From 4fc2804f08dca07b30089411333a6c995de571f3 Mon Sep 17 00:00:00 2001 From: fredjt <61065187+fredjt@users.noreply.github.com> Date: Thu, 29 Aug 2024 13:47:07 -0400 Subject: [PATCH] Update nmap module --- modules/sfp_tool_nmap.py | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/modules/sfp_tool_nmap.py b/modules/sfp_tool_nmap.py index 63f0231958..994267dc99 100644 --- a/modules/sfp_tool_nmap.py +++ b/modules/sfp_tool_nmap.py @@ -149,9 +149,6 @@ def handleEvent(self, event): self.debug(f"Error running Nmap: {stderr}, {stdout}") return - if "No exact OS matches for host" in content or "OSScan results may be unreliable" in content: - self.debug(f"Couldn't reliably detect the OS for {eventData}") - return except Exception as e: self.error(f"Unable to run Nmap: {e}") return @@ -161,6 +158,10 @@ def handleEvent(self, event): return if eventName == "IP_ADDRESS": + if "No exact OS matches for host" in content or "OSScan results may be unreliable" in content: + self.debug(f"Couldn't reliably detect the OS for {eventData}") + return + try: opsys = None for line in content.split('\n'): @@ -179,14 +180,20 @@ def handleEvent(self, event): for line in content.split('\n'): opsys = None if "scan report for" in line: - currentIp = line.split("(")[1].replace(")", "") - if "OS details:" in line: - junk, opsys = line.split(": ") - - if opsys and currentIp: + if "(" in line: + currentIp = line.split("(")[1].replace(")", "") + else: + currentIp = line.split(" for ")[1] ipevent = SpiderFootEvent("IP_ADDRESS", currentIp, self.__name__, event) self.notifyListeners(ipevent) + elif "OS details:" in line: + opsys = line.split(": ")[1] + elif "No exact OS matches for host" in line or "OSScan results may be unreliable" in line: + self.debug(f"Couldn't reliably detect the OS for {currentIp}") + currentIp = None + + if opsys and currentIp: evt = SpiderFootEvent("OPERATING_SYSTEM", opsys, self.__name__, ipevent) self.notifyListeners(evt) currentIp = None