Stop Nmap scan and preserve XML output
Nmap dev here: Sorry, but there is not an option to cleanly stop a scan and finalize the XML output. The --resume
option, as you noted, only works with Normal and Grepable output. It also cannot cope with --randomize-hosts
. Here are the stages of development we would need to undertake to make this possible:
- Extend
--resume
to parse Nmap's XML output for last completed host. Not too difficult. - Change Nmap's XML output stream to clobber the final tags of a well-formed XML file if
--append-output
or--resume
are started. Tricky, but doable. - Extend Nmap's signal handlers to finalize XML output if any. Difficult because the SIGINT and SIGSTOP signal handlers should be as small as possible and cannot rely on file handles being in a usable state. Maybe make this part of a different signal handler like SIGUSR1 or something and/or bind that to a ctrl key sequence. Also remember that Nmap must work the same on Windows, Linux, OS X, FreeBSD, Solaris, and many other platforms, so signal handling might look very different in those cases.
Feel free to add a feature request to http://issues.nmap.org/new for this, and please reference this question and answer.
EDIT: This was added in Nmap 7.40