adrien/lanScan
adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

remove -

Browse Source
This commit is contained in:
Adrien MALINGREY 2024-10-10 02:07:00 +02:00
parent 3c9978569b
commit bcb63b3d0f
3 changed files with 183 additions and 205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config.php
View File

@ -2,8 +2,8 @@
$SCANS_DIR = 'scans'; $SCANS_DIR = 'scans';
$DEFAULT_ARGS = [ $DEFAULT_ARGS = [
'-PS' => 'ssh,http,https,msrpc,microsoft-ds', 'PS' => 'ssh,http,https,msrpc,microsoft-ds',
'-F' => true, 'F' => true,
'-T5' => true, 'T5' => true,
]; ];
$NMAP_DATADIR = '/usr/share/nmap'; $NMAP_DATADIR = '/usr/share/nmap';

170
filter_inputs.php
View File

@ -15,97 +15,97 @@ $protocolePortsListRegex = "/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-
$portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/"; $portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/";
$tempoRegex = "/^\d+[smh]?$/"; $tempoRegex = "/^\d+[smh]?$/";
$input_args = filter_input_array(INPUT_GET, [ $options = filter_input_array(INPUT_GET, [
'-iR' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], 'iR' => ['filter' => FILTER_VALIDATE_INT],
'--exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $hostsListRegex]], '-exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $hostsListRegex]], 'sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sP' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sP' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-P0' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'P0' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PN' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'Pn' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $portsListRegex]], 'PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $portsListRegex]], 'PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $portsListRegex]], 'PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PE' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PE' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PP' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PP' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PM' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PO' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['min_range' => 0, 'max_range' => 255]], 'PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'-n' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'n' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-R' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'R' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $hostsListRegex]], '-dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sS' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sS' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sT' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sT' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sA' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sA' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sW' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sW' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sM' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sF' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sF' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sN' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sN' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-sX' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sX' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PU' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PU' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PM' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PM' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-PM' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'PM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]], '-scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]],
'-sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]], 'sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
'-sO' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sO' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-b' => FILTER_VALIDATE_DOMAIN, 'b' => FILTER_VALIDATE_DOMAIN,
'--traceroute' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-traceroute' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--reason' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-reason' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-p' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $portsListRegex]], 'p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-F' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'F' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-r' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'r' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--top-ports' => FILTER_VALIDATE_INT, '-top-ports' => FILTER_VALIDATE_INT,
'--port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['min_range' => 0, 'max_range' => 1]], '-port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
'-sV' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'sV' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--version-light' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-version-light' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['min_range' => 0, 'max_range' => 9]], '-version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'--version-all' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-version-all' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--version-trace' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-version-trace' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-O' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'O' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--osscan-limit' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-osscan-limit' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--osscan-guess' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-osscan-guess' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-T0' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'T0' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-T1' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'T1' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-T2' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'T2' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-T3' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'T3' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-T4' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'T4' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-T5' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'T5' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--min-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-min-hostgroup' => ['filter' => FILTER_VALIDATE_INT],
'--max-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-max-hostgroup' => ['filter' => FILTER_VALIDATE_INT],
'--min-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-min-parallelism' => ['filter' => FILTER_VALIDATE_INT],
'--max-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-max-parallelism' => ['filter' => FILTER_VALIDATE_INT],
'--min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $tempoRegex]], '-min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $tempoRegex]], '-max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $tempoRegex]], '-initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-retries' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-max-retries' => ['filter' => FILTER_VALIDATE_INT],
'--host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $tempoRegex]], '-host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $tempoRegex]], '-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $tempoRegex]], '-max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'-f' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], 'f' => ['filter' => FILTER_VALIDATE_INT],
'-mtu' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], 'mtu' => ['filter' => FILTER_VALIDATE_INT],
'-D' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => $hostsListRegex]], 'D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-S' => ['filter' => FILTER_VALIDATE_IP, 'flags' => FILTER_NULL_ON_FAILURE], 'S' => ['filter' => FILTER_VALIDATE_IP],
'-e' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => "/^[a-z\d]+$/"]], 'e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]],
'-g' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], 'g' => ['filter' => FILTER_VALIDATE_INT],
'--source-port' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-source-port' => ['filter' => FILTER_VALIDATE_INT],
'--data-length' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE], '-data-length' => ['filter' => FILTER_VALIDATE_INT],
'--ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]], '-ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
'-ttl' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_NULL_ON_FAILURE, 'options' => ['min_range' => 0, 'max_range' => 255]], 'ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'--spoof-mac' => ['filter' => FILTER_VALIDATE_MAC, 'flags' => FILTER_NULL_ON_FAILURE], '-spoof-mac' => ['filter' => FILTER_VALIDATE_MAC],
'--badsum' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-badsum' => ['filter' => FILTER_VALIDATE_BOOLEAN],
//'-6' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], //'6' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-A' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'A' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--send-eth' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-send-eth' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--send-ip' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-send-ip' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--privileged' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-privileged' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-V' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'V' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'--unprivileged' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], '-unprivileged' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'-h' => ['filter' => FILTER_VALIDATE_BOOLEAN, 'flags' => FILTER_NULL_ON_FAILURE], 'h' => ['filter' => FILTER_VALIDATE_BOOLEAN],
], false) ?: $DEFAULT_ARGS; ], false) ?: $DEFAULT_ARGS;

