NMAP速查表

带上你的千军万马,即使最后难免孤军奋战。

功能

端口扫描:扫描开放的端口并且识别运行服务

主机探测:Nmap可査找目标网络中的在线主机。默认情况下,Nmap通过4种方式—— ICMP echo请求(ping)、向443端口发送TCP SYN 包、向80端口发送TCP ACK包和ICMP 时间戳请求——发现目标主机。

服务/版本检测:在发现开放端口后,Nmap可进一步检查目标主机的检测服务协议、应用 程序名称、版本号等信息。

操作系统检测:Nmap 向远程主机发送一系列数据包,并能够将远程主机的响应与操作系统 指纹数据库进行比较。如果发现了匹配结果,它就会显示匹配的操作系统。它确实可能无法 识别目标主机的操作系统;在这种情况下,如果您知道目标系统上使用的何种操作系统,可 在它提供的 URL 里提交有关信息,更新它的操作系统指纹数据库。

网络路由跟踪:它通过多种协议访问目标主机的不同端口,以尽可能访问目标主机。Nmap 路由跟踪功能从TTL的高值开始测试,逐步递减TTL,直到它到零为止。

Nmap脚本引擎:这个功能扩充了Nmap的用途。如果您要使用Nmap实现它(在默认情况 下)没有的检测功能,可利用它的脚本引擎手写一个检测脚本。目前,Nmap可检査网络服务 的漏洞,还可以枚举目标系统的资源。

常用功能

直接扫描

nmap 192.168.31.13

获取开放端口与运行服务

检测指定端口

nmap -p 8080 192.168.31.13

检测8080端口是否开放

-p端口范围:只扫描指定的端口。扫描1〜1024号端口,可设定该选项为–p 1-1024。扫描1 〜65535端口时,可使用-p-选项。

扫描网段

nmap  -p 22,21,80 192.168.31.1-253

识别运行服务

服务版本识别(-sV),Nmap可以在进行端口扫描的时候检测服务端软件的版本信息。版本信息将使后续的漏 洞识别工作更有针对性。

nmap -sV 192.168.31.13 -p 8080

识别操作系统

操作系统检测(-O),Nmap还能识别目标主机的操作系统。

nmap -O 192.168.31.13

强力优化检测

强力检测选项(-A),启用-A选项之后,Nmap将检测目标主机的下述信息
服务版本识别(-sV);
操作系统识别(-O);
脚本扫描(-sC);
Traceroute(–traceroute)

nmap -A 192.168.31.13

禁用主机检测

禁用主机检测(-Pn),如果主机屏蔽了ping请求,Nmap可能会认为该主机没有开机。这将使得Nmap无法进行进一 步检测,比如端口扫描、服务版本识别和操作系统识别等探测工作。为了克服这一问题,就 需要禁用Nmap的主机检测功能。在指定这个选项之后,Nmap会认为目标主机已经开机并会 进行全套的检测工作

nmap -Pn -A 192.168.31.13

常用片段

nmap -sP 192.168.0.0/24   判断哪些主机存活
nmap -sT 192.168.0.3   开放了哪些端口
nmap -sS 192.168.0.127 开放了哪些端口(隐蔽扫描)
nmap -sU 192.168.0.127 开放了哪些端口(UDP)
nmap -sS -O  192.168.0.127 操作系统识别

输出选项

Nmap可以把扫描结果保存为外部文件。在需要使用其他工具处理Nmap的扫描结果时,这一 功能十分有用。即使您设定程序把扫描结果保存为文件,Nmap还是会在屏幕上显示扫描结果。

Nmap支持以下几种输出形式。

正常输出(-oN):不显示runtime信息和警告信息。

XML    文件(-oX):生成的    XML    格式文件可以转换成    HTML    格式文件,还可被Nmap    的图 形用户界面解析,也便于导入数据库。本文建议您尽量将扫描结果输出为XML文件。

生成便于Grep使用的文件(-oG):虽然这种文件格式已经过时,但仍然很受欢迎。这种格 式的文件,其内容由注释(由#开始)和信息行组成。信息行包含6个字段,每个字段的字段 名称和字段值以冒号分割,字段之间使用制表符隔开。这些字段的名称分别为Host、Ports、Protocols、Ignored State、OS、Seq Index、IP ID    Seq    和Status。这种格式的文件便于 grep或awk之类的UNIX指令整理扫描结果。

输出至所有格式(-oA)利用-oA<basename>选项 可将扫描结果以标准格式、XML格式和Grep格式一次性输出。分别存放在 <basename>.nmap,<basename>.xml和 <basename>.gnmap文件中。也可以在文件名前 指定目录名,如在UNIX中,使用~/nmaplogs/foocorp/, 在Window中,使用c:\hacking\sco on Windows。

为使用方便,利用-oA选项 可将扫描结果以标准格式、XML格式和Grep格式一次性输出。分别存放在.nmap,.xml和.gnmap文件中。

时间排程控制选项

Nmap可通过-T选项指定时间排程控制的模式。它有6种扫描模式。

paranoid(0):每5分钟发送一次数据包,且不会以并行方式同时发送多组数据。这种模式 的扫描不会被IDS检测到。

sneaky(1):每隔15秒发送一个数据包,且不会以并行方式同时发送多组数据。

polite(2):每0.4    秒发送一个数据包,且不会以并行方式同时发送多组数据。

normal(3):此模式同时向多个目标发送多个数据包,为    Nmap    默认的模式,该模式能自 动在扫描时间和网络负载之间进行平衡。

aggressive(4):在这种模式下,Nmap    对每个既定的主机只扫描5    分钟,然后扫描下一 台主机。它等待响应的时间不超过1.25秒。

insane(5):在这种模式下,Nmap    对每个既定的主机仅扫描75    秒,然后扫描下一台主 机。它等待响应的时间不超过0.3秒。

默认的扫描模式通常都没有问题。除非您想要进行更隐匿或更快速的扫 描,否则没有必要调整这一选项。

脚本引擎功能(Nmap Scripting Engine,NSE)

Nmap本身已经很强大了,但是加上它的脚本引擎更加开挂了,NSE 可使用户的各种网络检査工作更为自动化,有助于识别应 用程序中新发现的漏洞、检测程序版本等Nmap原本不具有的功能。虽然Nmap软件包具有各 种功能的脚本,但是为了满足用户的特定需求,它还支持用户撰写自定义脚本。

auth:此类脚本使用暴力破解等技术找出目标系统上的认证信息。

default:启用--sC    或者-A    选项时运行此类脚本。这类脚本同时具有下述特点:执行速度快;输出的信息有指导下一步操作的价值;输出信息内容丰富、形式简洁;必须可靠;不会侵入目标系统;能泄露信息给第三方。

discovery:该类脚本用于探索网络。

dos:该类脚本可能使目标系统拒绝服务,请谨慎使用。

exploit:该类脚本利用目标系统的安全漏洞。在运行这类脚本之前,渗透测试人员需要获取 被测单位的行动许可。

external:该类脚本可能泄露信息给第三方。

fuzzer:该类脚本用于对目标系统进行模糊测试。

instrusive:该类脚本可能导致目标系统崩溃,或耗尽目标系统的所有资源。

malware:该类脚本检査目标系统上是否存在恶意软件或后门。

safe:该类脚本不会导致目标服务崩溃、拒绝服务且不利用漏洞。

version:配合版本检测选项(-sV),这类脚本对目标系统的服务程序进行深入的版本检 测。

vuln:该类脚本可检测检査目标系统上的安全漏洞。
在Kali    Linux系统中,Nmap脚本位于目录/usr/share/nmap/scripts。

-sC    或--script=default:启动默认类NSE    脚本。

--script    <filename>|<category>|<directories>:根据指定的文件名、类别名、目录名,执行 相应的脚本。

--script-args    <args>:这个选项用于给脚本指定参数。例如,在使用认证类脚本时,可通过 这个选项指定用户名和密码

使用方法:

nmap --script http-enum,http-headers,http-methods,http-php-version    -p    80 192.168.56.103

增强版漏洞扫描

上提供的脚本虽然强啊,但是数量相对较少,于是乎我们来隆重推荐一下Vulscan,它是Nmap的一个漏洞扫描增强模块,通过它可以把Nmap打造成一款实用高效免费的漏洞扫描器。Vulscan目前包含了CVE、OSVDB、Exploit-db、openvas等多个漏洞平台指纹数据,具备离线扫描功能,对主机系统漏洞有很好的探测识别效果。

安装

通过其程序Github官网压缩包下载,解压后把其中的文件释放到以下Nmap文件夹内:

Nmap\scripts\vulscan\*

使用1

如下命令对目标主机开始扫描:

nmap -sV –script=vulscan/vulscan.nse www.example.com

该-sV是绝对必要的。使用-sV,我们告诉Nmap探测版本信息的目标地址。如果Nmap不生成版本信息,nmap-vulners将不会有任何数据来查询Vulners数据库。使用这些NSE脚本时始终使用-sV

我们可以像nmap-vulners一样使用vulscan NSE脚本:

nmap --script vulscan -sV <目标IP>

默认情况下,vulscan会一次查询所有前面提到的数据库!正如我们在上面的图片中看到的那样,消化的信息量非常大。这比我们需要的信息要多得多。我强烈建议一次只查询一个数据库。我们可以通过将vulscandb参数添加到我们的Nmap命令并指定数据库来实现此目的,如下面的示例所示。

nmap --script vulscan --script-args vulscandb = database_name -sV <目标IP>
nmap --script vulscan --script-args vulscandb = scipvuldb.csv -sV <目标IP>
nmap --script vulscan --script-args vulscandb = exploitdb.csv -sV <目标IP>
nmap --script vulscan --script-args vulscandb = securitytracker.csv -sV <目标IP>

