Open-AudIT
https://www.open-audit.org/phpBB3/

nmap_linux.sh not working
https://www.open-audit.org/phpBB3/viewtopic.php?f=5&t=5881
Page 1 of 1

Author:  martinkuria [ Thu Jun 07, 2012 7:09 pm ]
Post subject:  nmap_linux.sh not working

hi, I have installed open-audit server on my fedora box.
I am trying to run #./nmap_linux.sh to query some devices on my network but there is nothing that gets captured. Am I missing something.
Below is my nmap_linux.sh script

[color=#0000FF]#!/bin/bash

for ((a=11; a <= 31 ; a++))
do
echo "10.xx.xx.$a"
nmap_file="nmap_file.txt"
nmap_input=$(nmap -v -O -oN $nmap_file 10.xx.xx.$a)
nmap_output=$(cat $nmap_file)
wget -q –post-data="submit=submit&add=$nmap_output" http://10.xx.xx.xx/audit0/admin_nmap_input.php
rm "$nmap_file"
rm "admin_nmap_input.php"
done[/color]


I have also tried to run the nmap_linux.sh script to query one of my windows 2003 server(10.xxx.xxx.141). Below is what it saved in the nmap_file.txt file.
I assume the contents in the nmap_file.txt should be inserted in the database right? but nothing is inserted, am I missing something

# cat nmap_file.txt
[color=#0000FF]# Nmap 5.50 scan initiated Thu Jun 7 11:24:27 2012 as: nmap -v -O -oN nmap_file.txt 10.xxx.xxx.141
Initiating OS detection (try #1) against test.server.org (10.xxx.xxx.141)
Nmap scan report for hardcat.unon.org (10.xxx.xxx.141)
Host is up (0.00050s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
80/tcp open http
81/tcp open hosts2-ns
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1026/tcp open LSA-or-nterm
3389/tcp open ms-term-serv
Device type: general purpose
Running: Microsoft Windows 2003
OS details: Microsoft Windows Server 2003 SP1 or SP2
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=260 (Good luck!)
IP ID Sequence Generation: Incremental

Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
# Nmap done at Thu Jun 7 11:24:30 2012 -- 1 IP address (1 host up) scanned in 3.35 seconds
#

[/color]

Author:  jpa [ Fri Jun 08, 2012 2:20 am ]
Post subject:  Re: nmap_linux.sh not working

You don't say what version of OpenAudit you have but I'd first make sure you're on the latest version from [url=http://open-audit.svn.sourceforge.net/viewvc/open-audit/trunk/?view=tar]SVN[/url].

Then as OAv1 is no longer maintained you might try my admin_nmap_input.php file to see if it helps. I'm not sure my latest changes are anything better than what's in the SVN trunk.

Also I think the nmap input code doesn't handle nmap scans that were done across subnets and thus don't have a MAC address in the output. It's best to run the nmap scan against machines on the same subnet as the scanning machine.

Attachments:
admin_nmap_input.txt [14.78 KiB]
Downloaded 1157 times

Author:  martinkuria [ Fri Jun 08, 2012 4:30 pm ]
Post subject:  Re: nmap_linux.sh not working

I am running Open-AudIT Version 09.03.17 (c) 2006 - 2012.License

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/