Last active
February 26, 2024 13:34
-
-
Save dreizehnutters/11ede4754dc6549d364cc8f1daf62677 to your computer and use it in GitHub Desktop.
export nmap xml data to csv via msfdb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ -z "$1" ]; then | |
| echo "$0 <PATH TO NMAP SCAN RESULTS>" | |
| exit 1 | |
| fi | |
| AUDIT_RESULTS=$1 | |
| PREFIX=$2 | |
| DB_HOST="127.0.0.1" | |
| DB_PORT="5432" | |
| DB_USER="msf" | |
| DB_NAME="msf" | |
| DB_CONFIG_PATH="/usr/share/metasploit-framework/config/database.yml" | |
| CSV_OUT="WITH (FORMAT CSV, DELIMITER ';', HEADER TRUE, FORCE_QUOTE *)" | |
| PSQL="psql -h ${DB_HOST} -p ${DB_PORT} -U ${DB_USER} -d ${DB_NAME}" | |
| PGPASSWORD=$(cat $DB_CONFIG_PATH | grep password | cut -d ' ' -f4 | head -n1) | |
| [ "$?" != "0" ] && echo "[!] Failed to grep password from metasploit-framework database.yml" && exit 1 | |
| PGPASSWORD=$PGPASSWORD $PSQL -c "SELECT 1;" >/dev/null 2>&1 | |
| [ "$?" != "0" ] && echo "[!] msfdb not running -> \`msfdb init\`" && exit 1 | |
| echo "[*] clearing workspace & metasploit import..." | |
| msfconsole -q -x "workspace -D Default; db_import ${AUDIT_RESULTS}/*.xml; exit" | |
| [ "$?" != "0" ] && echo "[!] ERROR: Failed to import data to metasploit" && exit 1 | |
| declare -a qs=( | |
| "(select address, mac, name, os_name, os_flavor, os_sp from hosts)"#hosts | |
| "(select address, mac, HOSTS.name as host_name, port, proto, SERVICES.state, SERVICES.name, SERVICES.info, os_name, os_flavor, os_sp \ | |
| from \ | |
| services \ | |
| INNER JOIN \ | |
| hosts \ | |
| ON hosts.id = services.host_id)"#service) | |
| for q in "${qs[@]}"; do | |
| OUTPUT_CSV="${PWD}/$(echo $q | cut -d "#" -f2)$2.csv" | |
| echo -e "\t[-] exporting to ${OUTPUT_CSV}" | |
| QUERY="\copy $(echo $q | cut -d "#" -f1) TO '${OUTPUT_CSV}' $CSV_OUT;" | |
| PGPASSWORD=$PGPASSWORD $PSQL -A -F ';' -P footer=off -R "\\n" -c "${QUERY}" >/dev/null 2>&1 | |
| [ "$?" != "0" ] && echo "[!] export failed" && exit 1 | |
| done | |
| echo "[*] done" && exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Automates importing Nmap scan results into Metasploit database and exporting relevant information to CSV files. Requires a running Metasploit database instance. Supports customizable database configuration and provides options for exporting hosts and service information. Enhances post-scan analysis and reporting.
Features
Nmap Results Import: Quickly imports Nmap scan results into the Metasploit database, facilitating centralized storage and management of scan data.
Customizable Export: Allows for exporting host and service information from the Metasploit database to CSV files, enabling further analysis and reporting.
Flexible Configuration: Supports customizable database configuration, allowing users to specify the Metasploit database host, port, username, and password.
Prerequisites
psqlcommand-line utility for PostgreSQL.Usage
Input Specification: Provide the path to the directory containing Nmap scan results as the first argument when running the script.