使用2

合并为一个命令,NSE脚本作为安全扫描器显着提高了Nmap的多功能性,范围。为了充分利用Nmap的版本扫描,我们可以在一个命令中使用nmap-vulners和vulscan。要执行此操作,请在终端中输入以下命令。

nmap --script nmap-vulners,vulscan --script-args vulscandb = scipvuldb.csv -sV <目标IP>

漏洞库数据

scipvuldb.csv – https://vuldb.com

cve.csv – http://cve.mitre.org

osvdb.csv – http://www.osvdb.org

securityfocus.csv – http://www.securityfocus.com/bid/

securitytracker.csv – http://www.securitytracker.com

xforce.csv – http://xforce.iss.net

expliotdb.csv – http://www.exploit-db.com

openvas.csv – http://www.openvas.org

单个漏洞库使用命令

--script-args vulscandb=your_own_database

漏洞库升级

需要在官网下载或通过以下链接手动下载数据库文件到/vulscan/目录中保持数据更新:

http://www.computec.ch/projekte/vulscan/download/cve.csv

http://www.computec.ch/projekte/vulscan/download/exploitdb.csv

http://www.computec.ch/projekte/vulscan/download/openvas.csv

http://www.computec.ch/projekte/vulscan/download/osvdb.csv

http://www.computec.ch/projekte/vulscan/download/scipvuldb.csv

http://www.computec.ch/projekte/vulscan/download/securityfocus.csv

http://www.computec.ch/projekte/vulscan/download/securitytracker.csv

http://www.computec.ch/projekte/vulscan/download/xforce.csv

##版本检测功能

版本检测功能在于对软件版本和漏洞数据库的具体信息进行探测,关闭该功能可能会导致误报,减少漏报提高运行效率,你可以使用以下命令把该功能关闭:

--script-args vulscanversiondetection=0

优先匹配功能

该功能在于对漏洞检测进行最优匹配扫描,可能会引起误报,但有利于对漏洞进行全面识别,使用以下命令开启该功能:

--script-args vulscanshowall=1

交互模式

该功能可以涵盖所有端口的检测结果,使用以下命令开启该功能:

--script-args vulscaninteractive=1

规避检测的选项

在渗透测试的工作中,目标主机通常处于防火墙或 IDS 系统的保护之中。在这种环境中使用 Nmap 的默认选项进行扫描,不仅会被发现,而且往往一无所获。此时,我们就要使用Nmap 规避检测的有关选项。

-f(使用小数据包):这个选项可避免对方识别出我们探测的数据包。指定这个选项之后, Nmap将使用8字节甚至更小数据体的数据包。

--mtu:这个选项用来调整数据包的包大小。MTU(Maximum    Transmission    Unit,最大传输 单元)必须是8的整数倍,否则Nmap将报错。

-D(诱饵):这个选项应指定假    IP,即诱饵的    IP。启用这个选项之后,Nmap    在发送侦测 数据包的时候会掺杂一些源地址是假IP(诱饵)的数据包。这种功能意在以藏木于林的方法 掩盖本机的真实    IP。也就是说,对方的log还会记录下本机的真实IP。您可使用RND生成随机 的假IP地址,或者用RND:number的参数生成<number>个假IP地址。您所指定的诱饵主机 应当在线,否则很容易击溃目标主机。另外,使用了过多的诱饵可能造成网络拥堵。尤其是 在扫描客户的网络的时候,您应当极力避免上述情况。
Kali    Linux    渗透测试的艺术(中文版)
151第 6章    服务枚举
--source-port    <portnumber>或-g(模拟源端口):如果防火墙只允许某些源端口的入站流 量,这个选项就非常有用。

--data-length:这个选项用于改变Nmap    发送数据包的默认数据长度,以避免被识别出来是 Nmap的扫描数据。

--max-parallelism:这个选项可限制Nmap    并发扫描的最大连接数。

--scan-delay    <time>:这个选项用于控制发送探测数据的时间间隔,以避免达到IDS/IPS端 口扫描规则的阈值。

TCP/UDP扫描

TCP扫描选项

​ 1.TCP连接扫描(-sT):指定这个选项后,程序将和目标主机的每个端口都进行完整的三次 握手。如果成功建立连接,则判定该端口是开放端口。由于在检测每个端口时都需要进行三 次握手,所以这种扫描方式比较慢,而且扫描行为很可能被目标主机记录下来。如果启动 Nmap的用户的权限不足,那么默认情况下Nmap程序将以这种模式进行扫描。

​ 2.SYN扫描(-sS):该选项也称为半开连接或者SYN stealth。采用该选项后,Nmap将使用 含有SYN标志位的数据包进行端口探测。如果目标主机回复了SYN/ACK包,则说明该端口处 于开放状态:如果回复的是RST/ACK包,则说明这个端口处于关闭状态;如果没有任何响应 或者发送了ICMP unreachable信息,则可认为这个端口被屏蔽了。SYN模式的扫描速度非常 好。而且由于这种模式不会进行三次握手,所以是一种十分隐蔽的扫描方式。如果启动Nmap 的用户有高级别权限,那么在默认情况下Nmap程序将以这种模式进行扫描。

​ 3.TCP NULL(-sN)、FIN(-sF)及XMAS(-sX)扫描:NULL 扫描不设置任何控制位; FIN扫描仅设置FIN标志位:XMAS扫描设置FIN、PSH和URG的标识位。如果目标主机返回 了含有RST标识位的响应数据,则说明该端口处于关闭状态;如果目标主机没有任何回应, 则该端口处于打开|过滤状态。

​ 4.TCP Maimon扫描(-sM):Uriel Maimon 首先发现了TCP Maimom扫描方式。这种模式的 探测数据包含有FIN/ACK标识。对于BSD衍生出来的各种操作系统来说,如果被测端口处于 开放状态,主机将会丢弃这种探测数据包;如果被测端口处于关闭状态,那么主机将会回复 RST。

​ 5.TCPACK扫描(-sA):这种扫描模式可以检测目标系统是否采用了数据包状态监测技术 (stateful)防火墙,并能确定哪些端口被防火墙屏蔽。这种类型的数据包只有一个ACK标识 位。如果目标主机的回复中含有RST标识,则说明目标主机没有被过滤。

​ 6.TCP窗口扫描(-sW):这种扫描方式检测目标返回的RST数据包的TCP窗口字段。如果目 标端口处于开放状态,这个字段的值将是正值;否则它的值应当是0。

​ 7.TCP Idle扫描(-sI):采用这种技术后,您将通过指定的僵尸主机发送扫描数据包。本机 并不与目标主机直接通信。如果对方网络里有IDS,IDS将认为发起扫描的主机是僵尸主机。

UDP扫描选项

Nmap有多种TCP扫描方式,而UDP扫描仅有一种扫描方式(-sU)。虽然UDP扫描结果没有 TCP扫描结果的可靠度高,但渗透测试人员不能因此而轻视UDP扫描,毕竟UDP端口代表着 可能会有价值的服务端程序。但是UDP扫描的最大问题是性能问题。由干Linux内核限制1秒内最多发送一次ICMP Port Unreachable信息。按照这个速度,对一台主机的65536个UDP端口进行完整扫描,总耗时必 定会超过18个小时。

优化方法主要是:

1.进行并发的UDP扫描;
2.优先扫描常用端口;
3.在防火墙后面扫描;
4.启用--host-timeout选项以跳过响应过慢的主机。
假如我们需要找到目标主机开放了哪些 UDP端口。为提高扫描速度,我们仅扫描 53端口 (DNS)和161端口(SNMP)。

可以使用命令nmap -sU 192.168.56.103 -p 53,161

Python-Nmap

安装:

pip3 install python-nmap

然后安装nmap并添加到环境变量

扫描单个开放端口获取服务

# coding:utf-8
import nmap
nm = nmap.PortScanner()
ip = '192.168.1.1'
# print(nm.scan(ip,'1-200'))
# res = nm.scaninfo()
# print(res)
# {'tcp': {'method': 'syn', 'services': '1-200'}}

# res1 = nm.scan(ip,'1-200')
# print(res1)
res = {'nmap': {'command_line': 'nmap -oX - -p 1-200 -sV 118.24.11.235', 'scaninfo': {'tcp': {'method': 'syn', 'services': '1-200'}}, 'scanstats': {'timestr': 'Mon Jul 22 23:35:13 2019', 'elapsed': '11.76', 'uphosts': '1', 'downhosts': '0', 'totalhosts': '1'}}, 'scan': {'118.24.11.235': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '118.24.11.235'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'echo-reply'}, 'tcp': {42: {'state': 'filtered', 'reason': 'no-response', 'name': 'nameserver', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'Apache httpd', 'version': '2.4.10', 'extrainfo': '(Win32) OpenSSL/0.9.8zb PHP/5.3.29', 'conf': '10', 'cpe': 'cpe:/a:apache:http_server:2.4.10'}, 135: {'state': 'filtered', 'reason': 'no-response', 'name': 'msrpc', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 136: {'state': 'filtered', 'reason': 'no-response', 'name': 'profile', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 137: {'state': 'filtered', 'reason': 'no-response', 'name': 'netbios-ns', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 138: {'state': 'filtered', 'reason': 'no-response', 'name': 'netbios-dgm', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 139: {'state': 'filtered', 'reason': 'no-response', 'name': 'netbios-ssn', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}}}}}
res = {'nmap': {'command_line': 'nmap -oX - -p 1-200 -sV 192.168.1.1', 'scaninfo': {'tcp': {'method': 'syn', 'services': '1-200'}}, 'scanstats': {'timestr': 'Mon Jul 22 23:52:37 2019', 'elapsed': '10.34', 'uphosts': '1', 'downhosts': '0', 'totalhosts': '1'}}, 'scan': {'192.168.1.1': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'}, 'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'}, 'status': {'state': 'up', 'reason': 'arp-response'}, 'tcp': {80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': ''}}}}}

