adrien/lanScan
adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

rescan named scan

Browse Source
This commit is contained in:
Adrien MALINGREY 2025-02-05 18:37:33 +01:00
parent 566a5a4c67
commit 72396e5071
5 changed files with 1031 additions and 870 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
index.php
View File

@ -9,36 +9,36 @@
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<link rel="stylesheet" type="text/css" href="style.css" />
<style>
body {
background-image: url(bg.jpg);
background-size: cover;
}
body {
background-image: url(bg.jpg);
background-size: cover;
}
body > .grid {
height: 100%;
}
body>.grid {
height: 100%;
}
.logo {
margin-right: 0 !important;
}
.logo {
margin-right: 0 !important;
}
</style>
</head>
<body>
<div class="ui middle aligned center aligned grid inverted">
<div class="ui middle aligned center aligned inverted grid">
<div class="column" style="max-width: 450px;">
<h2 class="ui inverted teal fluid image header logo">
lan<?php include 'logo.svg'; ?>can
</h2>
<?php if(isset($errorMessage)) { ?>
<div class="ui negative message">
<i class="close icon"></i>
<div class="header">Erreur</div>
<p><?=$errorMessage?></p>
</div>
<?php } ?>
<?php if (isset($errorMessage)) { ?>
<div class="ui negative message">
<i class="close icon"></i>
<div class="header">Erreur</div>
<p><?= $errorMessage ?></p>
</div>
<?php } ?>
<form id="scanForm" class="ui large form initial inverted" action="scan.php" method="get">
<div class="ui left aligned stacked segment inverted">
@ -46,17 +46,17 @@ body > .grid {
<div class="inverted field">
<select id="lanSelect" name="lan" class="search clearable selection dropdown">
<option value=""><?= $_SERVER['REMOTE_ADDR']; ?>/24</option>
<?php
if (file_exists($SCANSDIR)) {
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4);
$name = str_replace("!", "/", $name);
echo " <option value='$name'>$name</option>\n";
}
}
}
?>
<?php
if (file_exists($SCANSDIR)) {
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4);
$name = str_replace("!", "/", $name);
echo " <option value='$name'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="ui error message"></div>
@ -72,7 +72,10 @@ if (file_exists($SCANSDIR)) {
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script>
$('#lanSelect').dropdown({allowAdditions: true, clearable: true})
$('#lanSelect').dropdown({
allowAdditions: true,
clearable: true
})
$('#scanForm').form({
fields: {
@ -91,13 +94,13 @@ if (file_exists($SCANSDIR)) {
if (this.checkValidity()) {
scanForm.classList.add("loading")
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
title: 'Scan en cours...',
message: 'Merci de patienter',
class: 'info',
showIcon: 'satellite dish',
displayTime: 0,
closeIcon: true,
position: 'bottom right',
})
return true
} else {
@ -105,7 +108,6 @@ if (file_exists($SCANSDIR)) {
this.reportValidity()
}
}
</script>
</body>

121
name.php Normal file
View File

@ -0,0 +1,121 @@
<?php include_once "config.php"; ?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8" />
<title>lanScan</title>
<link rel="icon" href="favicon.ico" />
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<link rel="stylesheet" type="text/css" href="style.css" />
<style>
body {
background-image: url(bg.jpg);
background-size: cover;
}
body>.grid {
height: 100%;
}
.logo {
margin-right: 0 !important;
}
</style>
</head>
<body>
<div class="ui center aligned inverted grid">
<div class="column" style="max-width: 450px;">
<h2 class="ui inverted teal fluid image header logo" style="margin-top: 15vh">
lan<?php include 'logo.svg'; ?>can
</h2>
<?php if (isset($errorMessage)) { ?>
<div class="ui negative message">
<i class="close icon"></i>
<div class="header">Erreur</div>
<p><?= $errorMessage ?></p>
</div>
<?php } ?>
<form id="scanForm" class="ui large form initial inverted" action="scan.php" method="get">
<div class="ui left aligned stacked segment inverted">
<h4 class="ui header">Découvrir ou superviser un réseau</h4>
<div class="inverted field">
<div class="ui large input">
<input id="nameInput" type="text" name="lan" placeholder="<?= $_SERVER['REMOTE_ADDR']; ?>" list="targetsList" pattern="[a-zA-Z0-9._\/ \-]+" required
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div>
</div>
<div class="field">
<label for="nameInput">Enregistrer sous le nom (optionnel)</label>
<div class="ui small input">
<input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
title="Caractères interdits : &lt;&gt;:&quot;\/|@?">
</div>
</div>
<div class="ui error message"></div>
<button type="submit" class="ui fluid large teal labeled icon submit button">
<i class="satellite dish icon"></i>Scanner
</button>
<div class="ui divider"></div>
<a href="options.php">Options avancées</a>
</div>
</form>
<?php if (file_exists($SCANSDIR)) { ?>
<div class="ui inverted fluid card" style="margin-top: 10vh">
<div class="content">
<div class="header">Scans enregistrés</div>
</div>
<table class="ui very basic inverted table">
<tbody>
<?php
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) == '.xml') {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo "<tr><td class='selectable'><a href='$SCANSDIR/" . rawurlencode($filename) . "'>$name</a></td><td><a href='rescan.php?name=$name' class='ui mini labelled button'><i class='sync icon'></i>Rescanner</a></td></tr>\n";
}
}
}
?>
</tbody>
</table>
</div>
</div>
</div>
<datalist id='targetsList'>
<option value="<?= $_SERVER['REMOTE_ADDR']; ?>/24"></option>
<option value="<?= $_SERVER['SERVER_NAME']; ?>"></option>
</datalist>
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script>
scanForm.onsubmit = function(event) {
if (this.checkValidity()) {
scanForm.classList.add("loading")
$.toast({
title: 'Scan en cours...',
message: 'Merci de patienter',
class: 'info',
showIcon: 'satellite dish',
displayTime: 0,
closeIcon: true,
position: 'bottom right',
})
return true
} else {
event.preventDefault()
this.reportValidity()
}
}
</script>
</body>
</html

