You're looking for the keyword - Status: INFECTED Use the -oA flag to dump output into XML, greppable nmap (not useful for this exercise, the NSE results aren't in there) and plain text.
>From there, you can grep your output for "INFECTED" with the -B7 flag to show you just those systems infected. - Chris Merkel 2009/3/31 Dan Baxter <[email protected]>: > So forgive my lack of nmap-fu, but if I run this what am I looking for? I > get back responses that list some with 445 open, some closed and a few > filtered. How do I determine which may be infected. > > > for clarification I'm running nmap -p 445 --script smb-check-vulns.nse > > Thanks > > Dan Baxter > ------------------------------------------------- > Quis custodiet ipsos custodes? > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