# print(res.keys())
# print(res['nmap'])
# print(res['scan'][ip].keys())
# dict_keys(['nmap', 'scan'])
# {'command_line': 'nmap -oX - -p 1-200 -sV 118.24.11.235', 'scaninfo': {'tcp': {'method': 'syn', 'services': '1-200'}}, 'scanstats': {'timestr': 'Mon Jul 22 23:35:13 2019', 'elapsed': '11.76', 'uphosts': '1', 'downhosts': '0', 'totalhosts': '1'}}
# dict_keys(['hostnames', 'addresses', 'vendor', 'status', 'tcp'])

# ------------------------------------------

# print(res['scan'][ip]['hostnames'])
# print(res['scan'][ip]['addresses'])
# print(res['scan'][ip]['vendor'])
# print(res['scan'][ip]['status'])
# [{'name': '', 'type': ''}]
# {'ipv4': '118.24.11.235'}
# {}
# {'state': 'up', 'reason': 'echo-reply'}

# ------------------------------------------

# r = (res['scan'][ip]['tcp'])
# for k,v in r.items():
#     print('端口:'+str(k))
#     print('服务:'+v['name'])
#     print('公司:'+v['product'])
#     print('版本:'+v['version'])
#     print('信息:'+v['extrainfo'])
#     print('*'*10)
# print('开放端口:'+str(list(res['scan'][ip]['tcp'].keys())))

# **********
# 端口:139
# 服务:netbios-ssn
# 公司:
# 版本:
# 信息:
# **********
# 开放端口:[42, 80, 135, 136, 137, 138, 139]

# ------------------------------------------

# print('扫描地址:'+res['scan'][ip]['addresses']['ipv4'])
# print('扫描命令:'+res['nmap']['command_line'])
# print('扫描方式:'+res['nmap']['scaninfo']['tcp']['method'])
# print('主机存活:'+res['nmap']['scanstats']['uphosts'])
# print('扫描时间:'+res['nmap']['scanstats']['timestr'])

# 扫描地址:118.24.11.235
# # 扫描命令:nmap -oX - -p 1-200 -sV 118.24.11.235
# # 扫描方式:syn
# # 主机存活:1
# # 扫描时间:Mon Jul 22 23:35:13 2019

扫描网段信息

# coding:utf-8
import nmap
nma = nmap.PortScanner()
result = nma.scan(hosts='192.168.1.0/24', arguments='-n -sP -PE')
print(result)
#result = {'command_line': 'nmap -oX - -n -sP -PE -PA21,23,80,3389 192.168.1.0/24', 'scaninfo': {}, 'scanstats': {'timestr': 'Tue Jul 23 10:32:15 2019', 'elapsed': '3.80', 'uphosts': '2', 'downhosts': '254', 'totalhosts': '256'}}

print(result.keys())
# print(result['nmap'])
for k,v in (result['scan']).items():
    print(k)
    print('地址:'+str(v['addresses']))
    print('版本:'+str(v['vendor']))
    print('存活:'+v['status']['state'])
    print('*'*10)
    #
    # 192.168
    # .1
    # .1
    # 地址:{'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'}
    # 版本:{'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'}
    # 存活:up
    # ** ** ** ** **
    # 192.168
    # .1
    # .102
    # 地址:{'ipv4': '192.168.1.102'}
    # 版本:{}
    # 存活:up
    # ** ** ** ** **

扫描网段并且获取详细信息【较慢】

# coding:utf-8
import nmap
#nma = nmap.PortScanner()
#result = nma.scan(hosts='192.168.1.0/24', arguments='-sV -A')
# 耗时比较久
#print(result)
result = {'nmap': {'command_line': 'nmap -oX - -sV -A 192.168.1.0/24', 'scaninfo': {'tcp': {'method': 'syn', 'services': '1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389'}}, 'scanstats': {'timestr': 'Tue Jul 23 10:40:59 2019', 'elapsed': '72.32', 'uphosts': '2', 'downhosts': '254', 'totalhosts': '256'}}, 'scan': {'192.168.1.1': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'}, 'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'}, 'status': {'state': 'up', 'reason': 'arp-response'}, 'uptime': {'seconds': '227829', 'lastboot': 'Sat Jul 20 19:22:58 2019'}, 'tcp': {80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 200 OK\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 671\n    Connection: close\n    Cache-control: no-cache\n    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\n    <html xmlns="http://www.w3.org/1999/xhtml">\n    <head>\n    <title>MW313R</title>\n    <link rel="shortcut Icon" href="../images/icon_me.ico" type="image/x-icon" />\n    <script type="text/javascript" src="../dynaform/class.js"></script>\n    <link rel="stylesheet" type="text/css" href="../dynaform/class.css" />\n    </head>\n    <body>\n    <div id="Error"></div>\n    <div id="Confirm"></div>\n    <div id="Con"></div>\n    <div id="Help"></div>\n    <div id="Cover"></div>\n    <div id="Login"></div>\n    <script type="text/javascript">\n    pageOnload();\n    </script>\n    </body>\n    </html>\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache', 'http-title': 'MW313R'}}, 1900: {'state': 'open', 'reason': 'syn-ack', 'name': 'upnp', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': '', 'script': {'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 401 Unauthorized\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 303\n    Connection: close\n    Cache-control: no-cache\n    00007\n    00004\n    00000\n    +odaxt+jaIo*o$96\n    DnsBmHVaW]TIBA(}Zkr2WA!exifkM{ZOtpt!5BeZOXt$URoUo+,rvPpXIkNBEx,NsA8>q4{tunX6C!uIU[d|kvuDA3*d{25hDnIt4WBf}9$,8$To4GcG0ZW9.c50vaz+YVHbsQVZ,3y,Rg,m~h90fI!}IUgB*F0hyGR0O|^7[Q*q]1.|$e)nqE{Wtc}2v(DI^d^4d4.Auh|)A[liC4^0p+BsVM<Pp|zWX)l9bQQ~,chhq47eT47[c}6U4hGM0NZ\n    00002\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache'}}}, 'portused': [{'state': 'open', 'proto': 'tcp', 'portid': '80'}], 'osmatch': [{'name': 'Canon imageRUNNER C5185 printer', 'accuracy': '97', 'line': '12791', 'osclass': [{'type': 'printer', 'vendor': 'Canon', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '97', 'cpe': ['cpe:/h:canon:imagerunner_c5185']}]}, {'name': 'Canon imageRUNNER C2380 or C2880i or Xerox Phaser 8860MFP printer', 'accuracy': '94', 'line': '12713', 'osclass': [{'type': 'printer', 'vendor': 'Canon', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/h:canon:imagerunner_c2380', 'cpe:/h:canon:imagerunner_c2880i', 'cpe:/h:xerox:phaser_8860mfp']}]}, {'name': 'Fujitsu Externus DX80 or IBM DCS9900 NAS device', 'accuracy': '94', 'line': '38777', 'osclass': [{'type': 'storage-misc', 'vendor': 'IBM', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/h:ibm:dcs9900']}, {'type': 'storage-misc', 'vendor': 'Fujitsu Siemens', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/h:fujitsu:externus_dx80']}]}, {'name': 'VxWorks', 'accuracy': '94', 'line': '105377', 'osclass': [{'type': 'general purpose', 'vendor': 'Wind River', 'osfamily': 'VxWorks', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/o:windriver:vxworks']}]}, {'name': 'Avaya 4526GTX switch', 'accuracy': '92', 'line': '8568', 'osclass': [{'type': 'switch', 'vendor': 'Avaya', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '92', 'cpe': ['cpe:/h:avaya:4526gtx']}]}, {'name': 'Nortel CS1000M VoIP PBX or Xerox Phaser 8560DT printer', 'accuracy': '90', 'line': '88925', 'osclass': [{'type': 'PBX', 'vendor': 'Nortel', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '90', 'cpe': ['cpe:/h:nortel:cs1000m']}, {'type': 'printer', 'vendor': 'Xerox', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '90', 'cpe': ['cpe:/h:xerox:phaser_8560dt']}]}, {'name': 'Aastra Dialog 4425 IP phone', 'accuracy': '88', 'line': '1221', 'osclass': [{'type': 'VoIP phone', 'vendor': 'Aastra', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': []}]}, {'name': 'HP ProCurve 3500yl, 5406zl, or 6200yl switch or UTStarcom F1000 VoIP phone', 'accuracy': '88', 'line': '35312', 'osclass': [{'type': 'switch', 'vendor': 'HP', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': []}, {'type': 'VoIP phone', 'vendor': 'UTStarcom', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': ['cpe:/h:utstarcom:f1000']}]}, {'name': 'Nortel Ethernet Routing Switch 4550T-PWR', 'accuracy': '88', 'line': '89015', 'osclass': [{'type': 'switch', 'vendor': 'Nortel', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': ['cpe:/h:nortel:ethernet_routing_switch_4550t-pwr']}]}, {'name': 'Apple AirPort Express WAP or AMX NI-3100 controller (VxWorks)', 'accuracy': '88', 'line': '3436', 'osclass': [{'type': 'WAP', 'vendor': 'Apple', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': ['cpe:/h:apple:airport_express']}]}]}, '192.168.1.102': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'localhost-response'}, 'tcp': {135: {'state': 'open', 'reason': 'syn-ack', 'name': 'msrpc', 'product': 'Microsoft Windows RPC', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 139: {'state': 'open', 'reason': 'syn-ack', 'name': 'netbios-ssn', 'product': 'Microsoft Windows netbios-ssn', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 443: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'VMware VirtualCenter Web service', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'http-title': "Site doesn't have a title (text; charset=plain).", 'ssl-cert': 'Subject: commonName=VMware/countryName=US\nNot valid before: 2018-12-20T12:02:52\nNot valid after:  2019-12-20T12:02:52', 'ssl-date': 'TLS randomness does not represent time', 'vmware-version': '\n  Server version: VMware Workstation 12.5.7\n  Build: 5813279\n  Locale version: INTL  \n  OS type: win32-x86\n  Product Line ID: ws'}}, 445: {'state': 'open', 'reason': 'syn-ack', 'name': 'microsoft-ds', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 902: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.10', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}, 912: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.0', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}}, 'hostscript': [{'id': 'smb2-security-mode', 'output': '\n  2.02: \n    Message signing enabled but not required'}, {'id': 'smb2-time', 'output': '\n  date: 2019-07-23 10:40:31\n  start_date: N/A'}], 'portused': [{'state': 'open', 'proto': 'tcp', 'portid': '135'}, {'state': 'closed', 'proto': 'tcp', 'portid': '1'}, {'state': 'closed', 'proto': 'udp', 'portid': '41837'}], 'osmatch': [{'name': 'Microsoft Windows 10 1703', 'accuracy': '93', 'line': '69486', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '93', 'cpe': ['cpe:/o:microsoft:windows_10:1703']}]}, {'name': 'Microsoft Windows 10 1607', 'accuracy': '92', 'line': '69340', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows_10:1607']}]}, {'name': 'Microsoft Windows Longhorn', 'accuracy': '92', 'line': '78352', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': 'Longhorn', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows']}]}, {'name': 'Microsoft Windows 7 SP1', 'accuracy': '91', 'line': '77170', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7::sp1']}]}, {'name': 'Microsoft Windows 10 10586 - 14393', 'accuracy': '91', 'line': '69008', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1 or Server 2008 R2 SP1', 'accuracy': '91', 'line': '77602', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '2008', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_server_2008:r2']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1', 'accuracy': '90', 'line': '76444', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}]}, {'name': 'Microsoft Windows 10', 'accuracy': '90', 'line': '68914', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 10 1511', 'accuracy': '90', 'line': '69159', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10:1511']}]}, {'name': 'Microsoft Windows 8.1', 'accuracy': '90', 'line': '77678', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1']}]}]}}}

