python-nmap : nmap from python
About
python-nmap is a python library which helps in using nmap port scanner. It allows to easilly manipulate nmap scan results and will be a perfect tool for systems administrators who want to automatize scanning task and reports. It also supports nmap script outputs.
It can even be used asynchronously. Results are returned one host at a time to a callback function defined by the user.
Download latest
python-nmap-0.7.1.tar.gz - 2021-10-26
md5sum : 1a97c59260678a2fa186e4d99f3ecb75
Download development version
Get source from the code repository.
git clone git@bitbucket.org:xael/python-nmap.git
Bug report : http://bitbucket.org/xael/python-nmap/issues
Installation
Install from PIP
Installing python-nmap is just as simple as :
pip install python-nmap
Manual installation
From the shell, uncompress python-nmap-0.4.0.tar.gz and then run make:
tar xvzf python-nmap-0.7.1.tar.gz
cd python-nmap-0.7.1
python setup.py install
Now you may invoke nmap from python:
$ python
Python 2.6.4 (r264:75706, Dec 7 2009, 18:45:15)
[GCC 4.4.1] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import nmap
Usage
From python :
>>> import nmap
>>> nm = nmap.PortScanner()
>>> nm.scan('127.0.0.1', '22-443')
>>> nm.command_line()
'nmap -oX - -p 22-443 -sV 127.0.0.1'
>>> nm.scaninfo()
{'tcp': {'services': '22-443', 'method': 'connect'}}
>>> nm.all_hosts()
['127.0.0.1']
>>> nm['127.0.0.1'].hostname()
'localhost'
>>> nm['127.0.0.1'].state()
'up'
>>> nm['127.0.0.1'].all_protocols()
['tcp']
>>> nm['127.0.0.1']['tcp'].keys()
[80, 25, 443, 22, 111]
>>> nm['127.0.0.1'].has_tcp(22)
True
>>> nm['127.0.0.1'].has_tcp(23)
False
>>> nm['127.0.0.1']['tcp'][22]
{'state': 'open', 'reason': 'syn-ack', 'name': 'ssh'}
>>> nm['127.0.0.1'].tcp(22)
{'state': 'open', 'reason': 'syn-ack', 'name': 'ssh'}
>>> nm['127.0.0.1']['tcp'][22]['state']
'open'
>>> for host in nm.all_hosts():
>>> print('----------------------------------------------------')
>>> print('Host : %s (%s)' % (host, nm[host].hostname()))
>>> print('State : %s' % nm[host].state())
>>> for proto in nm[host].all_protocols():
>>> print('----------')
>>> print('Protocol : %s' % proto)
>>>
>>> lport = nm[host][proto].keys()
>>> lport.sort()
>>> for port in lport:
>>> print ('port : %s\tstate : %s' % (port, nm[host][proto][port]['state']))
----------------------------------------------------
Host : 127.0.0.1 (localhost)
State : up
----------
Protocol : tcp
port : 22 state : open
port : 25 state : open
port : 80 state : open
port : 111 state : open
port : 443 state : open
>>> print(nm.csv())
host;protocol;port;name;state;product;extrainfo;reason;version;conf
127.0.0.1;tcp;22;ssh;open;OpenSSH;protocol 2.0;syn-ack;5.9p1 Debian 5ubuntu1;10
127.0.0.1;tcp;25;smtp;open;Exim smtpd;;syn-ack;4.76;10
127.0.0.1;tcp;53;domain;open;dnsmasq;;syn-ack;2.59;10
127.0.0.1;tcp;80;http;open;Apache httpd;(Ubuntu);syn-ack;2.2.22;10
127.0.0.1;tcp;111;rpcbind;open;;;syn-ack;;10
127.0.0.1;tcp;139;netbios-ssn;open;Samba smbd;workgroup: WORKGROUP;syn-ack;3.X;10
127.0.0.1;tcp;443;;open;;;syn-ack;;
>>> nm.scan(hosts='192.168.1.0/24', arguments='-n -sP -PE -PA21,23,80,3389')
>>> hosts_list = [(x, nm[x]['status']['state']) for x in nm.all_hosts()]
>>> for host, status in hosts_list:
>>> print('{0}:{1}'.host)
192.168.1.0:down
192.168.1.1:up
192.168.1.10:down
192.168.1.100:down
192.168.1.101:down
192.168.1.102:down
192.168.1.103:down
192.168.1.104:down
192.168.1.105:down
[...]
>>> nma = nmap.PortScannerAsync()
>>> def callback_result(host, scan_result):
>>> print '------------------'
>>> print host, scan_result
>>>
>>> nma.scan(hosts='192.168.1.0/30', arguments='-sP', callback=callback_result)
>>> while nma.still_scanning():
>>> print("Waiting >>>")
>>> nma.wait(2) # you can do whatever you want but I choose to wait after the end of the scan
>>>
192.168.1.1 {'nmap': {'scanstats': {'uphosts': '1', 'timestr': 'Mon Jun 7 11:31:11 2010', 'downhosts': '0', 'totalhosts': '1', 'elapsed': '0.43'}, 'scaninfo': {}, 'command_line': 'nmap -oX - -sP 192.168.1.1'}, 'scan': {'192.168.1.1': {'status': {'state': 'up', 'reason': 'arp-response'}, 'hostname': 'neufbox'}}}
------------------
192.168.1.2 {'nmap': {'scanstats': {'uphosts': '0', 'timestr': 'Mon Jun 7 11:31:11 2010', 'downhosts': '1', 'totalhosts': '1', 'elapsed': '0.29'}, 'scaninfo': {}, 'command_line': 'nmap -oX - -sP 192.168.1.2'}, 'scan': {'192.168.1.2': {'status': {'state': 'down', 'reason': 'no-response'}, 'hostname': ''}}}
------------------
192.168.1.3 {'nmap': {'scanstats': {'uphosts': '0', 'timestr': 'Mon Jun 7 11:31:11 2010', 'downhosts': '1', 'totalhosts': '1', 'elapsed': '0.29'}, 'scaninfo': {}, 'command_line': 'nmap -oX - -sP 192.168.1.3'}, 'scan': {'192.168.1.3': {'status': {'state': 'down', 'reason': 'no-response'}, 'hostname': ''}}}
>>> nm = nmap.PortScannerYield()
>>> for progressive_result in nm.scan('127.0.0.1/24', '22-25'):
>>> print(progressive\_result)
>>> nm = nmap.PortScanner()
>>> nm.scan('127.0.0.1', '22-40043', timeout=10)
PortScannerTimeout: 'Timeout from nmap process'
See also example.py
in archive file.
Contributors
- Steve ‘Ashcrow’ Milner
- Brian Bustin
- old.schepperhand
- Johan Lundberg
- Thomas D. maaaaz
- Robert Bost
- David Peltier
- Ed Jones
License
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.