Download Reference Guide Book Docs Zenmap GUI In the Movies
Any security tool is only as useful as the output it generates. Complex tests and algorithms are of little value if they aren't presented in an organized and comprehensible fashion. Given the number of ways Nmap is used by people and other software, no single format can please everyone. So Nmap offers several formats, including the interactive mode for humans to read directly and XML for easy parsing by software. Show
In addition to offering different output formats, Nmap provides options for controlling the verbosity of output as well as debugging messages. Output types may be sent to standard output or to named files, which Nmap can append to or clobber. Output files may also be used to resume aborted scans. Nmap makes output available in five different formats. The default is called interactive output, and it is sent to standard output (stdout). There is also normal output, which is similar to interactive except that it displays less runtime information and warnings since it is expected to be analyzed after the scan completes rather than interactively. XML output is one of the most important output types, as it can be converted to HTML, easily parsed by programs such as Nmap graphical user interfaces, or imported into databases. The two remaining output types are the simple grepable output which includes most information for a target host on a single line, and sCRiPt KiDDi3 0utPUt for users who consider themselves |<-r4d. While interactive output is the default and has no associated command-line options, the other four format options use the same syntax. They take one argument, which is the filename that results
should be stored in. Multiple formats may be specified, but each format may only be specified once. For example, you may wish to save normal output for your own review while saving XML of the same scan for programmatic analysis. You might do this with the options While these options save results to files, Nmap still prints interactive output to stdout as usual. For example, the command nmap -oX myscan.xml target prints XML to Unlike some Nmap arguments, the space between the logfile option flag (such as All of these arguments support Nmap also offers options to control scan verbosity and to append to output files rather than clobbering them. All of these options are described below. Nmap Output Formats -oN
(normal output) Requests that normal output be directed to the given filename. As discussed above, this differs slightly from -oX (XML output) Requests that XML output be directed to the given filename. Nmap includes a document type definition (DTD) which allows XML parsers to validate Nmap
XML output. While it is primarily intended for programmatic use, it can also help humans interpret Nmap XML output. The DTD defines the legal elements of the format, and often enumerates the attributes and values they can take on. The latest version is always available from XML offers a stable format that is easily parsed by software. Free XML parsers are available for all major computer languages, including C/C++, Perl, Python, and Java. People have even written bindings for most of these languages to handle Nmap output and execution specifically. Examples are Nmap::Scanner and Nmap::Parser in Perl CPAN. In almost all cases that a non-trivial application interfaces with Nmap, XML is the preferred format. The XML output references an XSL stylesheet which can be used to format the results as HTML. The easiest way to use this is simply to load the XML output in a web browser such as Firefox or IE. By default, this will only work on the machine you ran Nmap on (or a similarly configured one) due to the hard-coded -oS (ScRipT KIdd|3 oUTpuT) Script kiddie output is like interactive output, except that it is post-processed to better suit the l33t HaXXorZ who previously looked down on Nmap due to its consistent capitalization and spelling. Humor impaired people should note that this option is making fun of the script kiddies before flaming me for supposedly “helping them”. -oG (grepable output) This output format is covered last because it is deprecated. The XML output format is far more powerful, and is nearly as convenient for experienced users. XML is a standard for which dozens of excellent parsers are available, while grepable output is my own simple hack. XML is extensible to support new Nmap features as they are released, while I often must omit those features from grepable output for lack of a place to put them. Nevertheless, grepable output is still quite popular. It is a simple format that lists each host on one line and can be trivially searched and parsed with standard Unix tools such as grep, awk, cut, sed, diff, and Perl. Even I usually use it for one-off tests done at the command line. Finding all the hosts with the SSH port open or that are running Solaris takes only a simple grep to identify the hosts, piped to an awk or cut command to print the desired fields. Grepable output consists of comments (lines starting with a pound (#)) and target lines. A target line includes a combination of six labeled fields, separated by tabs and followed with a colon. The fields are The most important of these fields is generally As with XML output, this man page does not allow for documenting the entire format. A more detailed look at the Nmap grepable output format is available in
