bash Script working halfway then hitting error on more specific nmap command - new to scripting

Question

I'm writing a bash script to nmap scan for open ports, the scan those ports specifically with -A

nmap -T3 -p- $1 > "openPorts.txt"   #$1 is an IP provided when calling the script

ports=$(grep "open" openPorts.txt | cut -d " " -f 1 | tr -d "/tcp" | tr '\n' ', ')

nmap -T3 -p "$ports" -A > "openPorts.txt"

however after running the script I get the print from the first nmap call in the file, then it encounters an error, the console reading:

Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-02-01 16:44 EST
WARNING: No targets were specified, so 0 hosts scanned. 
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.02 seconds

I'm new to scripting and even newer to bash so it's very possible it's a format thing. I looked for an answer online a bit but couldn't seem to figure out how to phrase the question so google knew what I was looking for.

-sidenote- I realize I can probably put the "$ports" declaration into the nmap scan but I couldn't figure out the syntax, and I'm not trying to make the most efficient thing in the world so it's not the end of the world to me.

Answer 1

What I would to to list opened ports via nmap in 3 clean methods:

nmap -T3 -oX - localhost output.xml
xmlstarlet sel -t -v '//port/@portid' -nl output.xml

I export the format to XML, then use a xpath query in xmlstarlet.

---

With grep:

nmap -T3 -oG - localhost > output.txt
grep -oP '\d+(?=/open/tcp)' output.txt

---

With grep and cut, reusing most of your code:

nmap -T3 -p- localhost > out.txt
grep 'open' out.txt | cut -d / -f1

As commented earlier, your try based on tr -d '/tcp' can't work, because tr don't remove strings but characters.

Answer 2

Basic bug fixing to the rescue; nothing to do with any actual code. I forgot to supply it the IP in the second scan. also worth noting I changed $ports to remove the last char since it would always save a comma after the final port number & changed how I'm using to just remove all letters, then the '/' character since it would be the only other char on the line. Sis this in case I want to later add an option to scan for udp in the same file since I only need the numbers anyway. I'll provide the full code in case anyone wants to point and laugh in the comments /j

#!/bin/bash

if [ "$1" == "" ]

then

echo "Please define IP:"
echo "./nmapscanner.sh [target IP]"

else

nmap -T3 -p- $1 > "openPorts.txt"   
                    #scan target IP for open ports & save
                    #port list
ports=$(grep "open" openPorts.txt | cut -d " " -f 1 | tr -d "a-z" | tr -d "/" | tr '\n' ',')
                    #cut all letters, the slash, then 
                    #replace the end line with a comma
        
nmap -T3 -p "${ports::-1}" -A $1 >> "openPorts.txt"
                    #scan the previously found open ports
                    #and add all information into the
                    #previously used txt file
gedit "openPorts.txt"&
fi