# print(result.keys()) --> dict_keys(['nmap', 'scan'])
# print(result['scan']) --> {'192.168.1.1': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'}, 'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'}, 'status': {'state': 'up', 'reason': 'arp-response'}, 'uptime': {'seconds': '227829', 'lastboot': 'Sat Jul 20 19:22:58 2019'}, 'tcp': {80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 200 OK\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 671\n    Connection: close\n    Cache-control: no-cache\n    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\n    <html xmlns="http://www.w3.org/1999/xhtml">\n    <head>\n    <title>MW313R</title>\n    <link rel="shortcut Icon" href="../images/icon_me.ico" type="image/x-icon" />\n    <script type="text/javascript" src="../dynaform/class.js"></script>\n    <link rel="stylesheet" type="text/css" href="../dynaform/class.css" />\n    </head>\n    <body>\n    <div id="Error"></div>\n    <div id="Confirm"></div>\n    <div id="Con"></div>\n    <div id="Help"></div>\n    <div id="Cover"></div>\n    <div id="Login"></div>\n    <script type="text/javascript">\n    pageOnload();\n    </script>\n    </body>\n    </html>\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache', 'http-title': 'MW313R'}}, 1900: {'state': 'open', 'reason': 'syn-ack', 'name': 'upnp', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': '', 'script': {'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 401 Unauthorized\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 303\n    Connection: close\n    Cache-control: no-cache\n    00007\n    00004\n    00000\n    +odaxt+jaIo*o$96\n    DnsBmHVaW]TIBA(}Zkr2WA!exifkM{ZOtpt!5BeZOXt$URoUo+,rvPpXIkNBEx,NsA8>q4{tunX6C!uIU[d|kvuDA3*d{25hDnIt4WBf}9$,8$To4GcG0ZW9.c50vaz+YVHbsQVZ,3y,Rg,m~h90fI!}IUgB*F0hyGR0O|^7[Q*q]1.|$e)nqE{Wtc}2v(DI^d^4d4.Auh|)A[liC4^0p+BsVM<Pp|zWX)l9bQQ~,chhq47eT47[c}6U4hGM0NZ\n    00002\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache'}}}, 'portused': [{'state': 'open', 'proto': 'tcp', 'portid': '80'}], 'osmatch': [{'name': 'Canon imageRUNNER C5185 printer', 'accuracy': '97', 'line': '12791', 'osclass': [{'type': 'printer', 'vendor': 'Canon', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '97', 'cpe': ['cpe:/h:canon:imagerunner_c5185']}]}, {'name': 'Canon imageRUNNER C2380 or C2880i or Xerox Phaser 8860MFP printer', 'accuracy': '94', 'line': '12713', 'osclass': [{'type': 'printer', 'vendor': 'Canon', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/h:canon:imagerunner_c2380', 'cpe:/h:canon:imagerunner_c2880i', 'cpe:/h:xerox:phaser_8860mfp']}]}, {'name': 'Fujitsu Externus DX80 or IBM DCS9900 NAS device', 'accuracy': '94', 'line': '38777', 'osclass': [{'type': 'storage-misc', 'vendor': 'IBM', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/h:ibm:dcs9900']}, {'type': 'storage-misc', 'vendor': 'Fujitsu Siemens', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/h:fujitsu:externus_dx80']}]}, {'name': 'VxWorks', 'accuracy': '94', 'line': '105377', 'osclass': [{'type': 'general purpose', 'vendor': 'Wind River', 'osfamily': 'VxWorks', 'osgen': None, 'accuracy': '94', 'cpe': ['cpe:/o:windriver:vxworks']}]}, {'name': 'Avaya 4526GTX switch', 'accuracy': '92', 'line': '8568', 'osclass': [{'type': 'switch', 'vendor': 'Avaya', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '92', 'cpe': ['cpe:/h:avaya:4526gtx']}]}, {'name': 'Nortel CS1000M VoIP PBX or Xerox Phaser 8560DT printer', 'accuracy': '90', 'line': '88925', 'osclass': [{'type': 'PBX', 'vendor': 'Nortel', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '90', 'cpe': ['cpe:/h:nortel:cs1000m']}, {'type': 'printer', 'vendor': 'Xerox', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '90', 'cpe': ['cpe:/h:xerox:phaser_8560dt']}]}, {'name': 'Aastra Dialog 4425 IP phone', 'accuracy': '88', 'line': '1221', 'osclass': [{'type': 'VoIP phone', 'vendor': 'Aastra', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': []}]}, {'name': 'HP ProCurve 3500yl, 5406zl, or 6200yl switch or UTStarcom F1000 VoIP phone', 'accuracy': '88', 'line': '35312', 'osclass': [{'type': 'switch', 'vendor': 'HP', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': []}, {'type': 'VoIP phone', 'vendor': 'UTStarcom', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': ['cpe:/h:utstarcom:f1000']}]}, {'name': 'Nortel Ethernet Routing Switch 4550T-PWR', 'accuracy': '88', 'line': '89015', 'osclass': [{'type': 'switch', 'vendor': 'Nortel', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': ['cpe:/h:nortel:ethernet_routing_switch_4550t-pwr']}]}, {'name': 'Apple AirPort Express WAP or AMX NI-3100 controller (VxWorks)', 'accuracy': '88', 'line': '3436', 'osclass': [{'type': 'WAP', 'vendor': 'Apple', 'osfamily': 'embedded', 'osgen': None, 'accuracy': '88', 'cpe': ['cpe:/h:apple:airport_express']}]}]}, '192.168.1.102': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'localhost-response'}, 'tcp': {135: {'state': 'open', 'reason': 'syn-ack', 'name': 'msrpc', 'product': 'Microsoft Windows RPC', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 139: {'state': 'open', 'reason': 'syn-ack', 'name': 'netbios-ssn', 'product': 'Microsoft Windows netbios-ssn', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 443: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'VMware VirtualCenter Web service', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'http-title': "Site doesn't have a title (text; charset=plain).", 'ssl-cert': 'Subject: commonName=VMware/countryName=US\nNot valid before: 2018-12-20T12:02:52\nNot valid after:  2019-12-20T12:02:52', 'ssl-date': 'TLS randomness does not represent time', 'vmware-version': '\n  Server version: VMware Workstation 12.5.7\n  Build: 5813279\n  Locale version: INTL  \n  OS type: win32-x86\n  Product Line ID: ws'}}, 445: {'state': 'open', 'reason': 'syn-ack', 'name': 'microsoft-ds', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 902: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.10', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}, 912: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.0', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}}, 'hostscript': [{'id': 'smb2-security-mode', 'output': '\n  2.02: \n    Message signing enabled but not required'}, {'id': 'smb2-time', 'output': '\n  date: 2019-07-23 10:40:31\n  start_date: N/A'}], 'portused': [{'state': 'open', 'proto': 'tcp', 'portid': '135'}, {'state': 'closed', 'proto': 'tcp', 'portid': '1'}, {'state': 'closed', 'proto': 'udp', 'portid': '41837'}], 'osmatch': [{'name': 'Microsoft Windows 10 1703', 'accuracy': '93', 'line': '69486', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '93', 'cpe': ['cpe:/o:microsoft:windows_10:1703']}]}, {'name': 'Microsoft Windows 10 1607', 'accuracy': '92', 'line': '69340', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows_10:1607']}]}, {'name': 'Microsoft Windows Longhorn', 'accuracy': '92', 'line': '78352', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': 'Longhorn', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows']}]}, {'name': 'Microsoft Windows 7 SP1', 'accuracy': '91', 'line': '77170', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7::sp1']}]}, {'name': 'Microsoft Windows 10 10586 - 14393', 'accuracy': '91', 'line': '69008', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1 or Server 2008 R2 SP1', 'accuracy': '91', 'line': '77602', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '2008', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_server_2008:r2']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1', 'accuracy': '90', 'line': '76444', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}]}, {'name': 'Microsoft Windows 10', 'accuracy': '90', 'line': '68914', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 10 1511', 'accuracy': '90', 'line': '69159', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10:1511']}]}, {'name': 'Microsoft Windows 8.1', 'accuracy': '90', 'line': '77678', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1']}]}]}}

