libnmap.objects.os¶
Using libnmap.objects.os module¶
TODO
NmapOSFingerprint methods¶
-
class
libnmap.objects.os.
NmapOSFingerprint
(osfp_data)[source]¶ NmapOSFingerprint is a easier API for using os fingerprinting. Data for OS fingerprint (<os> tag) is instanciated from a NmapOSFingerprint which is accessible in NmapHost via NmapHost.os
-
get_osmatch
(osclass_obj)[source]¶ This function enables NmapOSFingerprint to determine if an NmapOSClass object could be attached to an existing NmapOSMatch object in order to respect the common interface for the nmap xml version < 1.04 and >= 1.04
This method will return an NmapOSMatch object matching with the NmapOSClass provided in parameter (match is performed based on accuracy)
Returns: NmapOSMatch object
-
ports_used
¶ Return an array of OSFPPortUsed object with the ports used to perform the os fingerprint. This dict might contain another dict embedded containing the ports_reason values.
-
NmapOSMatch methods¶
-
class
libnmap.objects.os.
NmapOSMatch
(osmatch_dict)[source]¶ NmapOSMatch is an internal class used for offering results from an nmap os fingerprint. This common interfaces makes a compatibility between old nmap xml (<1.04) and new nmap xml versions (used in nmapv6 for instance).
In previous xml version, osclass tags from nmap fingerprints were not directly mapped to a osmatch. In new xml version, osclass could be embedded in osmatch tag.
The approach to solve this is to create a common class which will, for older xml version, match based on the accuracy osclass to an osmatch. If no match, an osmatch will be made up from a concat of os class attributes: vendor and osfamily. Unmatched osclass will have a line attribute of -1.
More info, see issue #26 or http://seclists.org/nmap-dev/2012/q2/252
-
accuracy
¶ Accessor for accuracy
Returns: int
-
add_osclass
(osclass_obj)[source]¶ Add a NmapOSClass object to the OSMatch object. This method is useful to implement compatibility with older versions of NMAP by providing a common interface to access os fingerprint data.
-
get_cpe
()[source]¶ This method return a list of cpe stings and not CPE objects as the NmapOSClass.cpelist property. This method is a helper to simplify data management.
For more advanced handling of CPE data, use NmapOSClass.cpelist and use the methods from CPE class
-
line
¶ Accessor for line attribute as integer. value equals -1 if this osmatch holds orphans NmapOSClass objects. This could happen with older version of nmap xml engine (<1.04 (e.g: nmapv6)).
Returns: int
-
name
¶ Accessor for name attribute (e.g.: Linux 2.4.26 (Slackware 10.0.0))
-
osclasses
¶ Accessor for all NmapOSClass objects matching with this OS Match
-
NmapOSClass methods¶
-
class
libnmap.objects.os.
NmapOSClass
(osclass_dict)[source]¶ NmapOSClass offers an unified API to access data from analysed osclass tag. As implemented in libnmap and newer version of nmap, osclass objects will always be embedded in a NmapOSMatch. Unmatched NmapOSClass will be stored in “dummy” NmapOSMatch objects which will have the particularity of have a line attribute of -1. On top of this, NmapOSClass will have optional CPE objects embedded.
-
accuracy
¶ Accessor for OS class detection accuracy (int)
Returns: int
-
cpelist
¶ Returns a list of CPE Objects matching with this os class
Returns: list of CPE objects Return type: Array
-
description
¶ Accessor helper which returns a concataned string of the valuable attributes from NmapOSClass object
Returns: string
-
osfamily
¶ Accessor for OS family information (Windows, Linux,…)
Returns: string
-
osgen
¶ Accessor for OS class generation (7, 8, 2.4.X,…).
Returns: string
-
type
¶ Accessor for OS class type (general purpose,…)
Returns: string
-
vendor
¶ Accessor for vendor information (Microsoft, Linux,…)
Returns: string
-
OSFPPortUsed methods¶
-
class
libnmap.objects.os.
OSFPPortUsed
(port_used_dict)[source]¶ Port used class: this enables the user of NmapOSFingerprint class to have a common and clear interface to access portused data which were collected and used during os fingerprint scan
-
portid
¶ Accessor for the referenced port number used
-
proto
¶ Accessor for the portused protocol (tcp, udp,…)
-
state
¶ Accessor for the portused state (closed, open,…)
-