182
scan-options.php
View File

@ -22,14 +22,15 @@ include_once 'filter_inputs.php';
<body> <body>
<nav class="ui inverted teal fixed menu"> <nav class="ui inverted teal fixed menu">
<a class="header item" href="."> <a class="header item" href=".">
lan lan<?php include 'logo.svg'; ?>can
<?php include 'logo.svg'; ?>can
</a> </a>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
<form id="newScanForm" class="ui form" method="get" action="scan.php">
<h1 class="header">Scanner un réseau avec Nmap</h1> <h1 class="header">Scanner un réseau avec Nmap</h1>
<form id="newScanForm" class="ui form" method="get" action="scan.php">
<!--<div class="field"> <!--<div class="field">
<label for="nameInput">Nom</label> <label for="nameInput">Nom</label>
<input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+' <input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
@ -38,8 +39,8 @@ include_once 'filter_inputs.php';
</div>--> </div>-->
<div class="required field"> <div class="required field">
<label for="targetsInput">Cibles</label> <label for="targetsInput">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles" required="" <input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= htmlspecialchars($targets); ?>" list="targetsList" pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" /> Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div> </div>
@ -48,117 +49,109 @@ Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?> 10.0-
<div class="title"><i class="icon dropdown"></i>Spécification des cibles</div> <div class="title"><i class="icon dropdown"></i>Spécification des cibles</div>
<div class="content"> <div class="content">
<div class="field"> <div class="field">
<label class="inline field"> <label for="excludeInput">Exclure les hôtes ou réseaux</label>
<div class="ui checkbox"> <input type="text" id="excludeInput" name="-exclude" placeholder="Hôte/réseau" list="targetsList"
<input type="checkbox" id="excludeCheckbox" onchange="excludeInput.disabled = !this.checked"/> pattern="[a-zA-Z0-9._\/,\-]*" value="<?=$options['-exclude']?? "" ?>"
<label for="excludeCheckbox">Exclure les hôtes ou réseaux</label>
</div>
</label>
<input type="text" id="excludeInput" name="--exclude" placeholder="Hôte/réseau" list="targetsList" disabled
pattern="[a-zA-Z0-9._\/,\-]*" value=""
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24,<?=$_SERVER['SERVER_NAME']; ?>,10.0-255.0-255.1-254"> Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24,<?=$_SERVER['SERVER_NAME']; ?>,10.0-255.0-255.1-254">
</div> </div>
</div> </div>
<div class="title"><i class="icon dropdown"></i>Découverte des hôtes</div> <div class="title"><i class="icon dropdown"></i>Découverte des hôtes actifs</div>
<div class="content"> <div class="content">
<div class="inline field"> <div class="inline field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="sPCheckbox" name="-sP"/> <input type="checkbox" id="sPCheckbox" name="sP" <?=$options['sP']?? false? 'checked' : ''; ?>/>
<label for="sPCheckbox">N'effectuer que la découverte des hôtes actifs</label> <label for="sPCheckbox">N'effectuer que l'étape de découverte des hôtes actifs</label>
</div> </div>
</div> </div>
<div class="inline field"> <div class="inline field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="PECheckbox" name="-PE"/> <input type="checkbox" id="PnCheckbox" name="Pn" <?=$options['Pn']?? false? 'checked' : ''; ?>/>
<label for="PECheckbox">Considérer tous les hôtes comme actifs</label> <label for="PnCheckbox">Considérer tous les hôtes comme actifs (saute la découverte des hôtes)</label>
</div> </div>
</div> </div>
<div class="fields">
<div class="field">
<label for="PSInput">Ping TCP SYN</label>
<input type="text" id="PSInput" name="PS" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?=$options['PS']?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field"> <div class="field">
<label class="inline field"> <label for="PAInput">Ping TCP ACK</label>
<div class="ui checkbox"> <input type="text" id="PAInput" name="PA" placeholder="Ports" list="servicesList"
<input type="checkbox" id="PSCheckbox" onchange="PSInput.disabled = !this.checked"/> pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?=$options['PA']?? "" ?>"
<label for="PSCheckbox">Ping TCP SYN</label> title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
</label>
