I am working on a script to parse nmap output to grab vulnerable systems and the IP address of it.
nmap content looks like this:
Nmap scan report for 10.x.x.x
Host is up (-0.031s latency).
PORT STATE SERVICE
445/tcp open microsoft-ds
MAC Address: 00:50:56:89:6E:4B (VMware)
Host script results:
| smb-vuln-cve2009-3103:
| VULNERABLE:
| SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
| State: VULNERABLE
| IDs: CVE:CVE-2009-3103
| Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2,
| Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a
| denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE
Looking for output like this (if possible):
10.x.x.x
SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
State: VULNERABLE
Next Entry...
Next Entry...
Any ideas how to do so??? I appreciate your time in looking at this...
If you use Nmap 7.50 or newer, you can add --script-args vulns.short to your command and the output will be shortened to:
| smb-vuln-cve2009-3103:
|_ 10.x.x.x VULNERABLE CVE-2009-3103
This is much easier to parse, since all of the necessary info is on one line.