4

I'm trying to make this script to grep IP adresses with open port from nmap but I can't do it the right way.

I have something like this:

nmap 192.168.0.0/24 -sU -p 44555 | grep -oP "([0-9]{1,3}\.){3}[0-9]{1,3}"  >output.txt

But this is taking all IP's open and closed.

example output nmap:

Nmap scan report for 79-119-0-248.rdsnet.ro (79.119.0.248)
Host is up (0.033s latency).
PORT      STATE         SERVICE
27023/udp open|filtered unknown

Nmap scan report for 79-119-0-249.rdsnet.ro (79.119.0.249)
Host is up (0.032s latency).
PORT      STATE  SERVICE
27023/udp closed unknown

Only the ones are open/filtered I want Thanks

user3297864
  • 115
  • 4
  • 11

3 Answers3

3

It works with egrep :

nmap 192.168.0.0/24 -sU -p 44555 | grep -B3 open | egrep -o "([0-9]{1,3}\.){3}[0-9]{1,3}"  > output.txt
Martin Delille
  • 11,360
  • 15
  • 65
  • 132
0

If you want to just get open ip you can try the following code(surely works):

nmap 192.168.0.0/24 -sU -p 44555 | grep '^44555.*open' -B3 | grep '^Nmap scan' | cut -d\( -f2 | cut -d\) -f1 > output.txt
MLSC
  • 5,872
  • 8
  • 55
  • 89
0

Using awk

nmap 192.168.0.0/24 -sU -p 44555|awk  '/(open|filtered)/{print $2}' RS="Nmap" FS="[)(]"

Explanation

  • RS="Nmap" - set work Nmap as record Separator variable
  • FS="[)(]"set parentheses as field separators
  • /(open|filtered)/{print $2} If the record has open or filtered, print column 2.
BMW
  • 42,880
  • 12
  • 99
  • 116