IP = 192.168.30.136
Cname = WKBX0010B-A
Port = 135
Service = DCE endpoint resolution
Banner =
IP = 192.168.30.136
Cname = WKBX0010B-A
Port = 80
Service = World Wide Web HTTP
Banner = HTTP/1.1 200 OK..Server: Microsoft-IIS/5.0..Date: Thu, 14 Mar 2002 14:37:54 GMT..Connection: Keep-Alive..Content-Length: 1270..
IP = 192.168.30.136
Cname = WKBX0010B-A
Port = 139
Service = NETBIOS Session Service
Banner =
####
+--------------+----------------+----------+---------+--------+
| ip | svr_name | port | service | banner |
+--------------+----------------+----------+---------+--------+
| 192.168.30.136 | WKBX0010B-A | 135 | DCE endpoint resolution | NULL |
| 192.168.30.136 | WKBX0010B-A | 80 | World Wide Web HTTP | HTTP/1.1 200 OK..Server: Microsoft-IIS/5.0..Date: Thu, 14 Mar 2002 14:37:54 GMT..Connection: Keep-Alive..Content-Length: 1270.. |
| 192.168.30.136 | WKBX001B-A | 139 | NETBIOS Session Service | NULL |
+--------------+----------------+----------+---------+--------+
####
#!/usr/bin/perl -w
use DBI;
use strict;
my $infile = './portscan2.txt';
my %data;
my ($ip,$port);
open INFILE, "$infile" or die "Can't open $infile: $!\n";
while (){
if (/(\d+\.\d+\.\d+\.\d+)\s+(\S+)/) {
$ip = $1;
$data{$ip}{cname} = $2;
next;
}
if(m/^\s{1}\|___\s+(\d+)\s\s(.*)/){
$port = $1;
$data{$ip}{ports}{$port}{service} = $2;
$data{$ip}{ports}{$port}{banner} = '';
next;
}
if(m/^\t\s{1}\|___\s+(.*)/){
$data{$ip}{ports}{$port}{banner} = $1;
next;
}
}
my ($sth,$i,$j);
### Enable error checking
my %attr = (
PrintError => 0,
RaiseError => 1,
);
### Connect to database
my $dbh = DBI->connect("DBI:mysql:audit", 'username', 'pass', \%attr);
for $i (keys %data) {
for $j (keys %{$data{$i}{ports}}) {
$i = $dbh->do("insert into Supersearch set ip='$i',svr_name='$data{$i}{cname}',port='$j',service='$data{$i}{ports}{$j}{service}',banner='$
data{$i}{ports}{$j}{banner}'");
}
}
### Disconnect from db
$dbh->disconnect;
exit;