adrien/lanScan
adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

saveAs and compareWith as URL

Browse Source
This commit is contained in:
Adrien MALINGREY 2024-10-14 00:49:19 +02:00
parent 76e1832c28
commit ad79495608
7 changed files with 592 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
config.php
View File

@ -1,10 +1,18 @@
<?php
$SCANS_DIR = 'scans';
$DEFAULT_ARGS = [
'PS' => 'ssh,http,https,msrpc,microsoft-ds',
'F' => true,
'T5' => true,
'stylesheet' => 'lanScan.xls'
$BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}" . dirname($_SERVER['REQUEST_URI']);
$LANSCAN_OPTIONS = [
'PS' => 'ssh,http,https,msrpc,microsoft-ds',
'F' => true,
'T5' => true,
'stylesheet' => "$BASEDIR/lanScan.xsl"
];
$NMAP_DATADIR = '/usr/share/nmap';
$HOSTSCAN_OPTIONS = [
'sV' => true,
'stylesheet' => "$BASEDIR/hostScan.xsl"
];
$SCANSDIR = 'scans';
$DATADIR = '/usr/share/nmap';

24
filter_inputs.php
View File

@ -1,25 +1,17 @@
<?php
$targetsListRegex = "/^[\da-zA-Z-. \/]+$/";
$hostsListRegex = "/^[\da-zA-Z-.,:\/]+$/";
$protocolePortsListRegex = "/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/";
$portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/";
$tempoRegex = "/^\d+[smh]?$/";
$fileNameRegex = '/^[^<>:"\/|?]+$/';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => "/^[\da-zA-Z-. \/]+$/"],
]);
$saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => $fileNameRegex],
]);
$compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => $fileNameRegex],
]);
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex]]);
$compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_URL);
$inputs = filter_input_array(INPUT_GET, [
'iR' => ['filter' => FILTER_VALIDATE_INT],
@ -111,5 +103,5 @@ $inputs = filter_input_array(INPUT_GET, [
'V' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'unprivileged' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'h' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
], false) ?: $DEFAULT_ARGS;
'stylesheet' => ['filter' => FILTER_VALIDATE_URL],
], false) ?: $LANSCAN_OPTIONS;

