edermi · February 18, 2019 22:19
diff --git a/xml2db.py b/xml2db.py
 #!/usr/bin/env python3

 # For untrusted XML input, use a hardened parser, see https://docs.python.org/3/library/xml.html

 import xml.etree.ElementTree as ET
 import sqlite3
 import argparse
 import sys


 def parseArgs():
    parser = argparse.ArgumentParser()
    parser.add_argument("scanfile")
    parser.add_argument("databasefile")
    parser.add_argument("tablename")
    args = parser.parse_args()
    return args.scanfile, args.databasefile, args.tablename


 def parse_xml(scanfile):
    result = []
    tree = ET.parse(scanfile)
    root = tree.getroot()
    for host in root.findall("host"):
        try:
            addr = host.find("address").get("addr")
            port = host.find("ports").find("port").get("portid")
            state = host.find("ports").find("port").find("state").get("state")
            result.append((addr, port, state=="open"))
            print("{}:{} is {}".format(addr,port,state))
        except AttributeError:
            continue
    return result


 def prepare_db(database, tablename, data):
    if tablename not in ["nmap", "masscan"]:
        print("Tablename must either be nmap or masscan")
        sys.exit(1)
    conn = sqlite3.connect(database)
    c = conn.cursor()
    if tablename == "nmap":
        c.execute('''DROP TABLE IF EXISTS nmap''')
        c.execute('''CREATE TABLE nmap (address text, port integer, open integer)''')
        c.executemany('''INSERT INTO nmap VALUES (?,?,?)''', data)
    elif tablename == "masscan":
        c.execute('''DROP TABLE IF EXISTS masscan''')
        c.execute('''CREATE TABLE IF NOT EXISTS masscan (address text, port integer, open integer)''')
        c.executemany('''INSERT INTO masscan VALUES (?,?,?)''', data)
    else:
        sys.exit(1)
    conn.commit()
    conn.close()

 # python3 xml2db.py scan.masscan.xml results.sqlite masscan
 def main():
    scanfile, database, tablename = parseArgs()
    parsed = parse_xml(scanfile)
    prepare_db(database, tablename, parsed)


 if __name__ == '__main__':
    main()
	#!/usr/bin/env python3

	# For untrusted XML input, use a hardened parser, see https://docs.python.org/3/library/xml.html

	import xml.etree.ElementTree as ET
	import sqlite3
	import argparse
	import sys


	def parseArgs():
	parser = argparse.ArgumentParser()
	parser.add_argument("scanfile")
	parser.add_argument("databasefile")
	parser.add_argument("tablename")
	args = parser.parse_args()
	return args.scanfile, args.databasefile, args.tablename


	def parse_xml(scanfile):
	result = []
	tree = ET.parse(scanfile)
	root = tree.getroot()
	for host in root.findall("host"):
	try:
	addr = host.find("address").get("addr")
	port = host.find("ports").find("port").get("portid")
	state = host.find("ports").find("port").find("state").get("state")
	result.append((addr, port, state=="open"))
	print("{}:{} is {}".format(addr,port,state))
	except AttributeError:
	continue
	return result


	def prepare_db(database, tablename, data):
	if tablename not in ["nmap", "masscan"]:
	print("Tablename must either be nmap or masscan")
	sys.exit(1)
	conn = sqlite3.connect(database)
	c = conn.cursor()
	if tablename == "nmap":
	c.execute('''DROP TABLE IF EXISTS nmap''')
	c.execute('''CREATE TABLE nmap (address text, port integer, open integer)''')
	c.executemany('''INSERT INTO nmap VALUES (?,?,?)''', data)
	elif tablename == "masscan":
	c.execute('''DROP TABLE IF EXISTS masscan''')
	c.execute('''CREATE TABLE IF NOT EXISTS masscan (address text, port integer, open integer)''')
	c.executemany('''INSERT INTO masscan VALUES (?,?,?)''', data)
	else:
	sys.exit(1)
	conn.commit()
	conn.close()

	# python3 xml2db.py scan.masscan.xml results.sqlite masscan
	def main():
	scanfile, database, tablename = parseArgs()
	parsed = parse_xml(scanfile)
	prepare_db(database, tablename, parsed)


	if __name__ == '__main__':
	main()