#or k,v in result['scan'].items():
    #print(k) --> 192.168.1.1
    # print(v) --> {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'localhost-response'}, 'tcp': {135: {'state': 'open', 'reason': 'syn-ack', 'name': 'msrpc', 'product': 'Microsoft Windows RPC', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 139: {'state': 'open', 'reason': 'syn-ack', 'name': 'netbios-ssn', 'product': 'Microsoft Windows netbios-ssn', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 443: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'VMware VirtualCenter Web service', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'http-title': "Site doesn't have a title (text; charset=plain).", 'ssl-cert': 'Subject: commonName=VMware/countryName=US\nNot valid before: 2018-12-20T12:02:52\nNot valid after:  2019-12-20T12:02:52', 'ssl-date': 'TLS randomness does not represent time', 'vmware-version': '\n  Server version: VMware Workstation 12.5.7\n  Build: 5813279\n  Locale version: INTL  \n  OS type: win32-x86\n  Product Line ID: ws'}}, 445: {'state': 'open', 'reason': 'syn-ack', 'name': 'microsoft-ds', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 902: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.10', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}, 912: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.0', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}}, 'hostscript': [{'id': 'smb2-security-mode', 'output': '\n  2.02: \n    Message signing enabled but not required'}, {'id': 'smb2-time', 'output': '\n  date: 2019-07-23 10:40:31\n  start_date: N/A'}], 'portused': [{'state': 'open', 'proto': 'tcp', 'portid': '135'}, {'state': 'closed', 'proto': 'tcp', 'portid': '1'}, {'state': 'closed', 'proto': 'udp', 'portid': '41837'}], 'osmatch': [{'name': 'Microsoft Windows 10 1703', 'accuracy': '93', 'line': '69486', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '93', 'cpe': ['cpe:/o:microsoft:windows_10:1703']}]}, {'name': 'Microsoft Windows 10 1607', 'accuracy': '92', 'line': '69340', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows_10:1607']}]}, {'name': 'Microsoft Windows Longhorn', 'accuracy': '92', 'line': '78352', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': 'Longhorn', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows']}]}, {'name': 'Microsoft Windows 7 SP1', 'accuracy': '91', 'line': '77170', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7::sp1']}]}, {'name': 'Microsoft Windows 10 10586 - 14393', 'accuracy': '91', 'line': '69008', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1 or Server 2008 R2 SP1', 'accuracy': '91', 'line': '77602', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '2008', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_server_2008:r2']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1', 'accuracy': '90', 'line': '76444', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}]}, {'name': 'Microsoft Windows 10', 'accuracy': '90', 'line': '68914', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 10 1511', 'accuracy': '90', 'line': '69159', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10:1511']}]}, {'name': 'Microsoft Windows 8.1', 'accuracy': '90', 'line': '77678', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1']}]}]}


vres = {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {}, 'status': {'state': 'up', 'reason': 'localhost-response'}, 'tcp': {135: {'state': 'open', 'reason': 'syn-ack', 'name': 'msrpc', 'product': 'Microsoft Windows RPC', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 139: {'state': 'open', 'reason': 'syn-ack', 'name': 'netbios-ssn', 'product': 'Microsoft Windows netbios-ssn', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'}, 443: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'VMware VirtualCenter Web service', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'http-title': "Site doesn't have a title (text; charset=plain).", 'ssl-cert': 'Subject: commonName=VMware/countryName=US\nNot valid before: 2018-12-20T12:02:52\nNot valid after:  2019-12-20T12:02:52', 'ssl-date': 'TLS randomness does not represent time', 'vmware-version': '\n  Server version: VMware Workstation 12.5.7\n  Build: 5813279\n  Locale version: INTL  \n  OS type: win32-x86\n  Product Line ID: ws'}}, 445: {'state': 'open', 'reason': 'syn-ack', 'name': 'microsoft-ds', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': ''}, 902: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.10', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}, 912: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon', 'version': '1.0', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}}, 'hostscript': [{'id': 'smb2-security-mode', 'output': '\n  2.02: \n    Message signing enabled but not required'}, {'id': 'smb2-time', 'output': '\n  date: 2019-07-23 10:40:31\n  start_date: N/A'}], 'portused': [{'state': 'open', 'proto': 'tcp', 'portid': '135'}, {'state': 'closed', 'proto': 'tcp', 'portid': '1'}, {'state': 'closed', 'proto': 'udp', 'portid': '41837'}], 'osmatch': [{'name': 'Microsoft Windows 10 1703', 'accuracy': '93', 'line': '69486', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '93', 'cpe': ['cpe:/o:microsoft:windows_10:1703']}]}, {'name': 'Microsoft Windows 10 1607', 'accuracy': '92', 'line': '69340', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows_10:1607']}]}, {'name': 'Microsoft Windows Longhorn', 'accuracy': '92', 'line': '78352', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': 'Longhorn', 'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows']}]}, {'name': 'Microsoft Windows 7 SP1', 'accuracy': '91', 'line': '77170', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7::sp1']}]}, {'name': 'Microsoft Windows 10 10586 - 14393', 'accuracy': '91', 'line': '69008', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1 or Server 2008 R2 SP1', 'accuracy': '91', 'line': '77602', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '2008', 'accuracy': '91', 'cpe': ['cpe:/o:microsoft:windows_server_2008:r2']}]}, {'name': 'Microsoft Windows 7 or 8.1 R1', 'accuracy': '90', 'line': '76444', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_7']}, {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}]}, {'name': 'Microsoft Windows 10', 'accuracy': '90', 'line': '68914', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10']}]}, {'name': 'Microsoft Windows 10 1511', 'accuracy': '90', 'line': '69159', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_10:1511']}]}, {'name': 'Microsoft Windows 8.1', 'accuracy': '90', 'line': '77678', 'osclass': [{'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90', 'cpe': ['cpe:/o:microsoft:windows_8.1']}]}]}
for k,v in vres.items():
    print('Key:'+k)
    print(v)

