Open-AudIT
http://www.open-audit.org/phpBB3/

nmap_linux.sh not working
http://www.open-audit.org/phpBB3/viewtopic.php?f=5&t=5881
Page 1 of 1

Author:  martinkuria [ Thu Jun 07, 2012 7:09 pm ]
Post subject:  nmap_linux.sh not working

hi, I have installed open-audit server on my fedora box.
I am trying to run #./nmap_linux.sh to query some devices on my network but there is nothing that gets captured. Am I missing something.
Below is my nmap_linux.sh script

#!/bin/bash

for ((a=11; a <= 31 ; a++))
do
echo "10.xx.xx.$a"
nmap_file="nmap_file.txt"
nmap_input=$(nmap -v -O -oN $nmap_file 10.xx.xx.$a)
nmap_output=$(cat $nmap_file)
wget -q –post-data="submit=submit&add=$nmap_output" http://10.xx.xx.xx/audit0/admin_nmap_input.php
rm "$nmap_file"
rm "admin_nmap_input.php"
done



I have also tried to run the nmap_linux.sh script to query one of my windows 2003 server(10.xxx.xxx.141). Below is what it saved in the nmap_file.txt file.
I assume the contents in the nmap_file.txt should be inserted in the database right? but nothing is inserted, am I missing something

# cat nmap_file.txt
# Nmap 5.50 scan initiated Thu Jun 7 11:24:27 2012 as: nmap -v -O -oN nmap_file.txt 10.xxx.xxx.141
Initiating OS detection (try #1) against test.server.org (10.xxx.xxx.141)
Nmap scan report for hardcat.unon.org (10.xxx.xxx.141)
Host is up (0.00050s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
80/tcp open http
81/tcp open hosts2-ns
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1026/tcp open LSA-or-nterm
3389/tcp open ms-term-serv
Device type: general purpose
Running: Microsoft Windows 2003
OS details: Microsoft Windows Server 2003 SP1 or SP2
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=260 (Good luck!)
IP ID Sequence Generation: Incremental

Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
# Nmap done at Thu Jun 7 11:24:30 2012 -- 1 IP address (1 host up) scanned in 3.35 seconds
#


Author:  jpa [ Fri Jun 08, 2012 2:20 am ]
Post subject:  Re: nmap_linux.sh not working

You don't say what version of OpenAudit you have but I'd first make sure you're on the latest version from SVN.

Then as OAv1 is no longer maintained you might try my admin_nmap_input.php file to see if it helps. I'm not sure my latest changes are anything better than what's in the SVN trunk.

Also I think the nmap input code doesn't handle nmap scans that were done across subnets and thus don't have a MAC address in the output. It's best to run the nmap scan against machines on the same subnet as the scanning machine.

Attachments:
admin_nmap_input.txt [14.78 KiB]
Downloaded 465 times

Author:  martinkuria [ Fri Jun 08, 2012 4:30 pm ]
Post subject:  Re: nmap_linux.sh not working

I am running Open-AudIT Version 09.03.17 (c) 2006 - 2012.License

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/