论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2009-11-24 09:46 |只看该作者 |倒序浏览

在使用 nmap 扫描时，得到如下结果：
结果1：
Interesting ports on 172.22.43.23:
PORT STATE SERVICE
22/tcp open  ssh

Interesting ports on 172.22.43.24:
PORT STATE SERVICE
22/tcp open  ssh

Interesting ports on 172.22.43.25:
PORT STATE SERVICE
22/tcp open  ssh

Interesting ports on 172.22.43.250:
PORT STATE SERVICE
22/tcp filtered ssh

Interesting ports on 172.22.43.251:
PORT STATE SERVICE
22/tcp open  ssh

Nmap run completed -- 256 IP addresses (17 hosts up) scanned in 2.375 seconds

要求：如果扫描 22 端口为 open 则打印所扫IP地址 (如：172.22.43.251 的 22/tcp 为 open 则打印这个 IP )

扫描结果2：
Interesting ports on 172.22.43.251:
PORT    STATE  SERVICE
5911/tcp closed unknown
5912/tcp closed unknown
5913/tcp closed unknown
5914/tcp closed unknown
5915/tcp closed unknown
5916/tcp closed unknown
5917/tcp closed unknown
5918/tcp closed unknown
5919/tcp closed unknown
5920/tcp closed unknown

Interesting ports on 172.22.43.252:
PORT    STATE  SERVICE
5911/tcp closed unknown
5912/tcp closed unknown
5913/tcp closed unknown
5914/tcp closed unknown
5915/tcp closed unknown
5916/tcp closed unknown
5917/tcp closed unknown
5918/tcp closed unknown
5919/tcp closed unknown
5920/tcp closed unknown

Interesting ports on 172.22.43.254:
PORT    STATE  SERVICE
5911/tcp closed unknown
5912/tcp open unknown
5913/tcp closed unknown
5914/tcp closed unknown
5915/tcp closed unknown
5916/tcp closed unknown
5917/tcp closed unknown
5918/tcp closed unknown
5919/tcp closed unknown
5920/tcp closed unknown

Nmap run completed -- 256 IP addresses (17 hosts up) scanned in 3.446 seconds

我在扫描 5911-5920 这10个端口时只要有一个端口为open，就打印这个IP地址 (如：172.22.43.254 的 5912/tcp 端口为 open的，就打印 172.22.43.254 这个IP)

不清楚这个 awk 应怎么写，求助!

文库|博客

sunbw001

家境小康

论坛徽章:: 0

2楼 [报告]

发表于 2009-11-24 10:10 |只看该作者

问题1:

awk 'BEGIN{RS="Interesting ports on";FS="\n";OFS="\n"}{for(j=1;j<=NF;j++){if($j~/open/){print $1;break}}}' data.txt

同意适合问题2

[ 本帖最后由 sunbw001 于 2009-11-24 10:11 编辑 ]