419
hostScan.xsl Executable file
View File

@ -0,0 +1,419 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="saveAs" select=""/>
<xsl:param name="scansDir" select="scans"/>
<xsl:param name="compareWith" select=""/>
<xsl:variable name="nextCompareWith">
<xsl:choose>
<xsl:when test="$saveAs"><xsl:value-of select="$saveAs"/></xsl:when>
<xsl:when test="$compareWith"><xsl:value-of select="$compareWith"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/..')"/>
<xsl:variable name="init" select="document($compareWith)/nmaprun"/>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<xsl:variable name="refreshURL">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>compareWith=</xsl:text>
<xsl:value-of select="$nextCompareWith"/>
</xsl:variable>
<html lang="fr">
<head>
<meta charset="utf-8"/>
<meta http-equiv="refresh">
<xsl:attribute name="content">
<xsl:text>60;URL=</xsl:text>
<xsl:value-of select="$refreshURL"/>
</xsl:attribute>
</meta>
<title>
<xsl:text>lanScan - </xsl:text>
<xsl:value-of select="$targets"/>
</title>
<link rel="icon" href="{$basedir}/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css"/>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css"/>
<link href="https://cdn.datatables.net/v/dt/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/fh-4.0.1/r-3.0.3/datatables.css" rel="stylesheet"/>
<link href="{$basedir}/style.css" rel="stylesheet" type="text/css"/>
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/pdfmake.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/v/dt/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/fh-4.0.1/r-3.0.3/datatables.js"></script>
</head>
<body>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href=".">
<xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><defs id="defs206"/><g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)"><g id="g147"><g id="g145"><path d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z" id="path143"/></g></g><g id="g153"><g id="g151"><path d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z" id="path149"/></g></g><g id="g159"><g id="g157"><path d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z" id="path155"/></g></g><g id="g165"><g id="g163"><rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161"/></g></g><g id="g171"><g id="g169"><rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167"/></g></g><g id="g173"></g><g id="g175"></g><g id="g177"></g><g id="g179"></g><g id="g181"></g><g id="g183"></g><g id="g185"></g><g id="g187"></g><g id="g189"></g><g id="g191"></g><g id="g193"></g><g id="g195"></g><g id="g197"></g><g id="g199"></g><g id="g201"></g></g></svg>
<xsl:text>can</xsl:text>
</a>
<form class="right menu">
<div class="ui category search item">
<div id="lanInputDiv" class="ui icon input">
<input class="prompt" type="text" id="lanInput" name="lan" oninput="hiddenInput.value=this.value" required=""
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<i class="satellite dish icon"></i>
</div>
<input type="hidden" name="compareWith" value="{$nextCompareWith}"/>
<button style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php" onsubmit="lanInputDiv.classList.add('loading')"></button>
</div>
<div class="item">
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
</div>
<div class="item">
<a class="ui teal icon button" href="{$refreshURL}">
<i class="sync icon"></i>
</a>
</div>
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<main class="ui main container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Adresse IP</th>
<th>Nom</th>
<th class="ten wide">Services</th>
<th></th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</tbody>
</table>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
DataTable.ext.type.detect.unshift(function (d) {
return /[\d]+\.[\d]+\.[\d]+\.[\d]+/.test(d)
? 'ipv4-address'
: null;
});
DataTable.ext.type.order['ipv4-address-pre'] = function (ipAddress) {
[a, b, c, d] = ipAddress.split(".").map(Number)
return 16777216*a + 65536*b + 256*c + d;
};
var table = $('#scanResultsTable').DataTable({
buttons: ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu: [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
<xsl:if test="runstats/finished/@summary">
$.toast({
title: '<xsl:value-of select="runstats/finished/@exit"/>',
message: '<xsl:value-of select="runstats/finished/@summary"/>',
showIcon: 'satellite dish',
displayTime: 'auto',
closeIcon: true,
position: 'bottom right',
})
</xsl:if>
<xsl:if test="runstats/finished/@errormsg">
$.toast({
title: '<xsl:value-of select="runstats/finished/@exit"/>',
message: '<xsl:value-of select="runstats/finished/@errormsg"/>',
showIcon: 'exclamation triangle',
class: 'error',
displayTime: 'auto',
closeIcon: true,
position: 'bottom right',
})
</xsl:if>
<xsl:if test="$init">
$.toast({
message: 'Comparaison avec les résultats du <xsl:value-of select="$init/runstats/finished/@timestr"/>',
class: 'info',
showIcon: 'calendar',
displayTime: 'auto',
closeIcon: true,
position: 'bottom right',
})
</xsl:if>
</script>
</body>
</html>
</xsl:template>
<xsl:template name="optionsList">
<xsl:param name="argList" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="nextArgs" select="substring-after($argList, ' -')"/>
<xsl:variable name="argAndValue">
<xsl:choose>
<xsl:when test="$nextArgs">
<xsl:value-of select="substring-before($argList, ' -')"/>
</xsl:when>
<xsl:otherwise><xsl:value-of select="$argList"/></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, '-')">
<xsl:choose>
<xsl:when test="contains($argAndValue, ' ')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring(substring-before($argAndValue, ' '), 2)"/>
<xsl:with-param name="value" select="substring-after($argAndValue, ' ')"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 2)"/>
<xsl:with-param name="value" select="on"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:otherwise>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, 'P') or starts-with($argAndValue, 's') or starts-with($argAndValue, 'o')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 2)"/>
<xsl:with-param name="value" select="substring($argAndValue, 3)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 1)"/>
<xsl:with-param name="value" select="substring($argAndValue, 2)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$nextArgs">
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="$nextArgs"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:if>
</xsl:template>
<xsl:template name="input">
<xsl:param name="name"/>
<xsl:param name="value" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:choose>
<xsl:when test="$asURL">
<xsl:value-of select="$name"/>
<xsl:text>=</xsl:text>
<xsl:choose>
<xsl:when test="$value"><xsl:value-of select="$value"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
<xsl:text>&amp;</xsl:text>
</xsl:when>
<xsl:otherwise>
<input type="hidden" name="{$name}">
<xsl:attribute name="value">
<xsl:choose>
<xsl:when test="$value"><xsl:value-of select="$value"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</input>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">positive</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<xsl:choose>
<xsl:when test="$currentHost">
<div>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">ui green circular label</xsl:when>
<xsl:otherwise>ui red circular label</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentHost/status/@state"/>
</div>
</xsl:when>
<xsl:otherwise><div class="ui red circular label">down</div></xsl:otherwise>
</xsl:choose>
</td>
<td>
<xsl:value-of select="address/@addr"/>
</td>
<td>
<b><xsl:value-of select="hostnames/hostname/@name"/></b>
</td>
<td>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:sort select="@portid" order="ascending"/>
</xsl:apply-templates>
</td>
<td>
<a class="ui right labeled tiny teal icon button" onclick="console.log(this);this.getElementsByTagName('i').className = 'loading spinner icon'">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?host=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
Scanner
</a>
</td>
</tr>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<a class="ui label" target="_blank">
<xsl:attribute name="class">
<xsl:text>ui label </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange disabled</xsl:when>
<xsl:otherwise>red disabled</xsl:otherwise>
</xsl:choose>
<xsl:choose>
<xsl:when test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> mini dropdown button share-size</xsl:when>
<xsl:otherwise> small</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href">
<xsl:value-of select="service/@name"/>
<xsl:text>://</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:value-of select="service/@name"/>
<div class="detail">
<xsl:choose>
<xsl:when test="@protocol='udp'">U:</xsl:when>
<xsl:otherwise>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</div>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>

