diff --git a/sqlite-output.nse b/sqlite-output.nse index 7f9757f..e687fc2 100644 --- a/sqlite-output.nse +++ b/sqlite-output.nse @@ -3,21 +3,21 @@ This script stores the following nmap output into a sqlite3 database: Hostname, Both, database file name and table name can be passed to the script via arguments (see @args or @example), data will always be appended to an existing table. Non-existant database files or table s are created during the scan. Nmap's regular output (-o) will not be modified in any way. -Dependencies: luasql (http://keplerproject.org/luasql) +Dependencies: luasql (http://keplerproject.org/luasql) ]] --- --- @usage +-- @usage -- nmap --script sqlite-output -- -- @example -- $ nmap -sS -A -F --script sqlite-output --script-args=dbname=scan.sqlite,dbtable=scandata scanme.nmap.org --- $ sqlite3 scan.sqlite +-- $ sqlite3 can.sqlite -- sqlite> select * from scandata; -- scanme.nmap.org|74.207.244.221|22|tcp|ssh|OpenSSH5.3p1 Debian 3ubuntu7.1 -- scanme.nmap.org|74.207.244.221|80|tcp|http|Apache httpd2.2.14 -- --- @args +-- @args -- dbname: name of sqlite database file (default: scan.sqlite) -- dbtable: name of database table in which the output will be written (default: scandata) --- @@ -46,18 +46,18 @@ end env = luasql.sqlite3() con = env:connect(dbname) -res = con:execute (string.format("CREATE TABLE '%s' (hostname varchar(100), ip varchar(16), port integer(5), protocol varchar(3), service varchar(100), version varchar(100))", con:escape(dbtable))) +res = con:execute (string.format("CREATE TABLE '%s' (hostname varchar(100), ip varchar(16), port integer(5), protocol varchar(3), state varchar(20), service varchar(100), version varchar(100))", con:escape(dbtable))) function portaction (host, port) local version = "" if (port.version.product~=nil) then - version = port.version.product + version = port.version.product end if (port.version.version~=nil) then version = version .. port.version.version end - res = con:execute(string.format("INSERT INTO '%s' VALUES ('%s', '%s', '%s', '%s', '%s', '%s')" , con:escape(dbtable), con:escape(host.name), con:escape(host.ip), con:escape(port.number), con:escape(port.protocol), con:escape(port.service), con:escape(version))) - + res = con:execute(string.format("INSERT INTO '%s' VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')" , con:escape(dbtable), con:escape(host.name), con:escape(host.ip), con:escape(port.number), con:escape(port.protocol), con:escape(port.state), con:escape(port.service), con:escape(version))) + end function postaction ()