1396
options.php
View File

File diff suppressed because it is too large Load Diff

32
rescan.php Normal file
View File

@ -0,0 +1,32 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
include_once 'config.php';
$fileNameRegex = '/^[^<>:\/|?]+$/';
$name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex], "flags" => FILTER_NULL_ON_FAILURE]);
if (!$name) {
die("Paramètre manquant : name");
}
$path = "$SCANSDIR/$name.xml";
if (!file_exists($path)) {
die("Scan inconnu : $name");
}
$xml = simplexml_load_file($path);
$cmd = $xml["args"];
if (substr( $cmd, 0, 5 ) != "nmap ") {
die("Erreur : $path n'est pas un fichier de scan nmap");
}
$cmd = $NMAP . substr($xml["args"], 4);
header('Content-type: text/xml');
system("$cmd", $retcode);
exit();

272
scan.php
View File

@ -2,161 +2,165 @@
include_once 'config.php';
$targetsListRegex = '/^[\da-zA-Z-. \/]+$/';
$fileNameRegex = '/^[^<>:\/|?]+$/';
$targetsListRegex = '/^[\da-zA-Z-. \/]+$/';
$name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
if ($lan) {
$cmd = "$NMAP $LANSCANOPTIONS $lan";
$filename = str_replace("/", "!", $lan);
$cmd = "$NMAP $LANSCANOPTIONS $lan";
$filename = str_replace("/", "!", $lan);
}
$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
if ($host) {
$cmd = "$NMAP $HOSTSCANOPTIONS $host";
$filename = str_replace("/", "!", $host);
$cmd = "$NMAP $HOSTSCANOPTIONS $host";
$filename = str_replace("/", "!", $host);
}
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
if ($targets) {
$hostsListRegex = '/^[\da-zA-Z-.,:\/]+$/';
$protocolePortsListRegex = '/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/';
$portsListRegex = '/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/';
$tempoRegex = '/^\d+[smh]?$/';
$fileNameRegex = '/^[^<>:\/|?]+$/';
$hostsListRegex = '/^[\da-zA-Z-.,:\/]+$/';
$protocolePortsListRegex = '/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/';
$portsListRegex = '/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/';
$tempoRegex = '/^\d+[smh]?$/';
$inputs = filter_input_array(INPUT_GET, [
// TARGET SPECIFICATION:
'-iR' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// HOST DISCOVERY:
'-sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sP' => FILTER_VALIDATE_BOOLEAN,
'-P0' => FILTER_VALIDATE_BOOLEAN,
'-Pn' => FILTER_VALIDATE_BOOLEAN,
'-PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PE' => FILTER_VALIDATE_BOOLEAN,
'-PP' => FILTER_VALIDATE_BOOLEAN,
'-PM' => FILTER_VALIDATE_BOOLEAN,
'-PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'-PR' => FILTER_VALIDATE_BOOLEAN,
'--send-ip' => FILTER_VALIDATE_BOOLEAN,
'-n' => FILTER_VALIDATE_BOOLEAN,
'-R' => FILTER_VALIDATE_BOOLEAN,
'--dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// SCAN TECHNIQUES:
'-sS' => FILTER_VALIDATE_BOOLEAN,
'-sT' => FILTER_VALIDATE_BOOLEAN,
'-sA' => FILTER_VALIDATE_BOOLEAN,
'-sW' => FILTER_VALIDATE_BOOLEAN,
'-sM' => FILTER_VALIDATE_BOOLEAN,
'-sF' => FILTER_VALIDATE_BOOLEAN,
'-sN' => FILTER_VALIDATE_BOOLEAN,
'-sX' => FILTER_VALIDATE_BOOLEAN,
'-sU' => FILTER_VALIDATE_BOOLEAN,
'--scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]$/']],
'-sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-zA-Z\d:.-]+(:\d+)?$/']],
'-sO' => FILTER_VALIDATE_BOOLEAN,
'-b' => FILTER_VALIDATE_URL,
'--traceroute' => FILTER_VALIDATE_BOOLEAN,
'--reason' => FILTER_VALIDATE_BOOLEAN,
// PORT SPECIFICATION AND SCAN ORDER:
'-p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-F' => FILTER_VALIDATE_BOOLEAN,
'-r' => FILTER_VALIDATE_BOOLEAN,
'--top-ports' => FILTER_VALIDATE_INT,
'--port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
// SERVICE/VERSION DETECTION:
'-sV' => FILTER_VALIDATE_BOOLEAN,
'--version-light' => FILTER_VALIDATE_BOOLEAN,
