diff --git a/config.php b/config.php index cccc5ad..c0e94e3 100644 --- a/config.php +++ b/config.php @@ -5,5 +5,6 @@ $DEFAULT_ARGS = [ 'PS' => 'ssh,http,https,msrpc,microsoft-ds', 'F' => true, 'T5' => true, + 'stylesheet' => 'lanScan.xls' ]; $NMAP_DATADIR = '/usr/share/nmap'; diff --git a/filter_inputs.php b/filter_inputs.php index db5c658..04f20ae 100644 --- a/filter_inputs.php +++ b/filter_inputs.php @@ -1,5 +1,11 @@ :"\/|?]+$/'; + $targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => "/^[\da-zA-Z-. \/]+$/"], @@ -7,19 +13,14 @@ $targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ $saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, [ 'flags' => FILTER_NULL_ON_FAILURE, - 'options' => ['regexp' => '/^[^<>:"\/|?]+$/'], + 'options' => ['regexp' => $fileNameRegex], ]); $compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_REGEXP, [ 'flags' => FILTER_NULL_ON_FAILURE, - 'options' => ['regexp' => '/^[^<>:"\/|?]+$/'], + 'options' => ['regexp' => $fileNameRegex], ]); -$hostsListRegex = "/^[\da-zA-Z-.,:\/]+$/"; -$protocolePortsListRegex = "/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/"; -$portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/"; -$tempoRegex = "/^\d+[smh]?$/"; - $inputs = filter_input_array(INPUT_GET, [ 'iR' => ['filter' => FILTER_VALIDATE_INT], 'exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], @@ -110,4 +111,5 @@ $inputs = filter_input_array(INPUT_GET, [ 'V' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'unprivileged' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'h' => ['filter' => FILTER_VALIDATE_BOOLEAN], + 'stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]], ], false) ?: $DEFAULT_ARGS; diff --git a/index.php b/index.php index b139abb..00e548b 100755 --- a/index.php +++ b/index.php @@ -19,40 +19,38 @@ include_once 'filter_inputs.php'; -
- -
+
+ +
+
+ + + + +
+

Précédents scans

diff --git a/stylesheet.xsl b/lanScan.xsl similarity index 73% rename from stylesheet.xsl rename to lanScan.xsl index 9258b71..63caec0 100755 --- a/stylesheet.xsl +++ b/lanScan.xsl @@ -19,8 +19,9 @@ - - + + + @@ -65,87 +66,39 @@ -
- -
+
+ +
+
+ + + +
+ +

diff --git a/options.php b/options.php index 3f2f052..498f563 100755 --- a/options.php +++ b/options.php @@ -21,13 +21,13 @@ include_once 'filter_inputs.php';
-

Scanner un réseau avec Nmap

+

Scanner un réseau

@@ -211,6 +211,24 @@ foreach (scandir($SCANS_DIR) as $filename) { } } } +?> + +
+ +
+ +
diff --git a/scan.php b/scan.php index 9a8b644..8eb5923 100755 --- a/scan.php +++ b/scan.php @@ -12,6 +12,11 @@ if (!file_exists($SCANS_DIR)) { mkdir($SCANS_DIR); } +if (isset($inputs["stylesheet"])) { + $basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}" . dirname($_SERVER['REQUEST_URI']); + $inputs["stylesheet"] = "$basedir/{$inputs["stylesheet"]}.xsl"; +} + $args = ''; foreach ($inputs as $arg => $value) { if (is_null($value)) { @@ -19,19 +24,18 @@ foreach ($inputs as $arg => $value) { die("Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS)); } else if ($value) { if ($value === true) { - if (strlen($arg)<=2) $args .= " -$arg"; - else $arg = "--$arg"; + if (strlen($arg) <= 2) $args .= " -$arg"; + else $args .= " --$arg"; } else { - if (strlen($arg)<=2) $args .= " -$arg" . ($value); - else $arg = "--$arg " . ($value); + if (strlen($arg) <= 2) $args .= " -$arg$value"; + else $args .= " --$arg $value"; } } } -$basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}" . dirname($_SERVER['REQUEST_URI']); - $tempPath = tempnam(sys_get_temp_dir(), 'scan_').".xml"; -exec("nmap$args --stylesheet $basedir/stylesheet.xsl -oX '$tempPath' $targets 2>&1", $stderr, $code); + +exec("nmap$args -oX '$tempPath' $targets 2>&1", $stderr, $code); if ($code) { http_response_code(500); die(implode("
\n", $stderr));