adrien/lanScan
adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

scan options draft

Browse Source
This commit is contained in:
Adrien MALINGREY 2024-10-08 05:13:40 +02:00
parent d5dd51921c
commit 7062b94aaa
7 changed files with 147 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config.php
View File

@ -1,4 +1,5 @@
<?php <?php
$SCANS_DIR = 'scans'; $SCANS_DIR = 'scans';
$NMAP_DATADIR = '/usr/share/nmap';
$NMAP_OPTIONS = '-PSssh,http,https,msrpc,microsoft-ds -F -T5'; $NMAP_OPTIONS = '-PSssh,http,https,msrpc,microsoft-ds -F -T5';

31
index.php
View File

@ -20,26 +20,29 @@
<a class="header item" href="."> <a class="header item" href=".">
lan<?php include 'logo.svg'; ?>can lan<?php include 'logo.svg'; ?>can
</a> </a>
<form class="right menu"> <div class="right menu">
<div class="ui category search item"> <form class="ui category search item" onsubmit="targetsInputDiv.classList.add('loading')">
<div class="ui icon input"> <div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" required="" <input class="prompt" type="text" id="targetsInput" name="targets" required="" oninput="hiddenInput.value=this.value"
pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" placeholder="Scanner un réseau..." pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemple: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>"/> Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>"/>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
<button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button> <button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button>
</div> </div>
</div>
<div class="item" >
<button class="ui teal button" type="submit" formaction="scan-options.php" formmethod="get">Options</button>
</div>
</form> </form>
<form class="item" method="get" action="scan-options.php">
<input id="hiddenInput" type="hidden" name="targets" value="<?=$targets; ?>"/>
<button class="ui teal submit button" type="submit">Options</button>
</form>
</div>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
<h1 class="ui header">Scans</h1> <div class="ui large relaxed card">
<ul class="ui large relaxed link list"> <div class="content"><div class="header">Scans</div></div>
<div class="content">
<div class="ui link divided list">
<?php <?php
if (!file_exists($SCANS_DIR)) { if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR); mkdir($SCANS_DIR);
@ -47,11 +50,13 @@ if (!file_exists($SCANS_DIR)) {
foreach (scandir($SCANS_DIR) as $scan) { foreach (scandir($SCANS_DIR) as $scan) {
if (substr($scan, -4) == '.xml') { if (substr($scan, -4) == '.xml') {
$targets = str_replace('!', '/', substr_replace($scan, '', -4)); $targets = str_replace('!', '/', substr_replace($scan, '', -4));
echo "<li><a class='item' href='scan.php?targets=".urlencode($targets)."'>$targets</a></li>\n"; echo "<a class='item' href='scan.php?targets=".urlencode($targets)."'>$targets</a>\n";
} }
} }
?> ?>
</ul> </div>
</div>
</div>
</main> </main>
</body> </body>

14
ports.php Normal file
View File

@ -0,0 +1,14 @@
<?php
include_once 'config.php';
$nmap_services = file("$NMAP_DATADIR/nmap-services");
foreach ($nmap_services as $service) {
$comment = strpos($service, '#');
if ($comment !== 0) {
[$name, $port] = explode("\t", $service);
[$portid, $protocole] = explode('/', $port);
$protocole = strtoupper(substr($protocole, 0, 1));
echo "<option value=$portid></option><option value=$protocole:$portid></option><option value=$name></option>\n";
}
}

