Parsing something with regex - Programmers Heaven

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

Parsing something with regex

dbrandtdbrandt Posts: 43Member
I'm trying to parse some output of the program Nmap with regular expressions.

From this output:

[code]
Starting Nmap 4.76 ( http://nmap.org ) at 2009-06-12 22:53 CDT
Interesting ports on jb-Laptop (127.0.0.1):
Not shown: 984 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
110/tcp open pop3
139/tcp open netbios-ssn
143/tcp open imap
445/tcp open microsoft-ds
465/tcp open smtps
587/tcp open submission
631/tcp open ipp
993/tcp open imaps
995/tcp open pop3s
2020/tcp open xinupageserver
5222/tcp open unknown
5900/tcp open vnc
10000/tcp open snet-sensor-mgmt

Interesting ports on 192.168.0.1:
Not shown: 999 closed ports
PORT STATE SERVICE
80/tcp open http
MAC Address: 00:09:5B:AA:7E:1A (Netgear)

Nmap done: 2 IP addresses (2 hosts up) scanned in 4.35 seconds
[/code]

...I'd like to get this:

[code]
['21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
110/tcp open pop3
139/tcp open netbios-ssn
143/tcp open imap
445/tcp open microsoft-ds
465/tcp open smtps
587/tcp open submission
631/tcp open ipp
993/tcp open imaps
995/tcp open pop3s
2020/tcp open xinupageserver
5222/tcp open unknown
5900/tcp open vnc
10000/tcp open snet-sensor-mgmt',
'80/tcp open http']
[/code]


Right now, I can do as follows:
[code]
portdata = re.search("PORTs+STATEs+SERVICE.*d/S+s+S+s+S+", data, re.DOTALL)
[/code]

This works when I'm getting the ports for just one host, but for more than one it won't match correctly. Any htelp?

Comments

  • ghostdog74ghostdog74 Posts: 3Member
    [code]
    portdata="""
    Starting Nmap 4.76 ( http://nmap.org ) at 2009-06-12 22:53 CDT
    Interesting ports on jb-Laptop (127.0.0.1):
    Not shown: 984 closed ports
    PORT STATE SERVICE
    21/tcp open ftp
    22/tcp open ssh
    25/tcp open smtp
    110/tcp open pop3
    139/tcp open netbios-ssn
    143/tcp open imap
    445/tcp open microsoft-ds
    465/tcp open smtps
    587/tcp open submission
    631/tcp open ipp
    993/tcp open imaps
    995/tcp open pop3s
    2020/tcp open xinupageserver
    5222/tcp open unknown
    5900/tcp open vnc
    10000/tcp open snet-sensor-mgmt

    Interesting ports on 192.168.0.1:
    Not shown: 999 closed ports
    PORT STATE SERVICE
    80/tcp open http
    MAC Address: 00:09:5B:AA:7E:1A (Netgear)

    Nmap done: 2 IP addresses (2 hosts up) scanned in 4.35 seconds
    """

    portdata=portdata.split("
    ")
    for items in portdata:
    if "/" in items and not "Starting" in items:
    print items
    [/code]
Sign In or Register to comment.