'--version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'--version-all' => FILTER_VALIDATE_BOOLEAN,
'--version-trace' => FILTER_VALIDATE_BOOLEAN,
// SCRIPT SCAN:
'-sC' => FILTER_VALIDATE_BOOLEAN,
'--script' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z][a-z0-9,\-\.\/]*$/']],
'--script-args' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^([a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?)$/']],
// OS DETECTION:
'-O' => FILTER_VALIDATE_BOOLEAN,
'--osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'--osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'--max-os-tries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
// TIMING AND PERFORMANCE:
'-T' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 5]],
'--min-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-retries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
// FIREWALL/IDS EVASION AND SPOOFING:
'-f' => FILTER_VALIDATE_INT,
'--mtu' => FILTER_VALIDATE_INT,
'-D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-S' => ['filter' => FILTER_VALIDATE_IP],
'-e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z\d]+$/']],
'-g' => FILTER_VALIDATE_INT,
'--source-port' => FILTER_VALIDATE_INT,
'--data-length' => FILTER_VALIDATE_INT,
'--ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/']],
'--ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'--spoof-mac' => FILTER_VALIDATE_MAC,
'--badsum' => FILTER_VALIDATE_BOOLEAN,
// MISC:
$inputs = filter_input_array(INPUT_GET, [
// TARGET SPECIFICATION:
'-iR' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// HOST DISCOVERY:
'-sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sP' => FILTER_VALIDATE_BOOLEAN,
'-P0' => FILTER_VALIDATE_BOOLEAN,
'-Pn' => FILTER_VALIDATE_BOOLEAN,
'-PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PE' => FILTER_VALIDATE_BOOLEAN,
'-PP' => FILTER_VALIDATE_BOOLEAN,
'-PM' => FILTER_VALIDATE_BOOLEAN,
'-PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'-PR' => FILTER_VALIDATE_BOOLEAN,
'--send-ip' => FILTER_VALIDATE_BOOLEAN,
'-n' => FILTER_VALIDATE_BOOLEAN,
'-R' => FILTER_VALIDATE_BOOLEAN,
'--dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// SCAN TECHNIQUES:
'-sS' => FILTER_VALIDATE_BOOLEAN,
'-sT' => FILTER_VALIDATE_BOOLEAN,
'-sA' => FILTER_VALIDATE_BOOLEAN,
'-sW' => FILTER_VALIDATE_BOOLEAN,
'-sM' => FILTER_VALIDATE_BOOLEAN,
'-sF' => FILTER_VALIDATE_BOOLEAN,
'-sN' => FILTER_VALIDATE_BOOLEAN,
'-sX' => FILTER_VALIDATE_BOOLEAN,
'-sU' => FILTER_VALIDATE_BOOLEAN,
'--scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]$/']],
'-sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-zA-Z\d:.-]+(:\d+)?$/']],
'-sO' => FILTER_VALIDATE_BOOLEAN,
'-b' => FILTER_VALIDATE_URL,
'--traceroute' => FILTER_VALIDATE_BOOLEAN,
'--reason' => FILTER_VALIDATE_BOOLEAN,
// PORT SPECIFICATION AND SCAN ORDER:
'-p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-F' => FILTER_VALIDATE_BOOLEAN,
'-r' => FILTER_VALIDATE_BOOLEAN,
'--top-ports' => FILTER_VALIDATE_INT,
'--port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
// SERVICE/VERSION DETECTION:
'-sV' => FILTER_VALIDATE_BOOLEAN,
'--version-light' => FILTER_VALIDATE_BOOLEAN,
'--version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'--version-all' => FILTER_VALIDATE_BOOLEAN,
'--version-trace' => FILTER_VALIDATE_BOOLEAN,
// SCRIPT SCAN:
'-sC' => FILTER_VALIDATE_BOOLEAN,
'--script' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z][a-z0-9,\-\.\/]*$/']],
'--script-args' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^([a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?)$/']],
// OS DETECTION:
'-O' => FILTER_VALIDATE_BOOLEAN,