    # Key: hostnames
    # [{'name': '', 'type': ''}]
    # Key: addresses
    # {'ipv4': '192.168.1.102'}
    # Key: vendor
    # {}
    # Key: status
    # {'state': 'up', 'reason': 'localhost-response'}
    # Key: tcp
    # {135: {'state': 'open', 'reason': 'syn-ack', 'name': 'msrpc', 'product': 'Microsoft Windows RPC', 'version': '',
    #        'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'},
    #  139: {'state': 'open', 'reason': 'syn-ack', 'name': 'netbios-ssn', 'product': 'Microsoft Windows netbios-ssn',
    #        'version': '', 'extrainfo': '', 'conf': '10', 'cpe': 'cpe:/o:microsoft:windows'},
    #  443: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'VMware VirtualCenter Web service',
    #        'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '',
    #        'script': {'http-title': "Site doesn't have a title (text; charset=plain).",
    #                   'ssl-cert': 'Subject: commonName=VMware/countryName=US\nNot valid before: 2018-12-20T12:02:52\nNot valid after:  2019-12-20T12:02:52',
    #                   'ssl-date': 'TLS randomness does not represent time',
    #                   'vmware-version': '\n  Server version: VMware Workstation 12.5.7\n  Build: 5813279\n  Locale version: INTL  \n  OS type: win32-x86\n  Product Line ID: ws'}},
    #  445: {'state': 'open', 'reason': 'syn-ack', 'name': 'microsoft-ds', 'product': '', 'version': '', 'extrainfo': '',
    #        'conf': '3', 'cpe': ''},
    #  902: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon',
    #        'version': '1.10', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''},
    #  912: {'state': 'open', 'reason': 'syn-ack', 'name': 'vmware-auth', 'product': 'VMware Authentication Daemon',
    #        'version': '1.0', 'extrainfo': 'Uses VNC, SOAP', 'conf': '10', 'cpe': ''}}
    # Key: hostscript
    # [{'id': 'smb2-security-mode', 'output': '\n  2.02: \n    Message signing enabled but not required'},
    #  {'id': 'smb2-time', 'output': '\n  date: 2019-07-23 10:40:31\n  start_date: N/A'}]
    # Key: portused
    # [{'state': 'open', 'proto': 'tcp', 'portid': '135'}, {'state': 'closed', 'proto': 'tcp', 'portid': '1'},
    #  {'state': 'closed', 'proto': 'udp', 'portid': '41837'}]
    # Key: osmatch
    # [{'name': 'Microsoft Windows 10 1703', 'accuracy': '93', 'line': '69486', 'osclass': [
    #     {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '93',
    #      'cpe': ['cpe:/o:microsoft:windows_10:1703']}]},
    #  {'name': 'Microsoft Windows 10 1607', 'accuracy': '92', 'line': '69340', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '92',
    #       'cpe': ['cpe:/o:microsoft:windows_10:1607']}]},
    #  {'name': 'Microsoft Windows Longhorn', 'accuracy': '92', 'line': '78352', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': 'Longhorn',
    #       'accuracy': '92', 'cpe': ['cpe:/o:microsoft:windows']}]},
    #  {'name': 'Microsoft Windows 7 SP1', 'accuracy': '91', 'line': '77170', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91',
    #       'cpe': ['cpe:/o:microsoft:windows_7::sp1']}]},
    #  {'name': 'Microsoft Windows 10 10586 - 14393', 'accuracy': '91', 'line': '69008', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '91',
    #       'cpe': ['cpe:/o:microsoft:windows_10']}]},
    #  {'name': 'Microsoft Windows 7 or 8.1 R1 or Server 2008 R2 SP1', 'accuracy': '91', 'line': '77602', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '91',
    #       'cpe': ['cpe:/o:microsoft:windows_8.1:r1']},
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '91',
    #       'cpe': ['cpe:/o:microsoft:windows_7']},
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '2008', 'accuracy': '91',
    #       'cpe': ['cpe:/o:microsoft:windows_server_2008:r2']}]},
    #  {'name': 'Microsoft Windows 7 or 8.1 R1', 'accuracy': '90', 'line': '76444', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '7', 'accuracy': '90',
    #       'cpe': ['cpe:/o:microsoft:windows_7']},
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90',
    #       'cpe': ['cpe:/o:microsoft:windows_8.1:r1']}]},
    #  {'name': 'Microsoft Windows 10', 'accuracy': '90', 'line': '68914', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90',
    #       'cpe': ['cpe:/o:microsoft:windows_10']}]},
    #  {'name': 'Microsoft Windows 10 1511', 'accuracy': '90', 'line': '69159', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '10', 'accuracy': '90',
    #       'cpe': ['cpe:/o:microsoft:windows_10:1511']}]},
    #  {'name': 'Microsoft Windows 8.1', 'accuracy': '90', 'line': '77678', 'osclass': [
    #      {'type': 'general purpose', 'vendor': 'Microsoft', 'osfamily': 'Windows', 'osgen': '8.1', 'accuracy': '90',
    #       'cpe': ['cpe:/o:microsoft:windows_8.1']}]}]

异步多进程实现及时获取

# coding:utf-8
import nmap,multiprocessing
nm = nmap.PortScannerAsync()
def callback_result(host, scan_result):
    print(host, scan_result)
if __name__ == '__main__':
    multiprocessing.freeze_support()
    nm.scan(hosts='192.168.1.0/24', arguments='-sP', callback=callback_result)
    while nm.still_scanning():
        print("Waiting....")
        nm.wait(2)


    # 192.168
    # .1
    # .0
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.0', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:15 2019', 'elapsed': '3.79', 'uphosts': '0',
    #                         'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}}
    # Waiting >> >
    # Waiting >> >
    # 192.168
    # .1
    # .1
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.1', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:18 2019', 'elapsed': '3.35', 'uphosts': '1',
    #                         'downhosts': '0', 'totalhosts': '1'}}, 'scan': {
    #     '192.168.1.1': {'hostnames': [{'name': '', 'type': ''}],
    #                     'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'},
    #                     'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'},
    #                     'status': {'state': 'up', 'reason': 'arp-response'}}}}
    # Waiting >> >
    # Waiting >> >
    # 192.168
    # .1
    # .10
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.10', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:22 2019', 'elapsed': '3.72', 'uphosts': '0',
    #                         'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}}
    # Waiting >> >
    # Waiting >> >
    # 192.168
    # .1
    # .100
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.100', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:25 2019', 'elapsed': '3.78', 'uphosts': '0',
    #                         'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}}
    # Waiting >> >
    # Waiting >> >
    # 192.168
    # .1
    # .101
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.101', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:29 2019', 'elapsed': '3.71', 'uphosts': '0',
    #                         'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}}
    # Waiting >> >
    # 192.168
    # .1
    # .102
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.102', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:32 2019', 'elapsed': '2.98', 'uphosts': '1',
    #                         'downhosts': '0', 'totalhosts': '1'}}, 'scan': {
    #     '192.168.1.102': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'},
    #                       'vendor': {}, 'status': {'state': 'up', 'reason': 'localhost-response'}}}}
    # Waiting >> >
    # Waiting >> >
    # 192.168
    # .1
    # .103
    # {'nmap': {'command_line': 'nmap -oX - -sP 192.168.1.103', 'scaninfo': {},
    #           'scanstats': {'timestr': 'Tue Jul 23 10:52:36 2019', 'elapsed': '3.70', 'uphosts': '0',
    #                         'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}}
    # 

使用生成器及时获取

# coding:utf-8
import nmap
nm = nmap.PortScannerYield()
for progressive_result in nm.scan('192.168.1.0/24', '0-100'):
    print(progressive_result)
    # 
    # ('192.168.1.0', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.0',
    #                           'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                           'scanstats': {'timestr': 'Tue Jul 23 10:55:04 2019', 'elapsed': '4.28', 'uphosts': '0',
    #                                         'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.1', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.1',
    #                           'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                           'scanstats': {'timestr': 'Tue Jul 23 10:55:15 2019', 'elapsed': '10.41', 'uphosts': '1',
    #                                         'downhosts': '0', 'totalhosts': '1'}}, 'scan': {
    #     '192.168.1.1': {'hostnames': [{'name': '', 'type': ''}],
    #                     'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'},
    #                     'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'},
    #                     'status': {'state': 'up', 'reason': 'arp-response'}, 'tcp': {
    #             80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '',
    #                  'extrainfo': '', 'conf': '10', 'cpe': ''}}}}})
    # ('192.168.1.10', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.10',
    #                            'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                            'scanstats': {'timestr': 'Tue Jul 23 10:55:19 2019', 'elapsed': '4.30', 'uphosts': '0',
    #                                          'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.100', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.100',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:24 2019', 'elapsed': '4.32', 'uphosts': '1',
    #                                           'downhosts': '0', 'totalhosts': '1'}}, 'scan': {
    #     '192.168.1.100': {'hostnames': [{'name': '', 'type': ''}],
    #                       'addresses': {'ipv4': '192.168.1.100', 'mac': '94:65:2D:C0:5E:BE'},
    #                       'vendor': {'94:65:2D:C0:5E:BE': 'OnePlus Technology (Shenzhen)'},
    #                       'status': {'state': 'up', 'reason': 'arp-response'}}}})
    # ('192.168.1.101', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.101',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:28 2019', 'elapsed': '4.25', 'uphosts': '0',
    #                                           'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.102', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.102',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:32 2019', 'elapsed': '3.91', 'uphosts': '1',
    #                                           'downhosts': '0', 'totalhosts': '1'}}, 'scan': {
    #     '192.168.1.102': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {},
    #                       'status': {'state': 'up', 'reason': 'localhost-response'}}}})
    # ('192.168.1.103', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.103',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:36 2019', 'elapsed': '4.34', 'uphosts': '0',
    #                                           'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.104', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.104',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:41 2019', 'elapsed': '4.23', 'uphosts': '0',
    #                                           'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.105', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.105',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:45 2019', 'elapsed': '4.17', 'uphosts': '0',
    #                                           'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.106', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.106',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:49 2019', 'elapsed': '4.34', 'uphosts': '0',
    #                                           'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})
    # ('192.168.1.107', {'nmap': {'command_line': 'nmap -oX - -p 0-100 -sV 192.168.1.107',
    #                             'scaninfo': {'tcp': {'method': 'syn', 'services': '0-100'}},
    #                             'scanstats': {'timestr': 'Tue Jul 23 10:55:53 2019', 'elapsed': '4.23', 'uphosts': '0',
    #                                           'downhosts': '1', 'totalhosts': '1'}}, 'scan': {}})

使用内置多线程

# coding:utf-8
import nmap
def scan(ip):
    nm = nmap.PortScanner()
    print(nm.scan(ip))
import time
t1 = time.time()
n = nmap.Process(target=scan,args=('192.168.1.0/24',))
n.run()
print('耗时:{}'.format(time.time()-t1))


