Windows batch file to insert a blank line / remove single lines - nmap output

Question

I'm trying to clean up nmap results and get a cleaner/easier to work with file, that has just the data I need - basically, IP and open ports.

(no need to integrate it into a solution, I can get them to work together)

This line cleans up the initial output:

findstr "Nmap open"|findstr /v "no-response"

It keeps lines with the txt Nmap, and the ports that are open. It then removes the lines that include "no-response" (that also have "Nmap" in them)

Here is resultant output:

Nmap scan report for 1.1.1.1
21/tcp   open  
22/tcp   open  
80/tcp   open   
Nmap scan report for 1.1.1.2
Nmap scan report for 1.1.1.3
22/tcp  open     
Nmap scan report for 1.1.1.4
80/tcp  open     
443/tcp open     
Nmap scan report for 1.1.1.5
80/tcp    open     
554/tcp   open

I'd like that output to include blank lines, and omit lines with no subsequent open ports, i.e.:

Nmap scan report for 1.1.1.1
21/tcp   open  
22/tcp   open  
80/tcp   open   

Nmap scan report for 1.1.1.3
22/tcp  open     

Nmap scan report for 1.1.1.4
80/tcp  open     
443/tcp open 

Nmap scan report for 1.1.1.5 
80/tcp    open     
554/tcp   open

Not sure if that's doable -- seems like it should be...

I removed the solution from the question. If you do want to share the solution please post ist as an answer! — aschipfl, Dec 10 '19 at 22:33

aschipfl · Answer 1 · 2019-12-10T22:26:56.880

Although this question is too broad as it contains no attempt to solve the issue, I decided to provide a script that makes use of an undocumented findstr feature, namely to search beyond lines (see all the rem remarks in the code):

@echo off
setlocal EnableExtensions DisableDelayedExpansion

rem // Define constants here:
set "_FILE=%~1"         & rem // (path and name of input file; `%~1` is first argument)
set "_BEGIN=Nmap"       & rem // (expected beginning of lines; must not contain `=`, `"`)
set "_INCL=open"        & rem // (expected part of subsequent lines; must not contain `"`)
set "_EXCL=no-response" & rem // (part of subsequent lines to exclude; must not contain `"`)

rem // Gather carriage-return character:
for /F %%C in ('copy /Z "%~f0" nul') do set "$CR=%%C"
rem // Gather line-feed character:
(set ^"$LF=^
%= blank line =%
^")

rem // Reset flag variable that is used to not insert line-break before first match:
set "FLAG="
rem /* Loop through matching lines; the first `findstr` command excludes all lines that contain
rem    the predefined part; the second one uses the feature of `findstr` to match beyond lines
rem    when the search string contains line-breaks, although only the portion up to the (first)
rem    line-break is returned; hence the first search string ensures that there is at least one
rem    line with the prefedined part in between the lines with the predefined beginning; and
rem    the second search string matches the lines with the predefined parts in between: */
for /F "delims=" %%L in ('
    cmd /V /C findstr /V /R /C:" !_EXCL!\>" "!_FILE!" ^| ^
        cmd /V /C findstr /R /C:"^^!_BEGIN!  *..*!$CR!!$LF!..* * !_INCL!\>" /C:" !_INCL!\>"
') do (
    rem // Store current line string:
    set "LINE=%%L"
    rem // Toggle delayed expansion to avoid trouble with `!`:
    setlocal EnableDelayedExpansion
    rem // Check whether current line starts with predefined beginning:
    if "!_BEGIN!!LINE:*%_BEGIN%=!"=="!LINE!" (
        rem // Line starts with predefined beginning, hence conditionally return line-break:
        if defined FLAG echo/
        rem // Output current line string:
        echo(!LINE!
        endlocal
        rem // Set flag to insert line-breaks before further matches:
        set "FLAG=#"
    ) else (
        rem // Line does not start with predefined beginning, so just output current line string:
        echo(!LINE!
        endlocal
    )
)

endlocal
exit /B

Given that the script is stored as prettify-nmap-log-file.bat use the following command line to process a certain input file (like log.nmap):

prettify-nmap-log-file.bat "log.nmap"

To write the result to another file (liek log.nmap.txt) use redirection:

prettify-nmap-log-file.bat "log.nmap" > "log.nmap.txt"