'--osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'--osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'--max-os-tries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
// TIMING AND PERFORMANCE:
'-T' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 5]],
'--min-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-retries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
// FIREWALL/IDS EVASION AND SPOOFING:
'-f' => FILTER_VALIDATE_INT,
'--mtu' => FILTER_VALIDATE_INT,
'-D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-S' => ['filter' => FILTER_VALIDATE_IP],
'-e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z\d]+$/']],
'-g' => FILTER_VALIDATE_INT,
'--source-port' => FILTER_VALIDATE_INT,
'--data-length' => FILTER_VALIDATE_INT,
'--ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/']],
'--ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'--spoof-mac' => FILTER_VALIDATE_MAC,
'--badsum' => FILTER_VALIDATE_BOOLEAN,
// MISC:
// '6' => FILTER_VALIDATE_BOOLEAN,
'-A' => FILTER_VALIDATE_BOOLEAN,
'--send-eth' => FILTER_VALIDATE_BOOLEAN,
'--privileged' => FILTER_VALIDATE_BOOLEAN,
'-V' => FILTER_VALIDATE_BOOLEAN,
'--unprivileged' => FILTER_VALIDATE_BOOLEAN,
'-h' => FILTER_VALIDATE_BOOLEAN,
'--stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
// lanScan
'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
'originalURL' => FILTER_VALIDATE_URL,
'refreshPeriod' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'sudo' => FILTER_VALIDATE_BOOLEAN,
], false);
'-A' => FILTER_VALIDATE_BOOLEAN,
'--send-eth' => FILTER_VALIDATE_BOOLEAN,
'--privileged' => FILTER_VALIDATE_BOOLEAN,
'-V' => FILTER_VALIDATE_BOOLEAN,
'--unprivileged' => FILTER_VALIDATE_BOOLEAN,
'-h' => FILTER_VALIDATE_BOOLEAN,
'--stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
// lanScan
'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
'originalURL' => FILTER_VALIDATE_URL,
'refreshPeriod' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'sudo' => FILTER_VALIDATE_BOOLEAN,
], false);
$options = "";
foreach ($inputs as $option => $value) {
if (substr($option, 0, 1) == '-') {
if (is_null($value)) {
http_response_code(400);
$errorMessage = "Valeur incorrecte pour le paramètre <var>$option</var> : " . filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once "index.php";
die();
} else if ($value) {
if ($value === true) {
$options .= " $option";
} else {
if (substr($option, 0, 2) == '--') $options .= " $option " . escapeshellarg($value);
else $options .= " $option" . escapeshellarg($value);
}
}
}
}
$options = "";
foreach ($inputs as $option => $value) {
if (substr($option, 0, 1) == '-') {
if (is_null($value)) {
http_response_code(400);
$errorMessage = "Valeur incorrecte pour le paramètre <var>$option</var> : " . filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once "index.php";
die();
} else if ($value) {
if ($value === true) {
$options .= " $option";
} else {
if (substr($option, 0, 2) == '--') $options .= " $option " . escapeshellarg($value);
else $options .= " $option" . escapeshellarg($value);
}
}
}
}
$cmd = "$NMAP$options $CUSTOMSCANOPTIONS $targets";
$filename = str_replace("/", "!", $targets);
$cmd = "$NMAP$options $CUSTOMSCANOPTIONS $targets";
$filename = str_replace("/", "!", $targets);
}
if ($cmd) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$path = "$SCANSDIR/$filename.xml";
if ($name) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
if (!file_exists($path)) $cmd .= " | tee '$path'";
$path = "$SCANSDIR/" . escapeshellarg($name) . ".xml";
$cmd .= " | tee '$path'";
}
header('Content-type: text/xml');
system("$cmd", $retcode);
header('Content-type: text/xml');
system("$cmd", $retcode);
exit();
exit();
}
include_once "index.php";