LabEx
Log InJoin Free

Manage Output Formats in Nmap

NmapBeginner
Practice Now

Introduction

In this lab, the goal is to learn how to manage output formats in Nmap. You'll start by performing a basic scan on the IP address 192.168.1.1 to gather information about open ports and services. Then, you'll save scan results in different formats, including normal text, XML, and grepable output, and also learn how to append output to an existing file. Finally, you'll open the results in the Xfce text editor.

Run basic scan with nmap 192.168.1.1

In this step, we will perform a basic scan of the IP address 192.168.1.1 using Nmap. Nmap is a powerful network scanning tool used to discover hosts and services on a computer network by sending packets and analyzing the responses. A basic scan provides information about the target, such as open ports and operating system details.

First, let's understand the basic syntax of the nmap command:

nmap [target]

Where [target] is the IP address or hostname you want to scan.

Now, let's run the basic scan on 192.168.1.1. Open your terminal and execute the following command:

nmap 192.168.1.1

This command will initiate a scan of the target IP address. Nmap will attempt to determine which ports are open, what services are running, and potentially the operating system of the target.

The output will look similar to this (the exact output will vary depending on the target system):

Starting Nmap 7.80 ( https://nmap.org ) at 2023-10-27 10:00 UTC
Nmap scan report for 192.168.1.1
Host is up (0.00020s latency).
Not shown: 999 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh

Nmap done: 1 IP address (1 host up) scanned in 2.18 seconds

This output shows that the host 192.168.1.1 is up, and port 22 (SSH) is open. The "Not shown: 999 closed ports" line indicates that Nmap did not display the 999 closed ports to keep the output concise.

Save to normal file with nmap -oN scan.txt 127.0.0.1

In this step, we will save the output of an Nmap scan to a normal text file using the -oN option. This is useful for storing scan results for later analysis or reporting.

The -oN option tells Nmap to save the output in a human-readable format to the specified file. The syntax is as follows:

nmap -oN <filename> <target>

Where <filename> is the name of the file you want to save the output to, and <target> is the IP address or hostname you want to scan.

In this case, we will scan 127.0.0.1 (localhost) and save the output to a file named scan.txt in your ~/project directory.

Open your terminal and execute the following command:

nmap -oN scan.txt 127.0.0.1

After the scan completes, you can view the contents of the scan.txt file using a text editor or the cat command. For example:

cat scan.txt

The output will be similar to the following (the exact output will vary):

## Nmap 7.80 scan initiated Tue Oct 27 10:00:00 2023
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000073s latency).
Not shown: 999 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http

## Nmap done at Tue Oct 27 10:00:02 2023 -- 1 IP address (1 host up) scanned in 2.00 seconds

This output is the same information you would see on the terminal, but now it's saved in the scan.txt file for future reference.

Generate XML with nmap -oX scan.xml 192.168.1.1

In this step, we will generate an XML file containing the results of an Nmap scan. The XML format is useful for parsing the scan results programmatically, making it easier to integrate Nmap with other tools or scripts.

The -oX option tells Nmap to save the output in XML format to the specified file. The syntax is as follows:

nmap -oX <filename> <target>

Where <filename> is the name of the XML file you want to create, and <target> is the IP address or hostname you want to scan.

In this case, we will scan 192.168.1.1 and save the output to a file named scan.xml in your ~/project directory.

Open your terminal and execute the following command:

nmap -oX scan.xml 192.168.1.1

After the scan completes, you can view the contents of the scan.xml file using a text editor or the cat command. However, because it's an XML file, it will contain a lot of markup and might not be easily readable in a plain text editor.

cat scan.xml

The output will be a large XML document containing detailed information about the scan, including host details, open ports, service versions, and more. You can use tools like xmllint to format and validate the XML file, or use programming languages like Python with libraries like xml.etree.ElementTree to parse the data.

This XML output is designed for automated processing, not human readability.

Create grepable output with nmap -oG scan.grep 127.0.0.1

In this step, we will generate a grepable output file from an Nmap scan. This format is specifically designed to be easily parsed by command-line tools like grep, awk, and sed, making it convenient for scripting and automated analysis.

