Nmap scan report for 58.247.129.154 Host is up (0.10s latency). Not shown: 86 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 23/tcp open telnet 25/tcp filtered smtp 80/tcp filtered http 110/tcp filtered pop3 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 443/tcp filtered https 445/tcp filtered microsoft-ds 3128/tcp filtered squid-http 3389/tcp filtered ms-wbt-server 5800/tcp filtered vnc-http 5900/tcp filtered vnc
Nmap scan report for 119.6.85.71 Host is up (0.096s latency). Not shown: 89 closed ports PORT STATE SERVICE 22/tcp open ssh
23/tcp open telnet 80/tcp open http 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 443/tcp open https 445/tcp filtered microsoft-ds 3128/tcp filtered squid-http 3389/tcp filtered ms-wbt-server 5800/tcp filtered vnc-http 5900/tcp filtered vnc Device type: WAP Running: Cisco IOS 12.X OS CPE: cpe:/h:cisco:aironet_ap1250 cpe:/o:cisco:ios:12.4 OS details: Cisco Aironet 1250 WAP (IOS 12.4) Network Distance: 12 hops
关于以上的文本,想匹配出每一个 IP 的信息,然后找出开放端口的情况,存在一个数组里面,最后想要匹配出来的形式如下
[ [119.6.85.71],[[21],[22],[23]]] , [119.6.85.71], [ [22],[23],[80],[443] ] ]
自己使用 2 次 scan 配合 reg 实现了这种形式。
flog = File.new("temp.txt")
log = IO.read(flog).force_encoding("gb2312")
reg = /(\d+\.\d+\.\d+\.\d+)(.*?)(?=\d+\.\d+\.\d+\.\d+|\z)/im
reg_port = /(\d+)\/(tcp|udp)\s+open\s+(\w+)/i
format_logs = []
log.scan(reg).each { |ip_log|
ip_log[1].scan(reg_port).each { |port|
p port
}
}
但觉得 2 次 scan,reg 的效率太低了,有一次 scan,然后书写一个 reg 实现吗?