<input type="text" id="PSInput" name="-PS" placeholder="Ports" list="servicesList" disabled
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="80"
title="Liste de ports ex: 22,23,25,80,113,1050,35000">
</div> </div>
<div class="field"> <div class="field">
<label> <label for="PUInput">Ping UDP</label>
<div class="ui checkbox"> <input type="text" id="PUInput" name="PU" placeholder="Ports" list="servicesList"
<input type="checkbox" id="PACheckbox" onchange="PAInput.disabled = !this.checked"/> pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?=$options['PU']?? "" ?>"
<label for="PACheckbox">Ping TCP ACK</label> title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div> </div>
</label>
<input type="text" id="PAInput" name="-PA" placeholder="Ports" list="servicesList" disabled
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="80"
title="Liste de ports ex: 22,23,25,80,113,1050,35000">
</div> </div>
<div class="field"> <div class="field">
<label>
<div class="ui checkbox">
<input type="checkbox" id="PUCheckbox" onchange="PUInput.disabled = !this.checked"/>
<label for="PUCheckbox">Ping UDP</label>
</div>
</label>
<input type="text" id="PUInput" name="-PU" placeholder="Ports" list="servicesList" disabled
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="31338"
title="Liste de ports ex: 22,23,25,80,113,1050,35000">
</div>
<div class="inline fields">
<label>Ping ICMP</label> <label>Ping ICMP</label>
<div class="inline fields">
<div class="field"> <div class="field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="PECheckbox" name="-PE"/> <input type="checkbox" id="PECheckbox" name="PE" <?=$options['PE']?? false? 'checked' : ''; ?>/>
<label for="PECheckbox">Echo request</label> <label for="PECheckbox">Echo request</label>
</div> </div>
</div> </div>
<div class="field"> <div class="field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="PPCheckbox" name="-PP"/> <input type="checkbox" id="PPCheckbox" name="PP" <?=$options['PP']?? false? 'checked' : ''; ?>/>
<label for="PPCheckbox">Timestamp request</label> <label for="PPCheckbox">Timestamp request</label>
</div> </div>
</div> </div>
<div class="field"> <div class="field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="PMCheckbox" name="-PM"/> <input type="checkbox" id="PMCheckbox" name="PM" <?=$options['PM']?? false? 'checked' : ''; ?>/>
<label for="PMCheckbox">Mask request</label> <label for="PMCheckbox">Mask request</label>
</div> </div>
</div> </div>
</div> </div>
</div>
<div class="field"> <div class="field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="PRCheckbox" name="-PR"/> <input type="checkbox" id="PRCheckbox" name="PR" <?=$options['PR']?? false? 'checked' : ''; ?>/>
<label for="PRCheckbox">Ping ARP</label> <label for="PRCheckbox">Ping ARP</label>
</div> </div>
</div> </div>
<div class="field">
<label for="P0Input">Ping IP Protocol</label>
<input type="text" id="P0Input" name="P0" placeholder="Ports"
pattern="[0-9\-]+" value="<?=$options['P0']?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
</div> </div>
<div class="title"><i class="icon dropdown"></i>Techniques de scan</div> <div class="title"><i class="icon dropdown"></i>Techniques de scan</div>
<div class="content"> <div class="content">
<div class="field"> <div class="field">
<label> <div class="ui toggle checkbox">
<div class="ui checkbox"> <input type="checkbox" id="FCheckbox" name="F" <?=$options['F']?? false? 'checked' : ''; ?>/>
<input type="checkbox" id="pCheckbox" onchange="pInput.disabled = !this.checked"/> <label for="FCheckbox">Scanner que les ports connus</label>
<label for="pCheckbox">Scanner les ports</label>
</div> </div>
</label> </div>
<input type="text" id="pInput" name="-p" placeholder="Ports" list="servicesList" disabled
pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="1-1024" <div class="field">
<label for="pInput">Scanner que les ports</label>
<input type="text" id="pInput" name="p" placeholder="Ports" list="servicesList"
pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="<?=$options['p']?? "" ?>"
title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080"> title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
</div> </div>
<div class="field"> <div class="field">
<div class="ui checkbox"> <div class="ui toggle checkbox">
<input type="checkbox" id="FCheckbox" name="-F"/> <input type="checkbox" id="rCheckbox" name="r" <?=$options['r']?? false? 'checked' : ''; ?>/>
