices'], '\tservices=', a['services'], '\n');
if (a['numservices'] == 65535 && a['services'] == '1-65535')
full_scanned[a['protocol']] = 1;
}
if (c['name'] == 'host')
{
if (decode_host_children(v: c['children']))
{
found ++; break;
}
}
}
if (found)
{
if (scanned['tcp'])
{
set_kb_item(name: "Host/scanned", value: TRUE);
set_kb_item(name: "Host/TCP/scanned", value: TRUE);
if (full_scanned['tcp'])
{
set_kb_item(name: "Host/full_scan", value: TRUE);
set_kb_item(name: "Host/TCP/full_scan", value: TRUE);
}
}
if (scanned['udp'])
{
set_kb_item(name: "Host/UDP/scanned", value: TRUE);
set_kb_item(name: "Host/udp_scanned", value: TRUE);
if (full_scanned['udp'])
set_kb_item(name: "Host/UDP/full_scan", value: TRUE);
}
set_kb_item(name: 'Host/scanners/nmap', value: TRUE);
}
function decode_host_children(v)
{
local_var i, w, a, z, j, p, c, k;
local_var found_ip, tcp_ports_l, udp_ports_l, tcp_ports_n, udp_ports_n;
local_var port_num, port_proto, port_state, scripts, service;
found_ip = 0;
tcp_ports_l = make_list();
udp_ports_l = make_list();
tcp_ports_n = 0; udp_ports_n = 0;
for (i = 0; ! isnull(v[i]); i ++)
{
w = v[i];
if (w['name'] == 'status')
{
a = w['attributes'];
if (a['state'] != 'up')
{
#debug_print('Host is ', a['state'], '\n');
return NULL;
}
# display("status: ", w['attributes'], '\n');
}
if (w['name'] == 'address')
{
a = w['attributes'];
if (a['addrtype'] == 'ipv4' || a['addrtype'] == 'ipv6')
if (a['addr'] == ip)
found_ip ++;
else
{
#debug_print('Found scan for ', a['addr'], '\n');
return NULL;
}
# display("address: ", w['attributes'], '\n');
}
if (w['name'] == 'ports')
{
scripts = ''; service = '';
z = w['children'];
for (j = 0; ! isnull(z[j]); j ++)
{
p = z[j];
if (p['name'] == 'port')
{
a = p['attributes'];
c = p['children'];
port_num = int(a['portid']);
port_proto = a['protocol'];
for (k = 0; ! isnull(c[k]); k ++)
{
a = c[k];
if (a['name'] == 'state')
{
a = a['attributes'];
port_state = a['state'];
}
if (a['name'] == 'service')
{
a = a['attributes'];
if (a['method'] == 'probed')
{
#debug_print("service=", a['name']);
service = a['name'];
}
}
if (a['name'] == 'script')
{
a = a['attributes'];
scripts = strcat(scripts, a['id'], '\n', a['output'], '\n\n');
}
}
}
#debug_print(level: 2, port_num, '/', port_proto, '\t', port_state, '\n');
if (port_num > 0 && port_state == 'open')
if (port_proto == 'tcp')
tcp_ports_l[tcp_ports_n ++] = port_num;
else if (port_proto == 'udp')
udp_ports_l[udp_ports_n ++] = port_num;
if (strlen(scripts) > 0)
{
security_note(port: port_num, proto: port_proto, data: scripts);
scripts = '';
}
if (strlen(service) > 0)
{
security_note(port: port_num, proto: port_proto, data: 'map has identified this service as '+service+'.\n');
set_kb_item(name: 'Nmap/'+port_proto+'/'+port_num+'/version', value: service);
service = '';
}
}
}
}
if (found_ip)
{
foreach p (tcp_ports_l) scanner_add_port(port: p, proto: 'tcp');
foreach p (udp_ports_l) scanner_add_port(port: p, proto: 'udp');
return 1;
}
return 0;
}