Using the nmap XML output for reachable virtual machines running on the same host machine - obtained with nmap -oX output.xml -sP 192.168.2.*
, I'd like to get the IP address of each machine whose "vendor" attribute is QEMU Virtual NIC
. I chose to use the XML ElementTree API to do it , but I'm having trouble isolating the host elements with the specified address elements.
Here is an excerpt of the XML output to be used:
<host><status state="up" reason="arp-response"/>
<address addr="192.168.2.93" addrtype="ipv4"/>
<address addr="52:54:00:E2:17:31" addrtype="mac" vendor="QEMU Virtual NIC"/>
<hostnames>
</hostnames>
<times srtt="1023" rttvar="5000" to="100000"/>
</host>
<host><status state="up" reason="arp-response"/>
<address addr="192.168.2.96" addrtype="ipv4"/>
<address addr="52:54:00:45:86:8A" addrtype="mac" vendor="QEMU Virtual NIC"/>
<hostnames>
</hostnames>
<times srtt="155" rttvar="5000" to="100000"/>
</host>
<host><status state="up" reason="arp-response"/>
<address addr="192.168.2.103" addrtype="ipv4"/>
<address addr="52:54:00:61:7A:E5" addrtype="mac" vendor="QEMU Virtual NIC"/>
<hostnames>
</hostnames>
<times srtt="391" rttvar="5000" to="100000"/>
</host>
Using the findall
command and the XPath
syntax below, you could find the elements that have the desired "vendor" attribute:
import xml.etree.ElementTree as ET
tree = ET.parse('output.xml')
tree.findall("./host/address/[@vendor='QEMU Virtual NIC']")
But what I really want are the host elements that contain the address elements found above, so I can find the other sub-elements of type "ipv4" to the same host and thus get its IP address. Can someone help me achieve this using XPath and ElementTree ?