<label for="FCheckbox">Scanner les ports connus</label>
</div>
</div>
<div class="field">
<div class="ui checkbox">
<input type="checkbox" id="rCheckbox" name="-r"/>
<label for="rCheckbox">Ne pas mélanger les ports</label> <label for="rCheckbox">Ne pas mélanger les ports</label>
</div> </div>
</div> </div>
@ -166,7 +159,7 @@ Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24,<?=$_SERVER['SERVER_NAME']; ?>,10.0-
</div> </div>
<button type="submit" class="ui fluid teal submit button">Démarrer</button> <button type="submit" class="ui teal submit button">Démarrer</button>
</form> </form>
<datalist id='targetsList'> <datalist id='targetsList'>
@ -178,7 +171,7 @@ if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR); mkdir($SCANS_DIR);
} }
foreach (scandir($SCANS_DIR) as $scan) { foreach (scandir($SCANS_DIR) as $scan) {
if (substr($scan, -4) == '.xml') { if ('.xml' == substr($scan, -4)) {
$targets = str_replace('!', '/', substr_replace($scan, '', -4)); $targets = str_replace('!', '/', substr_replace($scan, '', -4));
echo " <option value='$targets'></option>\n"; echo " <option value='$targets'></option>\n";
} }
@ -190,12 +183,12 @@ foreach (scandir($SCANS_DIR) as $scan) {
$nmap_services = file("$NMAP_DATADIR/nmap-services"); $nmap_services = file("$NMAP_DATADIR/nmap-services");
$services = []; $services = [];
foreach ($nmap_services as $service) { foreach ($nmap_services as $service) {
if (strpos($service, '#') !== 0) { if (0 !== strpos($service, '#')) {
[$name, $port] = explode("\t", $service); [$name, $port] = explode("\t", $service);
$services[$name] = $port; $services[$name] = explode("/", $port);
} }
} }
foreach ($services as $name => $port) { foreach ($services as $name => [$portid, $protocol]) {
echo " <option value='$name'></option>\n"; echo " <option value='$name'></option>\n";
} }
?> ?>
@ -209,61 +202,46 @@ const joinWithCommas = tags => tags.map(tag => tag.value).join(',')
$('.ui.accordion').accordion() $('.ui.accordion').accordion()
var targetsTagify = new Tagify(targetsInput, { new Tagify(targetsInput, {
delimiters: " |,", delimiters: " |,",
originalInputValueFormat: joinWithSpaces, originalInputValueFormat: joinWithSpaces,
whitelist: targetsWhitelist, whitelist: targetsWhitelist,
}) })
var excludeTagify = new Tagify(excludeInput, { new Tagify(excludeInput, {
delimiters: " |,", delimiters: " |,",
originalInputValueFormat: joinWithCommas, originalInputValueFormat: joinWithCommas,
whitelist: targetsWhitelist, whitelist: targetsWhitelist,
}) })
excludeCheckbox.onchange = (event) => {
excludeInput.disabled = !excludeCheckbox.checked
excludeTagify.setDisabled(!excludeCheckbox.checked)
}
var PSTagify = new Tagify(PSInput, { new Tagify(PSInput, {
delimiters: " |,", delimiters: " |,",
originalInputValueFormat: joinWithCommas, originalInputValueFormat: joinWithCommas,
whitelist: servicesWhitelist, whitelist: servicesWhitelist,
}) })
PSCheckbox.onchange = () => {
PSInput.disabled = !PSCheckbox.checked
PSTagify.setDisabled(!PSCheckbox.checked)
}
var PATagify = new Tagify(PAInput, { new Tagify(PAInput, {
delimiters: " |,", delimiters: " |,",
originalInputValueFormat: joinWithCommas, originalInputValueFormat: joinWithCommas,
whitelist: servicesWhitelist, whitelist: servicesWhitelist,
}) })
PACheckbox.onchange = () => {
PAInput.disabled = !PACheckbox.checked
PATagify.setDisabled(!PACheckbox.checked)
}
var PUTagify = new Tagify(PUInput, { new Tagify(PUInput, {
delimiters: " |,", delimiters: " |,",
originalInputValueFormat: joinWithCommas, originalInputValueFormat: joinWithCommas,
whitelist: servicesWhitelist, whitelist: servicesWhitelist,
}) })
PUCheckbox.onchange = () => {
PUInput.disabled = !PUCheckbox.checked
PUTagify.setDisabled(!PUCheckbox.checked)
}
var pTagify = new Tagify(pInput, { new Tagify(P0Input, {
delimiters: " |,",
originalInputValueFormat: joinWithCommas
})
new Tagify(pInput, {
delimiters: " |,", delimiters: " |,",
originalInputValueFormat: joinWithCommas, originalInputValueFormat: joinWithCommas,
whitelist: servicesWhitelist, whitelist: servicesWhitelist,
}) })
pCheckbox.onchange = () => {
pInput.disabled = !pCheckbox.checked
pTagify.setDisabled(!pCheckbox.checked)
}
newScanForm.onsubmit = function (event) { newScanForm.onsubmit = function (event) {
if (this.checkValidity()) { if (this.checkValidity()) {