# {'nmap': {'command_line': 'nmap -oX - -sV 192.168.1.0/24', 'scaninfo': {'tcp': {'method': 'syn',
#                                                                                 'services': '1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389'}},
#           'scanstats': {'timestr': 'Tue Jul 23 11:11:30 2019', 'elapsed': '28.40', 'uphosts': '2', 'downhosts': '254',
#                         'totalhosts': '256'}}, 'scan': {'192.168.1.1': {'hostnames': [{'name': '', 'type': ''}],
#                                                                         'addresses': {'ipv4': '192.168.1.1',
#                                                                                       'mac': '48:8A:D2:C7:70:F4'},
#                                                                         'vendor': {
#                                                                             '48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'},
#                                                                         'status': {'state': 'up',
#                                                                                    'reason': 'arp-response'}, 'tcp': {
#         80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '', 'extrainfo': '',
#              'conf': '10', 'cpe': ''},
#         1900: {'state': 'open', 'reason': 'syn-ack', 'name': 'upnp', 'product': '', 'version': '', 'extrainfo': '',
#                'conf': '3', 'cpe': ''}}}, '192.168.1.102': {'hostnames': [{'name': '', 'type': ''}],
#                                                             'addresses': {'ipv4': '192.168.1.102'}, 'vendor': {},
#                                                             'status': {'state': 'up', 'reason': 'localhost-response'},
#                                                             'tcp': {135: {'state': 'open', 'reason': 'syn-ack',
#                                                                           'name': 'msrpc',
#                                                                           'product': 'Microsoft Windows RPC',
#                                                                           'version': '', 'extrainfo': '', 'conf': '10',
#                                                                           'cpe': 'cpe:/o:microsoft:windows'},
#                                                                     139: {'state': 'open', 'reason': 'syn-ack',
#                                                                           'name': 'netbios-ssn',
#                                                                           'product': 'Microsoft Windows netbios-ssn',
#                                                                           'version': '', 'extrainfo': '', 'conf': '10',
#                                                                           'cpe': 'cpe:/o:microsoft:windows'},
#                                                                     443: {'state': 'open', 'reason': 'syn-ack',
#                                                                           'name': 'http',
#                                                                           'product': 'VMware VirtualCenter Web service',
#                                                                           'version': '', 'extrainfo': '', 'conf': '10',
#                                                                           'cpe': ''},
#                                                                     445: {'state': 'open', 'reason': 'syn-ack',
#                                                                           'name': 'microsoft-ds', 'product': '',
#                                                                           'version': '', 'extrainfo': '', 'conf': '3',
#                                                                           'cpe': ''},
#                                                                     902: {'state': 'open', 'reason': 'syn-ack',
#                                                                           'name': 'vmware-auth',
#                                                                           'product': 'VMware Authentication Daemon',
#                                                                           'version': '1.10',
#                                                                           'extrainfo': 'Uses VNC, SOAP', 'conf': '10',
#                                                                           'cpe': ''},
#                                                                     912: {'state': 'open', 'reason': 'syn-ack',
#                                                                           'name': 'vmware-auth',
#                                                                           'product': 'VMware Authentication Daemon',
#                                                                           'version': '1.0',
#                                                                           'extrainfo': 'Uses VNC, SOAP', 'conf': '10',
#                                                                           'cpe': ''}}}}}
# 耗时: 28.58319854736328

使用漏扫模块

# coding:utf-8
import nmap
common = '--script vulscan --script-args vulscandb=cve.csv -sV'
nm = nmap.PortScanner()
result = nm.scan(hosts='192.168.200.130',arguments=common)
print(result)
res = result['scan']
# res = {'nmap': {'command_line': 'nmap -oX - --script vulscan -sV 192.168.200.130', 'scaninfo': {'tcp': {'method': 'syn', 'services': '1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389'}}, 'scanstats': {'timestr': 'Tue Jul 23 11:48:06 2019', 'elapsed': '16.99', 'uphosts': '1', 'downhosts': '0', 'totalhosts': '1'}}, 'scan': {'192.168.200.130': {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.200.130', 'mac': '00:0C:29:DA:16:97'}, 'vendor': {'00:0C:29:DA:16:97': 'VMware'}, 'status': {'state': 'up', 'reason': 'arp-response'}, 'tcp': {80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': 'Apache httpd', 'version': '2.4.10', 'extrainfo': '(Win32) OpenSSL/0.9.8zb PHP/5.3.29', 'conf': '10', 'cpe': 'cpe:/a:apache:http_server:2.4.10', 'script': {'http-server-header': 'Apache/2.4.10 (Win32) OpenSSL/0.9.8zb PHP/5.3.29', 'vulscan': "scip VulDB - http://www.scip.ch/en/?vuldb:\n[9683] Apache HTTP Server 2.4.5 mod_session_dbd unknown vulnerability\n[7202] Apache HTTP Server 2.4.2 on Oracle Solaris ld_library_path cross site scripting\n[6092] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_ajp.c information disclosure\n[6090] Apache HTTP Server 2.4.0/2.4.1/2.4.2 mod_proxy_http.c information disclosure\n[9673] Apache HTTP Server up to 2.4.4 mod_dav mod_dav.c Request denial of service\n[5298] Apache HTTP Server up to 2.4.2 LD_LIBRARY_PATH privilege escalation\n\nMITRE CVE - http://cve.mitre.org:\n[CVE-2013-2249] mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.\n[CVE-2012-4558] Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via a crafted string.\n[CVE-2012-3502] The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remote attackers to obtain sensitive information in opportunistic circumstances by reading a response that was intended for a different client.\n[CVE-2012-3499] Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3) mod_ldap, (4) mod_proxy_ftp, and (5) mod_status modules.\n[CVE-2012-3451] Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsistent with the message body.\n[CVE-2012-2687] Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list.\n[CVE-2012-2379] Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact and attack vectors.\n[CVE-2012-2378] Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, (2) SignedParts, (3) SignedElements, (4) EncryptedParts, and (5) EncryptedElements policies.\n[CVE-2012-0883] envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.\n[CVE-2011-2516] Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.\n\nOSVDB - http://www.osvdb.org:\n[20897] PHP w/ Apache 2 SAPI virtual() Function Unspecified INI Setting Disclosure\n\nSecurityFocus - http://www.securityfocus.com/bid/:\n[42102] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability\n[27237] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 'mod_status' Cross-Site Scripting Vulnerability\n[15413] PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability\n[15177] PHP Apache 2 Local Denial of Service Vulnerability\n[6065] Apache 2 WebDAV CGI POST Request Information Disclosure Vulnerability\n[5816] Apache 2 mod_dav Denial Of Service Vulnerability\n[5486] Apache 2.0 CGI Path Disclosure Vulnerability\n[5485] Apache 2.0 Path Disclosure Vulnerability\n[5434] Apache 2.0 Encoded Backslash Directory Traversal Vulnerability\n[5256] Apache httpd 2.0 CGI Error Path Disclosure Vulnerability\n[4057] Apache 2 for Windows OPTIONS request Path Disclosure Vulnerability\n[4056] Apache 2 for Windows php.exe Path Disclosure Vulnerability\n\nSecurityTracker - http://www.securitytracker.com:\n[1008196] Apache 2.x on Windows May Return Unexpected Files For URLs Ending With Certain Characters\n[1007143] Apache 2.0 Web Server May Use a Weaker Encryption Implementation Than Specified in Some Cases\n[1006444] Apache 2.0 Web Server Line Feed Buffer Allocation Flaw Lets Remote Users Deny Service\n[1005963] Apache Web Server 2.x Windows Device Access Flaw Lets Remote Users Crash the Server or Possibly Execute Arbitrary Code\n[1004770] Apache 2.x Web Server ap_log_rerror() Function May Disclose Full Installation Path to Remote Users\n\nIBM X-Force - http://xforce.iss.net:\n[75211] Debian GNU/Linux apache 2 cross-site scripting\n\nExploit-DB - http://www.exploit-db.com:\n[18329] Apache Struts2 <= 2.3.1 Multiple Vulnerabilities\n\nOpenVAS (Nessus) - http://www.openvas.org:\n[855524] Solaris Update for Apache 2 120544-14\n[855077] Solaris Update for Apache 2 120543-14\n[100858] Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability\n[72626] Debian Security Advisory DSA 2579-1 (apache2)\n[71551] Gentoo Security Advisory GLSA 201206-25 (apache)\n[71550] Gentoo Security Advisory GLSA 201206-24 (apache tomcat)\n[71485] Debian Security Advisory DSA 2506-1 (libapache-mod-security)\n[71256] Debian Security Advisory DSA 2452-1 (apache2)\n[71238] Debian Security Advisory DSA 2436-1 (libapache2-mod-fcgid)\n[70724] Debian Security Advisory DSA 2405-1 (apache2)\n[70235] Debian Security Advisory DSA 2298-2 (apache2)\n[70233] Debian Security Advisory DSA 2298-1 (apache2)\n[69988] Debian Security Advisory DSA 2279-1 (libapache2-mod-authnz-external)\n[69338] Debian Security Advisory DSA 2202-1 (apache2)\n[65131] SLES9: Security update for Apache 2 oes/CORE\n[64426] Gentoo Security Advisory GLSA 200907-04 (apache)\n[61381] Gentoo Security Advisory GLSA 200807-06 (apache)\n[60582] Gentoo Security Advisory GLSA 200803-19 (apache)\n[58745] Gentoo Security Advisory GLSA 200711-06 (apache)\n[57851] Gentoo Security Advisory GLSA 200608-01 (apache)\n[56246] Gentoo Security Advisory GLSA 200602-03 (Apache)\n[55392] Gentoo Security Advisory GLSA 200509-12 (Apache)\n[55129] Gentoo Security Advisory GLSA 200508-15 (apache)\n[54739] Gentoo Security Advisory GLSA 200411-18 (apache)\n[54724] Gentoo Security Advisory GLSA 200411-03 (apache)\n[54712] Gentoo Security Advisory GLSA 200410-21 (apache)\n[54689] Gentoo Security Advisory GLSA 200409-33 (net=www/apache)\n[54677] Gentoo Security Advisory GLSA 200409-21 (apache)\n[54610] Gentoo Security Advisory GLSA 200407-03 (Apache)\n[54601] Gentoo Security Advisory GLSA 200406-16 (Apache)\n[54590] Gentoo Security Advisory GLSA 200406-05 (Apache)\n[54582] Gentoo Security Advisory GLSA 200405-22 (Apache)\n[54529] Gentoo Security Advisory GLSA 200403-04 (Apache)\n[54499] Gentoo Security Advisory GLSA 200310-04 (Apache)\n[54498] Gentoo Security Advisory GLSA 200310-03 (Apache)\n[11092] Apache 2.0.39 Win32 directory traversal\n[66081] SLES11: Security update for Apache 2\n[66074] SLES10: Security update for Apache 2\n[66070] SLES9: Security update for Apache 2\n[65893] SLES10: Security update for Apache 2\n[65888] SLES10: Security update for Apache 2\n[65510] SLES9: Security update for Apache 2\n[65249] SLES9: Security update for Apache 2\n[65230] SLES9: Security update for Apache 2\n[65228] SLES9: Security update for Apache 2\n[65207] SLES9: Security update for Apache 2\n[65136] SLES9: Security update for Apache 2\n[65017] SLES9: Security update for Apache 2\n\n"}}}}}}

