I went ahead and implemented an nmap_linux.sh that will always use the local subnet. Tested on openSUSE 11, but it doesn't use unusual things, so it should run on any recent Linux distribution (with a kernel of at least 2.0)
What it does: - nmap is now a two-step process. First, we find all hosts on the local subnet. Then we do an nmap on each host and submit it. - it stores all results in variables, and the wget output gets sent straight to /dev/null so there are no leftover files to delete.
The only thing left to change is the OA_SUBMIT_BASEURL (the root of your OA Web site).
If you want to scan a remote instead of a local subnet, you have to explicitly the IP of that subnet.
#!/bin/bash
OA_SUBMIT_BASEURL=https://myoasite/openaudit
UTIL_IP=$(which ip) # if the IP utility wasn't found, we have to rely on traditional guessing # But most new Linux systems with kernel 2.0 or above should have the # ip tool if [ -z "$UTIL_IP" ] then SUBNETS=192.168.2.0/24 else # the ip utility will tell us what we need to know. # The line will start with the IP address in CIDR format # If it is an external interface, it will also have our # own IP at the end, with the src prefix. Without the src # term, the line is something else, such as a local interface SUBNETS=$($UTIL_IP route | grep "src" | awk '{ print $1; }' ) fi
# since admin_nmap_input.php can only accept info about one host at a time, let's # first figure out what hosts there are, and then separately determine the data # for each host nmap_hosts=$(nmap -sP -oG - $SUBNETS | grep "Host" | sed "s/.* \([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\).*/\1/")
for host in $nmap_hosts do # echo $host nmap_output=$(nmap -v -O -oN - $host) wget -q --no-check-certificate -O /dev/null --post-data="submit=submit&add=$nmap_output" $OA_SUBMIT_BASEURL/admin_nmap_input.php done
|