#!/bin/sh
#
#  nmap2md.sh · create a simple nmap report on markdown on the fly
#  
#  By http://github.com/fer
#
#  Usage:
#
#   1. Check alive Hosts, grab IP addresses and run scanner:
#
#   $ sudo nmap -sn 172.16.64.0/24 --exclude 172.16.64.10 -oN hostAlive.nmap 
#   $ cat hostAlive.nmap | grep for | awk {'print $5'} > ips.txt
#   $ sudo nmap -sV -n -v -Pn -p- -T4 -iL ips.txt -A --open -oX portScan.xml
# 
#   # 2. Run nmap2md.sh 
#
#   $ nmap2md.sh portScan.xml > output.md

FILE=$1

# $1: xpath string
xl_wrap() {
    xmllint --xpath $1 $FILE
}

# $1: host port count 
# $2: host count
portTable() {
    HOST_PORT_COUNT=$(xl_wrap "count(//host[${1}]//ports/port)")

    echo "| Port | State | Service | Version |";
    echo "|:-----|:------|:--------|:--------|";

    for port in `seq 1 $HOST_PORT_COUNT`        
    do
        portLine ${1} $port         
    done
}

# $1: host position
# $2: port position
portLine() {
    BASE="//host[${1}]//ports//port[${2}]"
    PORT_NUMBER=$(xl_wrap "string($BASE/@portid)")
    PORT_PROTOCOL=$(xl_wrap "string($BASE/@protocol)")
    PORT_STATE=$(xl_wrap "string($BASE//state/@state)")
    PORT_SERVICE_NAME=$(xl_wrap "string($BASE//service/@name)")
    PORT_SERVICE_PRODUCT=$(xl_wrap "string($BASE//service/@product)")
    PORT_SERVICE_VERSION=$(xl_wrap "string($BASE//service/@version)")

    echo "| $PORT_NUMBER/$PORT_PROTOCOL | $PORT_STATE | $PORT_SERVICE_NAME | $PORT_SERVICE_PRODUCT $PORT_SERVICE_VERSION |"    
}

# $1: host count
hostTable() {
    echo "| Host | OS    | Accuracy |"
    echo "|:-----|:------|:---------|"

    for host in `seq 1 ${1}`
    do
        hostLine $host
    done
}

# $1: host position
hostLine() {
    HOST_IP=$(xl_wrap "string(//host[${1}]//address[@addrtype='ipv4']/@addr)")
    HOST_OS=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@name)")
    HOST_OS_ACCURACY=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@accuracy)")

    echo "| $HOST_IP | $HOST_OS | $HOST_OS_ACCURACY% |"
}

# $1: host position
portTableHeader() {
    HOST_IP=$(xl_wrap "string(//host[${1}]//address[@addrtype='ipv4']/@addr)")
    HOST_OS=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@name)")
    HOST_OS_ACCURACY=$(xl_wrap "string(//host[${1}]//os//osmatch[1]/@accuracy)")

    echo "\n## $HOST_IP ($HOST_OS - $HOST_OS_ACCURACY%)\n"
}

# $1: host count
portsAndHosts() {
    for host in `seq 1 ${1}`
    do 
        portTableHeader ${host}
        portTable ${host} 
        echo "\n"
    done
}

########
# Main #
########

if ! [ -x "$(command -v xmllint)" ]
then
    echo "xmllint could not be found."
    echo "> apt-get install libxml2-utils"
    exit
fi

if [ $# -lt 1 ]
then 
    echo "ERROR: $0 requires a nmap xml export file as an argument.\n"
    echo "You can generate it with:"
    echo " > sudo nmap -sV -n -v -Pn -p- -T4 -iL ips.txt -A --open -oX portScan.xml\n"
    echo "Then run:"
    echo "> sh nmap2md.sh portScan.xml"

    exit
fi

HOST_COUNT=$(xl_wrap 'count(//host)')

echo "# Scanner"
echo '```bash'
echo $(xl_wrap "string(//nmaprun/@args)")
echo '```'

echo "\n# Hosts Alive ($HOST_COUNT)"

hostTable $HOST_COUNT

echo "\n# Open Ports and Running Services"
portsAndHosts $HOST_COUNT