At first it didn't seem to work, then when I looked closer, I realized all lines don't always end with "open", there may be random text after it. In addition, it echoes to screen, and doesn't create a new file (which I left vague I see) - but it looks clean. It also hands end of file variations perfectly, it looks like. Nice! Going to play with it more - thanks! — Stumpy Jones, Dec 09 '19 at 22:42
Ok -- changed the variable from END to INCL, and removed the two $'s associated with the variable in the relevant line -- cmd /V /C findstr /R /C:"^^!_BEGIN! *..*!$CR!!$LF!..* * !_INCL! *" /C:" !_INCL! *" -- Echoes the lines as long as they include "open" -- perfect. — Stumpy Jones, Dec 09 '19 at 22:56
Alright, I implemented that change in the script now in order to reflect your needs... — aschipfl, Dec 10 '19 at 22:29

Compo · Accepted Answer · 2019-12-10T17:04:30.367

0

Give this batch-file a try, after modifying only the doublequoted path to your text file, on line 5:

@(Set LF=^
% 0x0A %
)
@For /F %%# In ('Copy /Z "%~f0" NUL')Do @Set "CR=%%#"
@Call :Sub "%UserProfile%\Desktop\dummy.txt"
@GoTo :EOF
:Sub
@Set "#=#"
@(For /F Delims^=^ EOL^= %%# In ('^""%__AppDir__%cmd.exe"/V/U/D/C""%%__AppDir__%%findstr.exe"/I "^^^^Nmap ^^^^[0-9]*/.*open\^^^>" "%~1"|"%%__AppDir__%%findstr.exe"/IV "^^^^Nmap.*!CR!!LF!Nmap.*"|"%%__AppDir__%%findstr.exe"/IV "^^^^[0-9N].*!CR!!LF![^^^^\ ]""^"')Do @Echo("%%#"|"%__AppDir__%findstr.exe"/I "^.N">NUL&&(If Not Defined # (Echo(&Echo(%%#)Else Echo(%%#&Set "#=")||Echo(%%#)>"%~dpn1_filtered%~x1"

The last line looks extremely long because I have included the full paths to files which should normally be available using the %PATH% and %PATHEXT% variables. This simply prevents it failing should something have happened to those important variables.

edited Dec 10 '19 at 17:04

answered Dec 09 '19 at 15:36

Compo

36,585
5
27
39

Thanks very much -- the script looks perfect. I tested it, and it worked perfectly except for one important issue -- it's dropping the last line with an open port, so, for instance: "Nmap scan result
22/tcp", becomes just "Nmap scan result". Running some additional tests.... – Stumpy Jones Dec 09 '19 at 22:07
ok -- if it ends with an additional "nmap scan result....", works fine. I'll see if I can work it out, or just add "nmap" at the end of every file ;-) (elegant, right?) j/k! Thanks for your work on this. – Stumpy Jones Dec 09 '19 at 22:17
I'm sorry, it didn't when I checked it earlier today with a couple of examples based upon what you posted. I had to take best guesses, because I don't own a PC, I've never used `Nmap`, and I wasn't really working with accurate example files. – Compo Dec 09 '19 at 23:35
Since it's a plain text file, no nmap experience required. I tested on the exact sample file required, and it worked great. I removed the last line of the exact sample file provided, and it exhibited the same issue: if the last 2 lines are Nmap scan report & 22/tcp open, then it drops the open port line with the sample included above. But hell, for writing it without a PC, pretty impressive. Thanks again. – Stumpy Jones Dec 09 '19 at 23:50
Thinking about what you said there, I'm inclined to think that when you removed the last line, you probably also removed the CRLF, _(i.e. new line)_, which may be causing an issue with the last line terminator for `findstr`. _After all, we're using CRLF, for determining our look ahead matches; (Windows uses CRLF as it's line termintors)._ – Compo Dec 10 '19 at 01:47
I took the nmap file, ran the "findstr "Nmap open"|findstr /v "no-response" command, and ran your batch, and it still exhibits the issue, so I'm doubtful it's something I introduced, but a result of how nmap generates the file. I tested also by manually deleting the lines from the original nmap file to ensure no CRLF was deleted, and reviewed an untouched file as well. There's simply not an extra/additional one, so the final line is getting stripped. No worries, I can account for that and adjust. – Stumpy Jones Dec 10 '19 at 16:14
Interesting: I looped all the relevant files through a echo.>>file, to add a blank line at the end -- same issue. I manually added a couple CRLF: same issue. I added just "Nmap" to a line at the end -- works, no lines are omitted. – Stumpy Jones Dec 10 '19 at 16:25
@StumpyJones, I have modified the code, to see if it fixes your issue, and thank you for accepting my solution. – Compo Dec 10 '19 at 17:05

Windows batch file to insert a blank line / remove single lines - nmap output

2 Answers2