From 17c5c0281870d405aa6f6d585203be994325996e Mon Sep 17 00:00:00 2001
From: adrien <adrien@malingrey.fr>
Date: Fri, 14 Apr 2023 15:11:28 +0200
Subject: [PATCH] fix stuff
---
http-info.nse | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++
nmap_cmd.php | 21 ++++++++++--
results.xsl | 13 ++++++-
scan_all.sh | 1 -
4 files changed, 125 insertions(+), 4 deletions(-)
create mode 100644 http-info.nse
diff --git a/http-info.nse b/http-info.nse
new file mode 100644
index 0000000..06213fe
--- /dev/null
+++ b/http-info.nse
@@ -0,0 +1,94 @@
+local shortport = require "shortport"
+
+description = [[
+Get and return a page info
+]]
+
+---
+-- @args http-get.path Path to get. Default /.
+--
+-- @usage nmap -p80 --script http-info.nse --script-args http-info.path=/ <target>
+--
+-- @output
+-- status: 200
+-- status-line: HTTP/1.1 200 OK\x0D
+---
+
+categories = {"discovery", "intrusive"}
+author = "Adrien Malingrey"
+license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
+
+portrule = shortport.service({"http", "https", "ssl"})
+
+
+local http = require "http"
+local stdnse = require "stdnse"
+
+action = function(host, port)
+ local scheme = ""
+ local hostaddress = (host.name ~= '' and host.name) or host.ip
+ local path = ""
+ local answer
+ local favicon_relative_uri = "favicon.ico"
+ local favicon
+
+ if (port.service == "ssl") then
+ scheme = "https"
+ else
+ scheme = port.service
+ end
+
+ if(stdnse.get_script_args('http-get.path')) then
+ path = "/" .. stdnse.get_script_args('http-info.path')
+ end
+
+ answer = http.get_url(scheme.."://"..hostaddress..":"..port.number.."/"..path)
+
+ if (answer and answer.status == 200) then
+ favicon_relative_uri = parseIcon(answer.body) or "favicon.ico"
+ end
+
+ favicon_absolute_uri = scheme.."://"..hostaddress..":"..port.number.."/"..favicon_relative_uri
+ favicon = http.get_url(favicon_absolute_uri)
+
+ if (favicon and favicon.status == 200) then
+ return {status=answer.status, ["status-line"]=answer["status-line"], favicon=favicon_absolute_uri}
+ else
+ return {status=answer.status, ["status-line"]=answer["status-line"]}
+ end
+end
+
+--- function taken from http_favicon.nse by Vlatko Kosturjak
+
+function parseIcon( body )
+ local _, i, j
+ local rel, href, word
+
+ -- Loop through link elements.
+ i = 0
+ while i do
+ _, i = string.find(body, "<%s*[Ll][Ii][Nn][Kk]%s", i + 1)
+ if not i then
+ return nil
+ end
+ -- Loop through attributes.
+ j = i
+ while true do
+ local name, quote, value
+ _, j, name, quote, value = string.find(body, "^%s*(%w+)%s*=%s*([\"'])(.-)%2", j + 1)
+ if not j then
+ break
+ end
+ if string.lower(name) == "rel" then
+ rel = value
+ elseif string.lower(name) == "href" then
+ href = value
+ end
+ end
+ for word in string.gmatch(rel or "", "%S+") do
+ if string.lower(word) == "icon" then
+ return href
+ end
+ end
+ end
+end
diff --git a/nmap_cmd.php b/nmap_cmd.php
index 116aded..5c1f60d 100644
--- a/nmap_cmd.php
+++ b/nmap_cmd.php
@@ -5,22 +5,39 @@ $__DIR__ = __DIR__;
$conf = yaml_parse_file($file);
+$xml = new SimpleXMLElement(<<<XML
+<?xml version="1.0"?>
+<?xml-stylesheet href='../results.xsl' type='text/xsl'?>
+<lanScanConf scanpath="scans/$site.xml"/>
+XML
+);
+
$targets = [];
$services = [];
foreach ($conf as $key => $value) {
- if ($key != "site") {
+ if ($key == "site") {
+ $xml->addAttribute("site", $value);
+ } else {
+ $xmlGroup = $xml->addChild("group");
+ $xmlGroup->addAttribute("name", $key);
foreach($value as $hostaddress => $servicesList) {
+ $xmlHost = $xmlGroup->addChild("host");
+ $xmlHost->addAttribute("address", $hostaddress);
$targets[$hostaddress] = true;
if ($servicesList) foreach ($servicesList as $service) {
+ $xmlService = $xmlHost->addChild("service");
+ $xmlService->addAttribute("name", $service);
$services[$service] = true;
}
}
}
}
+$xml->asXML("site/$site.xml");
+
$targets = join(array_keys($targets), " ");
$services = join(array_keys($services), ",");
-echo ("nmap -v -Pn -p $services --script smb-enum-shares,$__DIR__/nmap -oX $__DIR__/scans/.~$site.xml $targets");
+echo ("nmap -v -Pn -p $services --script smb-enum-shares,$__DIR__/http-info.nse -oX $__DIR__/scans/.~$site.xml $targets");
?>
diff --git a/results.xsl b/results.xsl
index 67cf65a..af17756 100644
--- a/results.xsl
+++ b/results.xsl
@@ -42,7 +42,18 @@
<div class="item"><xsl:value-of select="@site"/></div>
</header>
<div class="ui main container">
- <p><xsl:value-of select="$scan/runstats/finished/@summary"/></p>
+ <xsl:choose>
+ <xsl:when test="$scan/runstats/finished/@errormsg">
+ <div class="ui negative message">
+ <div class="header">Erreur</div>
+ <p><xsl:value-of select="$scan/runstats/finished/@errormsg"/></p></div>
+ </xsl:when>
+ <xsl:when test="$scan/runstats/finished/@summary">
+ <div class="ui message">
+ <p><xsl:value-of select="$scan/runstats/finished/@summary"/></p>
+ </div>
+ </xsl:when>
+ </xsl:choose>
<xsl:apply-templates select="group"/>
</div>
<script>
diff --git a/scan_all.sh b/scan_all.sh
index 5f9edbf..46b0b4a 100755
--- a/scan_all.sh
+++ b/scan_all.sh
@@ -8,7 +8,6 @@ mkdir -p "$DIR"/site
for conf in "$DIR"/confs/*.yaml
do
site="$(basename ${conf/.yaml/})"
- php "$DIR/to_xml.php" $conf > "$DIR/site/$site.xml"
php "$DIR/nmap_cmd.php" $conf | sh
mv "$DIR/scans/.~$site.xml" "$DIR/scans/$site.xml"
done