Bash Aliases

The following bash aliases are useful for quickly extracting IP addresses from nmap and nessus and sorting the resulting IP addresses. I keep these aliases in my .bash_aliases file so I have access to them in all my terminals.

alias sortip="sort -u -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4"

sortip takes a list of IP addresses and sorts them as you would expect to see then which is not what you would get if you just ran sort or sort -n as neither lexicographic or numeric sorting will handle the mix of numbers and symbols. Instead you need to split the IP address into the 4 sets of dotted quads and sort them independently. The other aliases included call this or you can call it independently. It reads from STDIN and prints to STDOUT.

alias nmapip="cut -f 2 -d \" \" | sortip"

nmapip is useful to just extract IP address from a grepable nmap file. All it does is select the second field of from STDIN delimited by a space, which is where the IP address in a grepable nmap file is located and then pipes the output to sortip. For example, to print all the hosts that have port 5900 open you could run the following command:

grep 5900/open nmap.gnmap | nmapip

alias nbeip="cut -f 3 -d \| | sortip"

nbeip is useful to get a list of IP addresses from a nessus nbe file that meet the criteria you grep for. It simply pulls the third field delimited my pipe, which is where the IP address in a nbe file is and then sorts the output. For example if you wanted to find all the hosts missing ms08-067 from a nbe file you could run the following command.

grep ms08-067 nessus.nbe | nbeip

Submitted by Brian Johnson