#!/usr/bin/perl

#
# Copyright (c) 2005 by Matteo Cantoni (nothink.org)
#
# nmapdb.pl - script to insert nmap's results into mysql
#
# To create db: http://www.nothink.org/perl/create_nmapdb.txt
#

use strict;
use DBI;
use Getopt::Std;

####################### user configurable parameters #######################
my @ports    = ("21","22","23","25","80","110","443","3306");
my $nmap     = '/usr/bin/nmap';
my $host_db  = "127.0.0.1";
my $user_db  = "nmapdb";
my $pass_db  = "password";
my $database = "nmapdb";
my $table    = "tbl_results";
############################################################################

my $name    = "nmapdb.pl";
my $version = "v0.1";
my $contact = "nothink.org";

our ($opt_t, $opt_i, $opt_d, $opt_h);

my $usage = "$name $version - $contact\n
 usage ./$name -t <target> [-i] [-d] [-h]\n
\t-t : target host or ip address range;
\t-i : optional list of targets;
\t-d : simple debug;
\t-h : show help menu;
\n Set parameters in \"user configurable parameters\" section.\n\n";

getopts('t:i:dh');
die $usage if $opt_h;
die $usage if !$opt_t && !$opt_i;
die $usage if  $opt_t &&  $opt_i;

my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); $year += 1900;
my $date = "$year-$mon-$mday"; chomp $date;

my ($dsn,$dbh,$sth,$sql);
my (@results,@ip,@port);

$|=1;

my $ports = join(',', @ports);

print "$name $version - $contact\n\n";
print " [+] ports $ports\n";
print " [+] scan in progress...";

@results = `$nmap -P0 -n -p $ports $opt_t | egrep "((Interesting+|open))"` if $opt_t;
@results = `$nmap -P0 -n -p $ports -iL $opt_i | egrep "((Interesting+|open))"` if $opt_i;

chomp @results;

print "\n\n";

$dsn = "DBI:mysql:database=$database;host=$host_db;";
$dbh = DBI->connect($dsn,$user_db,$pass_db, { PrintError => 1 }) or die $DBI::errstr;

foreach (@results){
	if ($_ =~ m/^Interesting/){
		@ip = split(/ /, $_);
		$ip[3] =~ tr/:/ /;
	}	

	if ($_ =~ m/^\d{1,5}/){
		@port = split(/\//, $_);
		print " $date $ip[3] $port[0]\n" if $opt_d;
		$sql = "INSERT INTO $table (date_ins,host,port) VALUES (\"$date\",\"$ip[3]\",\"$port[0]\")";
		$sth = $dbh->prepare($sql) or die(" [-] Error: couldn't prepare select...");
		$sth->execute;
		$sth->finish();
	}
}

$dbh->disconnect;

print "\n" if $opt_d;

exit(0);