try to save nmap result to txt file

Question

I try to save results from nmap scan to a txt file. I use this command

nmap -n -Pn -p T:3389 -T5 -sS -iR 0 | grep "scan" | awk '{ print $5 }' > test.txt

cat test.txt

the output looks like this :

xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx

It is working perfectly.

I want to scan only for open ports, and for this I try to use the --open option like this :

nmap -n -Pn -p T:3389 --open -T5 -sS -iR 0 | grep "scan" | awk '{ print $5 }' > test.txt

It does not work, the test.txt is empty. I try to use tail -f test.txt to see live results, but it's not working. Can someone explain what I'm doing, wrong?

I was expecting to see the result as the first time.

xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx
xx.xx.xx.xx

after I want to add the port number after all ip like this

xx.xx.xx.xx:3389
xx.xx.xx.xx:3389
xx.xx.xx.xx:3389
xx.xx.xx.xx:3389
xx.xx.xx.xx:3389
xx.xx.xx.xx:3389

and for that I want to use sed -i s/$/:3389/ test.txt

I wonder if it is possible to get this result with only one command.

I try something like this :

nmap -n -Pn -p T:3389 --open -T5 -sS 192.168.0.1/24 | grep "scan" | awk '{ print $5 }' > test.txt; sed -i s/$/:3389/ test.txt

cat test.txt and this is the result :

192.168.0.2:3389
192.168.0.16:3389
addresses:3389

I do not know why addresses:3389 appear at the end. But this works.

I want to get the same result but whit this command :

nmap -n -Pn -p T:3389 --open -T5 -sS -iR 0 | grep "scan" | awk '{ print $5 }' > test.txt; sed -i s/$/:3389/ test.txt

I try this command but not working. I want to use this command in a bash script. any help or suggestion is appreciated.

nmap -n -Pn -p T:3389 --open -T5 -sS -iR 0

This is the output:

    Nmap scan report for 187.3.104.223
    Host is up (0.29s latency).

    PORT     STATE SERVICE
    3389/tcp open  ms-wbt-server

    Nmap scan report for 118.89.215.203
    Host is up (0.29s latency).

    PORT     STATE SERVICE
    3389/tcp open  ms-wbt-server

Answer 1

I found a way to make it work. This is the command :

nmap -n -Pn -p T:3389 -T5 -sS -iR 5000 --open | grep scan | grep -v addresses | awk '{print $5}' | sed 's/$/:3389/' > test

cat test

The output:

35.190.27.36:3389
35.214.139.176:3389
132.190.70.226:3389
109.228.13.61:3389
103.10.175.4:3389
113.134.99.14:3389
35.168.9.215:3389
167.93.112.130:3389
115.220.6.216:3389
137.32.209.1:3389
35.206.198.136:3389

I can change the -iR 5000 if i need it, and it still works. It doesn't work with 0

I hope to be helpful if someone need it. Thank you all

Answer 2

The "addresses" is from the summary ending line of the Nmap output, 5th word:

   Nmap done: 256 IP addresses (10 hosts up) scanned in 3.12 seconds

To remove the addresses from the output run:

   nmap -n -Pn -p T:3389 --open -T5 -sS -iR 0 |grep scan|grep -v addresses|awk '{print $5}' | sed 's/$/:3389/' > test.txt

Post your output if it's not what you expected / wanted to get