# print(res.keys()) --> dict_keys(['nmap', 'scan'])


for k,v in res.items():
    print(k)
    print(v)
#     nmap
#     {'command_line': 'nmap -oX - --script vulscan -sV 192.168.1.1', 'scaninfo': {'tcp': {'method': 'syn',
#                                                                                          'services': '1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389'}},
#      'scanstats': {'timestr': 'Tue Jul 23 11:18:45 2019', 'elapsed': '12.75', 'uphosts': '1', 'downhosts': '0',
#                    'totalhosts': '1'}}
#     scan
#     {'192.168.1.1': {'hostnames': [{'name': '', 'type': ''}],
#                      'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'},
#                      'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'},
#                      'status': {'state': 'up', 'reason': 'arp-response'}, 'tcp': {
#             80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '', 'extrainfo': '',
#                  'conf': '10', 'cpe': '', 'script': {
#                     'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 200 OK\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 671\n    Connection: close\n    Cache-control: no-cache\n    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\n    <html xmlns="http://www.w3.org/1999/xhtml">\n    <head>\n    <title>MW313R</title>\n    <link rel="shortcut Icon" href="../images/icon_me.ico" type="image/x-icon" />\n    <script type="text/javascript" src="../dynaform/class.js"></script>\n    <link rel="stylesheet" type="text/css" href="../dynaform/class.css" />\n    </head>\n    <body>\n    <div id="Error"></div>\n    <div id="Confirm"></div>\n    <div id="Con"></div>\n    <div id="Help"></div>\n    <div id="Cover"></div>\n    <div id="Login"></div>\n    <script type="text/javascript">\n    pageOnload();\n    </script>\n    </body>\n    </html>\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache'}},
#             1900: {'state': 'open', 'reason': 'syn-ack', 'name': 'upnp', 'product': '', 'version': '', 'extrainfo': '',
#                    'conf': '3', 'cpe': '', 'script': {
#                     'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 401 Unauthorized\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 303\n    Connection: close\n    Cache-control: no-cache\n    00007\n    00004\n    00000\n    !y!(JnH$[4P!dP[0\n    C}E$7x0Vyx{A9!)fSUcvkA4f(A*x5Oa~i34CN7PBV)BAH5!]pbAV,2o+lD,Oy>e7!4!U00LcrHJnKgJpCM0S)y24}pNK}aX2fp3(.O.hZOvQ<2wClKz}S(ERk[eC}N^{12aQ9!ZsKN3.tVmplq^3,O3)^FtusL<px5rs+xv5)AVX8sv+~Q+H[F]nKgvvhq!byk6[hrB~CK,Umf.9nz69>uX+xX3XU3NP0nO+aw!Xs3Xh*3f{<oLy^HZ49m]C+AH\n    00002\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache'}}}}}

# scan = {'hostnames': [{'name': '', 'type': ''}], 'addresses': {'ipv4': '192.168.1.1', 'mac': '48:8A:D2:C7:70:F4'}, 'vendor': {'48:8A:D2:C7:70:F4': 'Shenzhen Mercury Communication Technologies'}, 'status': {'state': 'up', 'reason': 'arp-response'}, 'tcp': {80: {'state': 'open', 'reason': 'syn-ack', 'name': 'http', 'product': '', 'version': '', 'extrainfo': '', 'conf': '10', 'cpe': '', 'script': {'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 200 OK\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 671\n    Connection: close\n    Cache-control: no-cache\n    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\n    <html xmlns="http://www.w3.org/1999/xhtml">\n    <head>\n    <title>MW313R</title>\n    <link rel="shortcut Icon" href="../images/icon_me.ico" type="image/x-icon" />\n    <script type="text/javascript" src="../dynaform/class.js"></script>\n    <link rel="stylesheet" type="text/css" href="../dynaform/class.css" />\n    </head>\n    <body>\n    <div id="Error"></div>\n    <div id="Confirm"></div>\n    <div id="Con"></div>\n    <div id="Help"></div>\n    <div id="Cover"></div>\n    <div id="Login"></div>\n    <script type="text/javascript">\n    pageOnload();\n    </script>\n    </body>\n    </html>\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache'}}, 1900: {'state': 'open', 'reason': 'syn-ack', 'name': 'upnp', 'product': '', 'version': '', 'extrainfo': '', 'conf': '3', 'cpe': '', 'script': {'fingerprint-strings': '\n  FourOhFourRequest: \n    HTTP/1.0 401 Unauthorized\n    Content-Type: text/plain;charset=UTF-8\n    Content-Length: 303\n    Connection: close\n    Cache-control: no-cache\n    00007\n    00004\n    00000\n    !y!(JnH$[4P!dP[0\n    C}E$7x0Vyx{A9!)fSUcvkA4f(A*x5Oa~i34CN7PBV)BAH5!]pbAV,2o+lD,Oy>e7!4!U00LcrHJnKgJpCM0S)y24}pNK}aX2fp3(.O.hZOvQ<2wClKz}S(ERk[eC}N^{12aQ9!ZsKN3.tVmplq^3,O3)^FtusL<px5rs+xv5)AVX8sv+~Q+H[F]nKgvvhq!byk6[hrB~CK,Umf.9nz69>uX+xX3XU3NP0nO+aw!Xs3Xh*3f{<oLy^HZ49m]C+AH\n    00002\n  GenericLines, Help: \n    HTTP/1.1 400 Bad Request\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  GetRequest: \n    HTTP/1.0 404 Not Found\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache\n  HTTPOptions, RTSPRequest, SIPOptions: \n    HTTP/1.1 405 Method Not Allowed\n    Content-Type: text/html;charset=UTF-8\n    Content-Length: 0\n    Connection: close\n    Cache-control: no-cache'}}}}
#
# for k,v in scan.items():
#     print(k)
#     print(v)
#     print('*'*20)

IPy

负责对IP处理的一个库

获取网段的IP地址

获取C段

import IPy
ip = IPy.IP('192.168.0.0/24')
print( ip.len())
print(ip[0:10])

返回结果

256
[IP('192.168.0.0'), IP('192.168.0.1'), IP('192.168.0.2'), IP('192.168.0.3'), IP('192.168.0.4'), IP('192.168.0.5'), IP('192.168.0.6'), IP('192.168.0.7'), IP('192.168.0.8'), IP('192.168.0.9')]

获取B段

import IPy
ip = IPy.IP('192.168.0.0/16')
print( ip.len())
print(ip[0:10])

返回结果

65536
[IP('192.168.0.0'), IP('192.168.0.1'), IP('192.168.0.2'), IP('192.168.0.3'), IP('192.168.0.4'), IP('192.168.0.5'), IP('192.168.0.6'), IP('192.168.0.7'), IP('192.168.0.8'), IP('192.168.0.9')]

获取A段

ip_address = '192.0.0.0/8'
ip = IPy.IP(ip_address)
print(len(ip))

返回

16777216

还可以通过这种方式生成

ip = IPy.IP('10.2.32.0-10.2.32.3')

判断包含关系

'10.0.0.1' in IP('10.0.0.0/24')

返回结果

true

判断内网or外网

import IPy
ip_address = '192.168.1.102'
ip = IPy.IP(ip_address)
print(ip.iptype())

内网返回:PRIVATE 外网返回: PUBLIC

转载地址

NMAP

nmap2

官方文档

文档2

坚持原创技术分享,您的支持将鼓励我继续创作!
------ 本文结束 ------

版权声明

LangZi_Blog's by Jy Xie is licensed under a Creative Commons BY-NC-ND 4.0 International License
由浪子LangZi创作并维护的Langzi_Blog's博客采用创作共用保留署名-非商业-禁止演绎4.0国际许可证
本文首发于Langzi_Blog's 博客( http://langzi.fun ),版权所有,侵权必究。

0%