python-nmap
The encapsulated nmap command parameters, and then calls nmap, nmap formatted result output.
Module common methods described
Here we used two classes python-nmap receiving module is a PortScanner () class, to achieve a tool nmap port scanning function package; the other is PortScannerHostDict () class that implements the storage and access host scan results
1, PortScanner () method of class common
1-1, scan () method
scan(self, hosts='127.0.0.1', ports=None, arguments='-sV')Methods to achieve scanning specify the host, port, namp command line arguments. The parameter is a string type hosts, the host address scanning format may be "scanme.nmap.org", "192.116.0-255.1-127", "216.163.128.20/20" represents; ports parameter is a string type, a scanning ports can be "22,53,110,143-4564" represents; namp parameter command line parameters, the format of "-sU -sX -sC", for example:
nm = nmap.PortScanner()
nm.scan('192.168.209.121-122', '22,80')1-2, command_line () method
command_line (self) method returns the mapped to a specific scanning method nmap command line, such as:
>>> nm.command_line()
u'nmap -oX - -p 22,80 -sV 192.168.209.121-122'1-3, scaninfo () method
scaninfo (self) method returns nmap scanning information, the format of a dictionary, such as:
>>>nm.scanninfo()
{'tcp':{'services':'22,80', 'method':'syn'}}1-4, all_hosts () method
all_hosts (self) method returns a list of host nmap scanning, a list format type, for example:
['192.168.209.121', '192.168.209.122']2, PortScannerHostDict () method of class commonly
2-1, hostname () method
hostname (self) method returns the hostname scanned object, such as:
>>> nm['192.168.209.121'].hostname()
'liuyazhuang'2-2、state()方法
state(self)方法,返回扫描对象的状态,包括4中状态(up、down、unknown、skipped),如:
>>> nm['192.168.209.121'].state()
'up'2-3、all_protocols()方法
all_protocols(self)方法,返回扫描的协议,如:
>>> nm['192.168.209.121'].all_protocols()
['tcp']2-4、all_tcp()方法
all_tcp(self)方法,返回TCP协议扫描的端口,如:
>>> nm['192.168.209.121'].all_tcp()
[22,80]2-5、tcp()方法
tcp(self, port)方法,返回扫描TCP协议port(端口)的信息,如:
>>> nm['192.168.209.121'].tcp(22)
{'state':'open', 'reason':'syn-ack', 'name':'ssh'}python操作nmap
1.简单的小案例
创建PortScanner实例,然后扫描159.239.210.26这个IP的20-443端口。
import nmap
nm = nmap.PortScanner()
ret = nm.scan('115.239.210.26','20')
print ret返回格式如下:
{'nmap': {'scanstats':
{'uphosts': '1', 'timestr': 'Tue Oct 25 11:30:47 2016', 'downhosts': '0', 'totalhosts': '1', 'elapsed': '1.11'},
'scaninfo': {'tcp': {'services': '20', 'method': 'connect'}}, 'command_line': 'nmap -oX - -p 20 -sV 115.239.210.26'},
'scan': {'115.239.210.26': {'status': {'state': 'up', 'reason': 'syn-ack'}, 'hostnames': [{'type': '', 'name': ''}],
'vendor': {}, 'addresses': {'ipv4': '115.239.210.26'},
'tcp': {20: {'product': '', 'state': 'filtered', 'version': '', 'name': 'ftp-data', 'conf': '3', 'extrainfo': '',
'reason': 'no-response', 'cpe': ''}
}
}
}
}2.内置方法:
还可以打印出简单的信息
import nmap
nm = nmap.PortScanner()
print nm.scaninfo()
# {u'tcp': {'services': u'20-443', 'method': u'syn'}}
print nm.command_line()
# u'nmap -oX - -p 20-443 -sV 115.239.210.26' 查看有多少个host
print nm.all_hosts()
# [u'115.239.210.26'] 查看该host的详细信息
nm['115.239.210.26']查看该host包含的所有协议
nm['115.239.210.26'].all_protocols() 查看该host的哪些端口提供了tcp协议
nm['115.239.210.26']['tcp']
nm['115.239.210.26']['tcp'].keys() 查看该端口是否提供了tcp协议
nm['115.239.210.26'].has_tcp(21)还可以像这样设置nmap执行的参数
nm.scan(hosts='192.168.1.0/24', arguments='-n -sP -PE -PA21,23,80,3389') 更多操作请进官网http://xael.org/pages/python-nmap-en.html