The -oG option tells Nmap to save the output in a grepable format to the specified file. The syntax is as follows:

nmap -oG <filename> <target>

Where <filename> is the name of the file you want to save the grepable output to, and <target> is the IP address or hostname you want to scan.

In this case, we will scan 127.0.0.1 (localhost) and save the output to a file named scan.grep in your ~/project directory.

Open your terminal and execute the following command:

nmap -oG scan.grep 127.0.0.1

After the scan completes, you can view the contents of the scan.grep file using a text editor or the cat command.

cat scan.grep

The output will be in a format that is easy to parse with grep. For example:

## Nmap 7.80 scan initiated Tue Oct 27 10:00:00 2023
## Nmap scan report for localhost (127.0.0.1)
Host: 127.0.0.1 (localhost) Status: Up
Host: 127.0.0.1 (localhost) Ports: 22/open/tcp//ssh///, 80/open/tcp//http///
## Nmap done at Tue Oct 27 10:00:02 2023 -- 1 IP address (1 host up) scanned in 2.00 seconds

Now, you can use grep to search for specific information in the file. For example, to find all open ports, you can use the following command:

grep "Ports:" scan.grep

This will output the line containing the open ports:

Host: 127.0.0.1 (localhost) Ports: 22/open/tcp//ssh///, 80/open/tcp//http///

The grepable output format provides a simple and efficient way to extract specific data from Nmap scan results for further processing.

Append output with nmap -oN scan.txt --append-output 192.168.1.1

In this step, we will append the output of an Nmap scan to an existing file. This is useful when you want to combine the results of multiple scans into a single file without overwriting the previous results.

We will be using the -oN option to save the output in normal format, and the --append-output option to append the output to the specified file.

First, let's recall that in a previous step, we created a file named scan.txt with the results of a scan of 127.0.0.1. Now, we will append the results of a scan of 192.168.1.1 to the same file.

Open your terminal and execute the following command:

nmap -oN scan.txt --append-output 192.168.1.1

After the scan completes, the output will be appended to the scan.txt file. You can view the contents of the scan.txt file using a text editor or the cat command.

cat scan.txt

You should see the results of both scans in the file. The first part will be the scan of 127.0.0.1, and the second part will be the scan of 192.168.1.1.

The --append-output option ensures that the new scan results are added to the end of the file, preserving the previous content. This is different from using -oN scan.txt 192.168.1.1 without --append-output, which would overwrite the existing scan.txt file.

Open results in Xfce text editor

In this step, we will open the Nmap scan results in the Xfce text editor. This allows you to view and analyze the scan output in a graphical environment.

The Xfce text editor is called mousepad. We can use it to open the files we created in the previous steps, such as scan.txt, scan.xml, and scan.grep.

To open a file in mousepad from the terminal, use the following command:

mousepad <filename>

Where <filename> is the name of the file you want to open.

First, let's open the scan.txt file. In your terminal, execute the following command:

mousepad scan.txt

This will open the scan.txt file in the mousepad text editor. You can now scroll through the file and examine the Nmap scan results.

Next, let's open the scan.xml file. In your terminal, execute the following command:

mousepad scan.xml

This will open the scan.xml file in mousepad. This file contains the scan results in XML format, which is useful for parsing with scripts and other tools.

Finally, let's open the scan.grep file. In your terminal, execute the following command:

mousepad scan.grep

This will open the scan.grep file in mousepad. This file contains the scan results in a grepable format, which is useful for searching and filtering the results using command-line tools like grep.

Using a text editor like mousepad provides a convenient way to view and analyze Nmap scan results in a graphical environment.

Summary

In this lab, participants learned to manage output formats in Nmap. They started by performing a basic scan on the IP address 192.168.1.1 to gather information about open ports and services. Then, they saved scan results in different formats: normal text using -oN, XML using -oX, and grepable output using -oG. They also learned to append output to an existing file with the --append-output option. Finally, they opened the results in the Xfce text editor for review.

Related Nmap Courses
Nmap for Beginners

Nmap for Beginners

cybersecuritynmaplinux
Hands-On Network Scanning with Nmap on Linux

Hands-On Network Scanning with Nmap on Linux

cybersecuritynmaplinux
Nmap Scanning and Telnet Access

Nmap Scanning and Telnet Access

cybersecuritynmaplinux