limit -o option to only status_code or some other filter

[simplegithubusername]

Hi Any option available like zmap -f, --output-fields=p Comma-separated list of fields to output --output-filter=filter Specify an output filter over fields for a given probe

actually, i just need a status_code to check if specific webpage is present on the server .

tks

[engn33r]

I can't compare since I don't use zmap, but you can solve this using other utilities. You can use the tool jq to parse the json data that zgrab2 outputs. For example, to only print out HTTP output, you might be able to use something like the below: echo "google.com" | zgrab2 http | jq '.domain,.data.http.result.response.status_code'

[mzpqnxow]

I don't think this is a feature that makes sense as logic performed by zgrab2- not because it's a bad idea necessarily, just because it doesn't fit into the role of zgrab2 in my opinion- it's more of a raw protocol gathering tool and it does that very well. As @engn33r suggested, you can do this very easily after a collection via jq (or a very, very simple stub in a language of your choice)

By the way, if you make use of triggers, you may find the following expression helpful. It's a little different than the standard expression because the output when using triggers causes the trigger name to be used as a key- which can make parsing it problematic

jq '.data | to_entries[] | select(.value?.result?.response?.status_code? == 200) | .'

If you're not using triggers then it's more straightforward, expanding on @engn33r's suggestion, it should be something like this for what you're trying to do:

jq '.[] |select(.result?.response?.status_code? == 200) | .'

To be honest, if all you're trying to do is filter for status code 200, you can do this very easily with grep ... it's not perfect, but you can just use:

grep '"status_code":200,'