37
index.php
View File

@ -25,31 +25,26 @@ include_once 'filter_inputs.php';
</a>
<form class="right menu">
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" oninput="hiddenInput.value=this.value" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
<div id="lanInputDiv" class="ui icon input">
<input class="prompt" type="text" id="lanInput" name="lan" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
<i class="satellite dish icon"></i>
</div>
<?php
foreach($inputs as $name => $value) {
echo " <input type='hidden' name='$name' value='$value'/>\n";
}
?>
<button style="display: none;" type="submit" formmethod="get" formaction="scan.php" onsubmit="targetsInputDiv.classList.add('loading')"></button>
<i class="satellite dish icon"></i>
</div>
<button style="display: none;" type="submit" formmethod="get" formaction="scan.php" onsubmit="lanInput.classList.add('loading')"></button>
</div>
<div class="item">
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="lanInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
</div>
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</form>
</div>
</div>
</form>
</nav>
<main class="ui main container">
@ -58,13 +53,13 @@ echo " <input type='hidden' name='$name' value='$value'/>\n";
<div class="content">
<div class="ui divided link list">
<?php
if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR);
if (!file_exists($SCANSDIR)) {
mkdir($SCANSDIR);
}
foreach (scandir($SCANS_DIR) as $filename) {
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) == '.xml') {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo "<a class='item' href='".htmlentities("$SCANS_DIR/$filename", ENT_QUOTES)."'>$name</a>\n";
echo "<a class='item' href='".htmlentities("$SCANSDIR/$filename", ENT_QUOTES)."'>$name</a>\n";
}
}
?>

