Xmlstarlet commands

This page will compile a list of useful xmlstarlet commands when handling Nmap's XML output.

XML to JSON

Selects script output tags and generates its JSON object

xmlstarlet sel -t -m "//host/ports/port/script" -o "{ip:'" -v "ancestor::host/address[@addrtype='ipv4']/@addr" -o "', hostname:'" -v "concat(ancestor::host/hostnames/hostname/@name,)" -o "', proto:'" -v "../@protocol" -o "', port:" -v "../@portid" -o ", service:'" -v "../service/@name" -o "', script:'" -v "@id" -o "', script-output:'" -v "@output" -o "'}" -n <XML INPUT FILE>

Output:

{ip:"xx.xx.xx.xx", hostname:"", proto:"tcp", port:80, service:"http", script:"http-server-header", script-output:"Apache/2.2.15 (CentOS)"}

Filter ip addresses with open ports

Selects IP addresses with open ports.

xmlstarlet sel -t -m "//host[ports/port/state/@state='open']" -v "address[@addrtype='ipv4']/@addr" -n myscan.xml

Selects IP addresses with tcp/443 open.

xmlstarlet sel -t -m "//host[ports/port[@protocol='tcp' and @portid='443']/state/@state='open']" -v "address[@addrtype='ipv4']/@addr" -n myscan.xml

Personal tools

Namespaces

Variants

Views

More

Search

Xmlstarlet commands

XML to JSON

Filter ip addresses with open ports

Navigation menu