the section called “Grepable Output ( -oA (Output to all formats) As a convenience, you may specify Verbosity and debugging options -v (Increase verbosity level) , -v (Set verbosity level) Increases the verbosity level, causing Nmap to
print more information about the scan in progress. Open ports are shown as they are found and completion time estimates are provided when Nmap thinks a scan will take more than a few minutes. Use it twice or more for even greater verbosity: Most changes only affect interactive output, and some also affect normal and script kiddie output. The other output types are meant to be processed by machines, so Nmap can give substantial detail by default in those formats without fatiguing a human user. However, there are a few changes in other modes where output size can be reduced substantially by omitting some detail. For example, a comment line in the grepable output that provides a list of all ports scanned is only printed in verbose mode because it can be quite long. -d (Increase debugging level) ,
-d (Set debugging level) When even verbose mode doesn't provide sufficient data for you, debugging is available to flood you with much more! As with the verbosity option ( Debugging output is useful when a bug is suspected in Nmap, or if you are simply confused as to what Nmap is doing and why. As this feature is mostly intended for developers, debug lines aren't always self-explanatory. You may get something like: --reason (Host and port state reasons) Shows the reason each port is set to a specific state and the reason each host is up or down. This option displays the type of the packet that determined a port or hosts state.
For example, A --stats-every (Print periodic timing stats) Periodically prints a timing status message after each interval of --packet-trace (Trace packets and data sent and received) Causes Nmap to print a summary of every packet sent or received. This is often used for debugging, but is also a valuable way for new users to understand exactly what Nmap is doing under the covers. To avoid printing thousands of lines, you may want to specify a limited number of ports to scan, such as
--open (Show only open (or possibly open) ports) Sometimes you only care about ports you can actually connect to ( Beginning
with Nmap 7.40, the --iflist (List interfaces and routes) Prints the interface list and system routes as detected by Nmap and quits. This is useful for debugging routing problems or device mischaracterization (such as Nmap treating a PPP connection as ethernet). Miscellaneous output options --append-output (Append to rather than clobber output files) When you specify a filename to an output format flag such as --resume (Resume aborted scan) Some extensive Nmap runs take a very long time—on the order of days. Such scans don't always run to completion. Restrictions may prevent Nmap from being run during working hours, the network could go down, the
machine Nmap is running on might suffer a planned or unplanned reboot, or Nmap itself could crash. The administrator running Nmap could cancel it for any other reason as well, by pressing ctrl-C. Restarting the whole scan from the beginning may be undesirable. Fortunately, if scan output files were kept, the user can ask Nmap to resume scanning with the target it was working on when execution ceased. Simply specify the --noninteractive (Disable runtime interactions)
At times, such as when running Nmap in a shell background, it might be undesirable for Nmap to monitor and respond to user keyboard input when running. (See the section called “Runtime Interaction” about how to control Nmap during a scan.) Use option --stylesheet (Set XSL stylesheet to
transform XML output) Nmap ships with an XSL stylesheet named --webxml (Load stylesheet from Nmap.Org) This is a convenience option, nothing
more than an alias for --no-stylesheet (Omit XSL stylesheet declaration from XML) Specify this option to prevent Nmap from associating any XSL stylesheet with its XML output. The Which command is used to display the contents of a file to standard output?Use the pg command to read the files named in the File parameter and writes them to standard output one screen at a time. Use the more or page command to display continuous text one screen at a time. Use the cat command to read each File parameter in sequence and writes it to standard output.
Which command is used to save the standard output in a file as well as display it on the terminal?Method 2: Use tee command to display the output and save it to a file as well.
Which command is used to send the output of a command to a file?The >> shell command is used to redirect the standard output of the command on the left and append (add) it to the end of the file on the right.
What is the command to display anything onto the standard output device?When you run cat, it copies a file to standard output. Because the shell directs standard output to the screen, cat displays the file on the screen. Up to this point cat has taken its input from the filename (argument) you specify on the command line.
|