187
lanScan.xsl
View File

@ -11,7 +11,7 @@
<xsl:param name="saveAs" select=""/>
<xsl:param name="scansDir" select="scans"/>
<xsl:param name="compareWith" select=""/>
<xsl:variable name="name">
<xsl:variable name="nextCompareWith">
<xsl:choose>
<xsl:when test="$saveAs"><xsl:value-of select="$saveAs"/></xsl:when>
<xsl:when test="$compareWith"><xsl:value-of select="$compareWith"/></xsl:when>
@ -21,10 +21,22 @@
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/..')"/>
<xsl:variable name="init" select="document(concat($basedir, '/', $scansDir, '/', $compareWith, '.xml'))/nmaprun"/>
<xsl:variable name="init" select="document($compareWith)/nmaprun"/>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<xsl:variable name="refreshURL">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>compareWith=</xsl:text>
<xsl:value-of select="$nextCompareWith"/>
</xsl:variable>
<html lang="fr">
<head>
@ -32,24 +44,12 @@
<meta http-equiv="refresh">
<xsl:attribute name="content">
<xsl:text>60;URL=</xsl:text>
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' --stylesheet')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>compareWith=</xsl:text>
<xsl:value-of select="$name"/>
<xsl:value-of select="$refreshURL"/>
</xsl:attribute>
</meta>
<title>
<xsl:text>lanScan - </xsl:text>
<xsl:choose>
<xsl:when test="string-length($name)"><xsl:value-of select="$name"/></xsl:when>
<xsl:otherwise><xsl:value-of select="$targets"/></xsl:otherwise>
</xsl:choose>
<xsl:value-of select="$targets"/>
</title>
<link rel="icon" href="{$basedir}/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css"/>
@ -74,24 +74,26 @@
</a>
<form class="right menu">
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" oninput="hiddenInput.value=this.value" required=""
<div id="lanInputDiv" class="ui icon input">
<input class="prompt" type="text" id="lanInput" name="lan" oninput="hiddenInput.value=this.value" required=""
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<i class="satellite dish icon"></i>
</div>
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' --stylesheet')"/>
</xsl:call-template>
<xsl:if test="string-length($name)"><input type="hidden" name="compareWith" value="{$name}"/></xsl:if>
<button style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php" onsubmit="targetsInputDiv.classList.add('loading')"></button>
<input type="hidden" name="compareWith" value="{$nextCompareWith}"/>
<button style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php" onsubmit="lanInputDiv.classList.add('loading')"></button>
</div>
<div class="item">
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
</div>
<div class="item">
<a class="ui teal icon button" href="{$refreshURL}">
<i class="sync icon"></i>
</a>
</div>
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
@ -101,15 +103,7 @@ Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
</nav>
<main class="ui main container">
<h1 class="ui header">
<xsl:choose>
<xsl:when test="string-length($name)">
<xsl:value-of select="$name"/>
<div class="sub header"><xsl:value-of select="$targets"/></div>
</xsl:when>
<xsl:otherwise><xsl:value-of select="$targets"/></xsl:otherwise>
</xsl:choose>
</h1>
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
@ -118,10 +112,11 @@ Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<th>Adresse IP</th>
<th>Nom</th>
<th class="ten wide">Services</th>
<th></th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="host | $init/host[not(address/@addr = $current/host/address/@addr)]"/>
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</tbody>
</table>
</main>
@ -178,11 +173,10 @@ $.toast({
</xsl:if>
<xsl:if test="$init">
$.toast({
title: '<xsl:value-of select="$compareWith"/>',
message: 'Comparaison avec les résultats du <xsl:value-of select="$init/runstats/finished/@timestr"/>',
class: 'info',
showIcon: 'calendar',
displayTime: 10000,
displayTime: 'auto',
closeIcon: true,
position: 'bottom right',
})
@ -283,6 +277,16 @@ $.toast({
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<tr>
<xsl:attribute name="class">
<xsl:choose>
@ -310,27 +314,27 @@ $.toast({
<xsl:value-of select="address/@addr"/>
</td>
<td>
<b>
<xsl:value-of select="hostnames/hostname/@name"/>
</b>
<b><xsl:value-of select="hostnames/hostname/@name"/></b>
</td>
<td>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)]">
<xsl:with-param name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:with-param>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:sort select="@portid" order="ascending"/>
</xsl:apply-templates>
</td>
<td>
<a class="ui right labeled tiny teal icon button" onclick="console.log(this);this.getElementsByTagName('i').className = 'loading spinner icon'">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?host=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
Scanner
</a>
</td>
</tr>
</xsl:template>
@ -361,50 +365,55 @@ $.toast({
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href">
<xsl:value-of select="service/@name"/>
:// <xsl:value-of select="$hostAddress"/>
: <xsl:value-of select="@portid"/>
<xsl:text>://</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress"/>
&amp;p=<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:value-of select="service/@name"/>
<div class="detail">
<xsl:choose>
<xsl:when test="@protocol='udp'">U:</xsl:when>
<xsl:otherwise>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</div>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:value-of select="service/@name"/>
<div class="detail">
<xsl:choose>
<xsl:when test="@protocol='udp'">U:</xsl:when>
<xsl:otherwise>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>

