Kaseya Community

NMAP scan and report for Windows machines

  • I put some NMAP network scan scripts together a while ago and felt it would be helpful to add to the forum.

    http://files.kaseya.com/sftp/nmap.zip

    Grab the zip and open the TXT file it contains. Copy all the text it contains then run an Import Folder operation on it (click My Scripts or Public scripts, you'll see it on the right). Paste in the text and click Import -- I've found this to be more reliable than a direct import.

    Just run either nmap script on any agent, then check the agent's Documents tab for the results as an HTML report, sample from my home LAN here:

    http://files.kaseya.com/sftp/nmap_report.html

    Feel free to post any suggested fixes and tweaks... my day job is being a Sales Engineer for Kaseya, not script writer -- I do that stuff mainly after hours and only post on the forum when I can spare the time Smile

    These scripts only work for Windows for now.... Getting them to work on OS X won't be difficult, it's just a matter of finding the time for it.

    Ben

    Legacy Forum Name: NMAP scan and report for Windows machines,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • U Are The Man!

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TITaN
  • VERY cool.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: LANWorx
  • Not bad... I like it when K employees get involved!

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: boudj
  • OK... just downloaded and ran the script. In the Else statement of the script "Network Scan - FAST NMAP scan of Agent Subnet" I fail on step 3. When I edit the script I see that step 3 & 4 of the else statement are write files that it is looking for (step 3 days ERROR: msxsl.exe is no longer on the server; step 4 says "ERROR: nmap.xsl is no longer on the server"

    Where should I get these files from?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: boudj
  • boudj
    OK... just downloaded and ran the script. In the Else statement of the script "Network Scan - FAST NMAP scan of Agent Subnet" I fail on step 3. When I edit the script I see that step 3 & 4 of the else statement are write files that it is looking for (step 3 days ERROR: msxsl.exe is no longer on the server; step 4 says "ERROR: nmap.xsl is no longer on the server"

    Where should I get these files from?


    Download the script zip file again, I've modified it to send down the files from our webserver with Get URL. Write File is there as well and they're set to Continue on Fail -- it adds some redundancy but it was a quick fix and allows you to run them without placing source files on your Kserver.

    If you'd just like to download nmap.xsl and msxsl.exe directly and put them in your VSASharedFiles folder, http://files.kaseya.com/sftp/nmap/nmapfiles.zip contain what you need.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Thank you!

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: CeruleanBlue
  • would anyone know if we could run nmap in this script but instead of it scanning the internal lan make it scan the gateway?

    It would be nice to just run a script and see what ports the router has open.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: VNET
  • VNET
    would anyone know if we could run nmap in this script but instead of it scanning the internal lan make it scan the gateway?

    It would be nice to just run a script and see what ports the router has open.

    [INDENT]
    NMAP - Detailed Default Gateway Scan
    NMAP - Detailed Connection Gateway Scan
    NMAP - Simple Subnet Scan
    NMAP - Detailed Subnet Scan
    NMAP - Prevent Vista Interactive Notification
    NMAP - Simple Connection Gateway Scan
    NMAP - Simple Default Gateway Scan[/INDENT]

    Download the nmap.zip file again and import it -- these are all part of it now for scanning either the local connection gateway or the detected internet connection gateway.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com
  • Pure Solid Gold !

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: XeviouS
  • unbelievable! thanks so much this is freaking SWEET!

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: TITaN
  • Thank you for your time and effort in building these great scripts!


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: nevesis
  • You rock! I was looking for something like this but this is even better, thanks a lot.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: lantrust
  • Very cool!

    1.) random variable doesn't seem to work in detailed scans, changed it to just rand and it worked fine (no clue).

    2.) Had a old version of winpcap installed on test workstation. Script left the uninstall box up, finished uninstall manually and when ran again it worked fine.

    3.) For people with spaces in their temp path you can fix the script by adding quotes in a few places ex: Simple Default Gateway Scan:

    Step 3: -sS -F #vmachine.defaultgateway# -oX "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast.xml"

    Step 4: -sS -F #vmachine.defaultgateway# -oX "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast.xml"

    Step 7: "#vAgentConfiguration.AgentTempDir#\msxsl.exe" "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast.xml" "#vAgentConfiguration.AgentTempDir#\nmap.xsl" -o "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast-#rand#.htm"

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: jeremyj
  • jeremyj
    Very cool!

    1.) random variable doesn't seem to work in detailed scans, changed it to just rand and it worked fine (no clue).

    2.) Had a old version of winpcap installed on test workstation. Script left the uninstall box up, finished uninstall manually and when ran again it worked fine.

    3.) For people with spaces in their temp path you can fix the script by adding quotes in a few places ex: Simple Default Gateway Scan:

    Step 3: -sS -F #vmachine.defaultgateway# -oX "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast.xml"

    Step 4: -sS -F #vmachine.defaultgateway# -oX "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast.xml"

    Step 7: "#vAgentConfiguration.AgentTempDir#\msxsl.exe" "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast.xml" "#vAgentConfiguration.AgentTempDir#\nmap.xsl" -o "#vAgentConfiguration.AgentTempDir#\nmap-results-default-gateway-fast-#rand#.htm"


    Nice catches, Jeremy! I will update everything accordingly.

    About having old Winpcap... not sure what I want to do about that one, exactly. I guess I'd have to go grab an old version and put together a silent uninstall script for it, or perhaps update my IF checks to try to allow NMAP to use the older version without updating it.

    What version was it you had?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Benjamin.Lavalley@kaseya.com