98
scan-options.php
View File

@ -1,19 +1,15 @@
<?php <?php include_once 'common.php'; ?>
include_once 'common.php';
if (!$targets) {
$targets = $_SERVER['SERVER_NAME'].' '.$_SERVER['REMOTE_ADDR'];
}
?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fr"> <html lang="fr">
<head> <head>
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>lanScan</title> <title>lanScan</title>
<link rel="icon" href="favicon.ico" />
<script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" /> <link rel="stylesheet" type="text/css"
href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script> <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" /> <link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
@ -23,44 +19,98 @@ if (!$targets) {
<body> <body>
<nav class="ui inverted teal fixed menu"> <nav class="ui inverted teal fixed menu">
<a class="header item" href="."> <a class="header item" href=".">
lan<?php include 'logo.svg'; ?>can lan
<?php include 'logo.svg'; ?>can
</a> </a>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
<div class="ui segment">
<form id="newScanForm" class="ui form" method="get" action="scan.php"> <form id="newScanForm" class="ui form" method="get" action="scan.php">
<h1 class="header">Nouveau scan</h1> <h1 class="header">Nouveau scan</h1>
<div class="field"> <!--<div class="field">
<label for="nameInput">Nom</label> <label for="nameInput">Nom</label>
<input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+' <input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
title='Nom de fichier valide (ne contenant pas les caractères &lt;&gt;:&quot;\/|@?)' title='Nom de fichier valide (ne contenant pas les caractères &lt;&gt;:&quot;\/|@?)'
value="<?= htmlspecialchars($name); ?>"> value="<?= htmlspecialchars($name); ?>">
</div>-->
<div class="required field">
<label for="targetsInput">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles" required=""
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= htmlspecialchars($targets); ?>" list="targetsList" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>" />
</div>
<fieldset class="ui segment">
<legend class="ui header">Découverte des hôtes</legend>
<div class="inline field">
<div class="ui checkbox">
<input type="checkbox" id="PnInput" name="Pn"/>
<label for="PnInput">Tous les hôtes</label>
</div>
</div> </div>
<div class="field"> <div class="field">
<label for="targetsInput">Cibles</label> <label>Ping TCP SYN</label>
<input id="targetsInput" type="text" name="targets" placeholder="scanme.nmap.org 192.168.0.0/24" required="" <input type="text" id="PSInput" name="PS" placeholder="Port" list="servicesList" pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. title="Liste de ports ex: 22,23,25,80,113,1050,35000">
Exemple: scanme.nmap.org microsoft.com/24 192.168.0.1 10.0-255.0-255.1-254"
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= htmlspecialchars($targets); ?>" />
</div> </div>
<button id="newScanSubmitButton" type="submit" class="ui fluid large teal submit button">Démarrer</button> </fieldset>
<fieldset class="ui segment">
<legend class="ui header">Techniques de scan</legend>
<div class="field">
<label>Ne scanner que les ports</label>
<input type="text" id="pInput" name="p" placeholder="Port" list="servicesList" pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*"
title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
</div>
</fieldset>
<button type="submit" class="ui fluid large teal submit button">Démarrer</button>
</form> </form>
</div>
<datalist id='targetsList'>
<option value="<?=$_SERVER['REMOTE_ADDR']; ?>"></option>
<option value="<?=$_SERVER['REMOTE_ADDR']; ?>/24"></option>
<option value="<?=$_SERVER['SERVER_NAME']; ?>"></option>
</datalist>
<datalist id='servicesList'>
<?php
$nmap_services = file("$NMAP_DATADIR/nmap-services");
$services = [];
foreach ($nmap_services as $service) {
if (strpos($service, '#') !== 0) {
[$name, $port] = explode("\t", $service);
$services[$name] = $port;
}
}
foreach ($services as $name => $port) {
echo " <option value='$name'></option>\n";
}
?>
</datalist>
</main> </main>
<script> <script>
tagify = new Tagify(targetsInput, { new Tagify(targetsInput, {
pattern: /[a-zA-Z\d.-_/]+/, pattern: /^[a-zA-Z\d._/-]+$/,
delimiters: " ", delimiters: " ",
originalInputValueFormat: tags => tags.map(tag => tag.value).join(' ') originalInputValueFormat: tags => tags.map(tag => tag.value).join(' '),
whitelist: Array.from(targetsInput.list.options).map(option => option.value),
}) })
newScanForm.onsubmit = function(event) { new Tagify(pInput, {
if (this.checkValidity()) return true pattern: /^(([TU]:)?[\d-]+|[a-z-]+)$/,
delimiters: ",",
originalInputValueFormat: tags => tags.map(tag => tag.value).join(','),
whitelist: Array.from(pInput.list.options).map(option => option.value),
})
newScanForm.onsubmit = function (event) {
if (this.checkValidity()) {
newScanForm.classList.add("loading")
return true
} else {
event.preventDefault() event.preventDefault()
this.reportValidity() this.reportValidity()
newScanSubmitButton.innerHTML = "<div class='ui active inline inverted loader'></div>" }
} }
</script> </script>
</body> </body>