30
options.php
View File

@ -24,6 +24,13 @@ include_once 'filter_inputs.php';
<a class="ui teal button item" href=".">
lan<?php include 'logo.svg'; ?>can
</a>
<div class="right menu">
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</div>
</nav>
<main class="ui main container">
@ -34,7 +41,7 @@ include_once 'filter_inputs.php';
<label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $lan; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div>
@ -200,14 +207,15 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
<select class="ui dropdown" id="compareWithSelect" name="compareWith" value="<?= $compareWith ?>">
<option value="">Précédent scan</option>
<?php
if (!file_exists($SCANS_DIR)) mkdir($SCANS_DIR);
foreach (scandir($SCANS_DIR) as $filename) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4);
if ($name == $compareWith) {
echo " <option value='$name' selected>$name</option>\n";
$URL = "$BASEDIR/$SCANSDIR/$filename";
if ($URL == $compareWith) {
echo " <option value='$URL' selected>$name</option>\n";
} else {
echo " <option value='$name'>$name</option>\n";
echo " <option value='$URL'>$name</option>\n";
}
}
}
@ -222,10 +230,11 @@ foreach (scandir($SCANS_DIR) as $filename) {
foreach (scandir('.') as $filename) {
if (substr($filename, -4) === '.xsl') {
$name = substr($filename, 0, -4);
if (isset($inputs["stylesheet"]) && $name == $inputs["stylesheet"]) {
echo " <option value='$name' selected>$name</option>\n";
$URL = "$BASEDIR/$filename";
if (isset($inputs["stylesheet"]) && $URL == $inputs["stylesheet"]) {
echo " <option value='$URL' selected>$name</option>\n";
} else {
echo " <option value='$name'>$name</option>\n";
echo " <option value='$URL'>$name</option>\n";
}
}
}
@ -248,7 +257,7 @@ foreach (scandir('.') as $filename) {
</datalist>
<datalist id='servicesList'>
<?php
$nmap_services = file("$NMAP_DATADIR/nmap-services");
$nmap_services = file("$DATADIR/nmap-services");
$services = [];
foreach ($nmap_services as $service) {
if (0 !== strpos($service, '#')) {
@ -275,6 +284,7 @@ foreach (scandir('.') as $filename) {
$(".ui.accordion").accordion()
$("#stylesheetSelect").dropdown()
$("#compareWithSelect").dropdown({
clearable: true
})

30
scan.php
View File

@ -3,22 +3,23 @@
include_once 'config.php';
include_once 'filter_inputs.php';
if (!$targets) {
if ($targets) {
$options = $inputs;
} else if ($lan) {
$targets = $lan;
$options = $LANSCAN_OPTIONS;
} else if ($host) {
$targets = $host;
$options = $HOSTSCAN_OPTIONS;
} else {
http_response_code(400);
die('Paramètre manquant : targets');
die('Paramètre manquant : targets, lan ou host');
}
if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR);
}
if (isset($inputs["stylesheet"])) {
$basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}" . dirname($_SERVER['REQUEST_URI']);
$inputs["stylesheet"] = "$basedir/{$inputs["stylesheet"]}.xsl";
}
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$args = '';
foreach ($inputs as $arg => $value) {
foreach ($options as $arg => $value) {
if (is_null($value)) {
http_response_code(400);
die("Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS));
@ -45,12 +46,13 @@ $xml = new DOMDocument();
$xml->load($tempPath);
`rm "$tempPath"`;
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='saveAs' value='".htmlentities($saveAs, ENT_QUOTES)."'"), $xml->documentElement);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='scansDir' value='".htmlentities($SCANS_DIR, ENT_QUOTES)."'"), $xml->documentElement);
$saveAsURL = $saveAs? "$BASEDIR/$SCANSDIR/$saveAs.xml" : "";
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='saveAs' value='".htmlentities($saveAsURL, ENT_QUOTES)."'"), $xml->documentElement);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='scansDir' value='".htmlentities($SCANSDIR, ENT_QUOTES)."'"), $xml->documentElement);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value='".htmlentities($compareWith, ENT_QUOTES)."'"), $xml->documentElement);
if ($saveAs) {
$path = "$SCANS_DIR/$saveAs.xml";
$path = "$SCANSDIR/$saveAs.xml";
$xml->save($path);
header("Location: $path");