Port scanning with NMAP NSE execution
Many of the Nmap Scripting Engine (NSE) scripts are only applicable if there is a service running on a given port. Consider the usage of the following scripts:
smb-vuln-conficker
smb-vuln-cve2009-3103
smb-vuln-ms06-025
smb-vuln-ms07-029
smb-vuln-regsvc-dos
smb-vuln-ms08-067
These scripts will evaluate SMB services running on TCP port 445
for common service vulnerabilities. If these scripts were executed across an entire network, it would have to redo the task of determining whether port 445
is open and whether the SMB service is accessible on each target system. This is a task that has probably already been accomplished during the scanning phase of the assessment. Bash scripting can be used to leverage existing Nmap greppable output files to run service-specific NSE scripts only against systems that are running those services. In this recipe, we will demonstrate how a script can be used to determine hosts
that are running a service on TCP 445
from previous...