2
server.php Normal file
View File

@ -0,0 +1,2 @@
<?php
var_dump($_SERVER);

4
style.css
View File

@ -15,6 +15,10 @@
--placeholder-color-focus: rgba(115,115,115,.87); --placeholder-color-focus: rgba(115,115,115,.87);
} }
.ui.table {
caption-side: bottom;
}
.ui.label { .ui.label {
margin: .14285714em; margin: .14285714em;
} }

39
stylesheet.xsl
View File

@ -13,9 +13,10 @@
<html lang="fr"> <html lang="fr">
<head> <head>
<meta charset="utf-8" /> <meta charset="utf-8" />
<meta http-equiv="refresh" content="60"/> <meta http-equiv="refresh" content="60" />
<title>lanScan - <xsl:value-of select="$targets" /></title> <title>lanScan - <xsl:value-of select="$targets" />
<link rel="icon" href="favicon.ico"/> </title>
<link rel="icon" href="favicon.ico" />
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" /> <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" /> <link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
<link href="https://cdn.datatables.net/v/dt/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/fh-4.0.1/r-3.0.3/datatables.css" rel="stylesheet" /> <link href="https://cdn.datatables.net/v/dt/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/fh-4.0.1/r-3.0.3/datatables.css" rel="stylesheet" />
@ -82,22 +83,22 @@
</svg> </svg>
<xsl:text>can</xsl:text> <xsl:text>can</xsl:text>
</a> </a>
<div class="right menu">
<form class="right menu"> <form class="ui category search item" onsubmit="targetsInputDiv.classList.add('loading')">
<div class="ui category search item"> <div id="targetsInputDiv" class="ui icon input">
<div class="ui icon input"> <input class="prompt" type="text" id="targetsInput" name="targets" required="" oninput="hiddenInput.value=this.value"
<input class="prompt" type="text" id="targetsInput" name="targets" required=""
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..." pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemple: 192.168.1.0/24 scanme.nmap.org"/> Exemples: 192.168.1.0/24 scanme.nmap.org"/>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
<button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button> <button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button>
</div> </div>
</div>
<div class="item" >
<button class="ui teal button" type="submit" formaction="scan-options.php" formmethod="get">Options</button>
</div>
</form> </form>
<form class="item" method="get" action="scan-options.php">
<input id="hiddenInput" type="hidden" name="targets" value="{$targets}"/>
<button class="ui teal submit button" type="submit">Options</button>
</form>
</div>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
@ -115,12 +116,9 @@ Exemple: 192.168.1.0/24 scanme.nmap.org"/>
</div> </div>
</xsl:if> </xsl:if>
<h1 class="ui header">
<xsl:value-of select="$targets" />
</h1>
<xsl:if test="$init"> <xsl:if test="$init">
<div class="ui info message"> <div class="ui info message">
<i class="calendar icon"></i>
<xsl:text>Comparaison avec le scan de </xsl:text> <xsl:text>Comparaison avec le scan de </xsl:text>
<xsl:value-of select="$init/runstats/finished/@timestr" /> <xsl:value-of select="$init/runstats/finished/@timestr" />
</div> </div>
@ -245,11 +243,14 @@ Exemple: 192.168.1.0/24 scanme.nmap.org"/>
</xsl:attribute> </xsl:attribute>
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'"> <xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href"> <xsl:attribute name="href">
<xsl:value-of select="service/@name" />://<xsl:value-of select="$hostAddress" />:<xsl:value-of select="@portid" /> <xsl:value-of select="service/@name" />
:// <xsl:value-of select="$hostAddress" />
: <xsl:value-of select="@portid" />
</xsl:attribute> </xsl:attribute>
</xsl:if> </xsl:if>
<xsl:if test="service/@name='ms-wbt-server'"> <xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress" />&amp;p=<xsl:value-of select="@portid" /> <xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress" />
&amp;p=<xsl:value-of select="@portid" />
</xsl:attribute> </xsl:attribute>
</xsl:if> </xsl:if>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> <xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">