diff --git a/config.php b/config.php index e1fcc7d..278b0c0 100644 --- a/config.php +++ b/config.php @@ -4,5 +4,8 @@ $BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}$port $SCANSDIR = "scans"; $STYLESHEETSDIR = "stylesheets"; -$lanScanCmd = "sudo nmap -PSmicrosoft-ds -F -T5 --datadir . --script http-info,smb-shares-size --script-args-file script-args.ini -oX - --stylesheet $BASEDIR/$STYLESHEETSDIR/lanScan.xsl"; -$hostScanCmd = "sudo nmap -A -T5 --datadir . --script http-info,smb-shares-size --script-args-file script-args.ini -oX - --stylesheet $BASEDIR/$STYLESHEETSDIR/hostScan.xsl"; \ No newline at end of file +$NMAP = "sudo nmap"; # nmap command, E.g. 'nmap', 'sudo nmap' for root privileges or '/usr/bin/nmap' if not in PATH +$LANSCANOPTIONS = "-PSmicrosoft-ds -F -T5 --datadir . --script http-info,smb-shares-size --script-args-file script-args.ini -oX - --stylesheet $BASEDIR/$STYLESHEETSDIR/lanScan.xsl"; +$HOSTSCANOPTIONS = "-A -T5 --datadir . --script http-info,smb-shares-size --script-args-file script-args.ini -oX - --stylesheet $BASEDIR/$STYLESHEETSDIR/hostScan.xsl"; +$DATADIR = "."; +$SCRIPTARGSFILE = "script-args.ini"; \ No newline at end of file diff --git a/index.php b/index.php index 7bdba4a..0fce543 100644 --- a/index.php +++ b/index.php @@ -31,6 +31,15 @@ body > .grid { + + +
+ +
Erreur
+

+
+ +

Découvrir ou superviser un réseau

diff --git a/options.php b/options.php new file mode 100755 index 0000000..987ed92 --- /dev/null +++ b/options.php @@ -0,0 +1,696 @@ + + + + + + lanScan + + + + + + + + + + + + + +
+ +

Scanner un

+ + +
+ + +
+ +
+
Spécification des cibles
+
+
+ + "> +
+ +
+ + "> +
+
+ +
Découverte des hôtes actifs
+
+
+
+ /> + +
+
+ +
+ + " + title="Liste de ports ex: 22,23,25,80,200-1024,60000-"> +
+ +
+ + " + title="Liste de ports ex: 22,23,25,80,200-1024,60000-"> +
+ +
+ + " + title="Liste de ports ex: 22,23,25,80,200-1024,60000-"> +
+ +
+ +
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+
+ +
+ + " + title="[num de protocole]"> +
+ +
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+ +
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+ +
+ + " + title="serv1[,serv2],..."> +
+
+ +
Techniques de scan de ports
+
+
+
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+ +
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+ +
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+
+ /> + +
+
+
+ +
+ + " + title="Mélanger simplement les drapeaux URG, ACK, PSH, RST, SYN et FIN."> +
+ +
+ + " + title="zombie host[:probeport]"> +
+ +
+ + " + title="[[:]@][:]"> +
+ +
+
+ /> + +
+
+
+
+ +
Spécifications des ports et ordre du scan
+
+
+
+ /> + +
+
+ +
+
+ + onchange="pInput.disabled = FCheckbox.checked" /> + +
+
+ +
+ + + pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="" + title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080"> +
+ +
+
+ /> + +
+
+
+ +
Détection de services et de versions
+
+
+
+ /> + +
+
+ +
+
+ /> + +
+
+ +
+ + " title="2: léger, 9: tous, défaut: 7"> +
+ +
+
+ /> + +
+
+
+ +
Scripts
+
+
+
+ /> + +
+
+ +
+ + "> +
+ +
+ + " + title=""> +
+ +
+
+ /> + +
+
+ +
+
+ /> + +
+
+
+ +
Détection du système d'exploitation
+
+
+
+ /> + +
+
+ +
+
+ /> + +
+
+ +
+
+ /> + +
+
+ +
+ + "> +
+
+ +
Temporisation et performances
+
+
+ + +
+ +
+ +
+
+ + " + oninput="maxHostgroupInput.min = minHostgroupInput.value"> +
+
+ + " + oninput="minHostgroupInput.max = maxHostgroupInput.value"> +
+
+
+ +
+ +
+
+ + " + oninput="maxParallelismInput.min = minParallelismInput.value"> +
+
+ + " + oninput="minParallelismInput.max = maxParallelismInput.value"> +
+
+
+ +
+ +
+
+ +
+ > + +
+ "> +
+
+ +
+ > + +
+ "> +
+
+ +
+ > + +
+ "> +
+
+
+ +
+ + "> +
+ +
+ +
+ > + +
+ "> +
+ +
+
+ +
+ > + +
+ "> +
+
+ +
+ > + +
+ "> +
+
+
+
+ /> + +
+
+
+
+ + + +
+ + + + +$name\n"; + } + } +} +?> + + + +\n"; + if (file_exists("$dir/nmap-services")) { + $nmap_services = file("$dir/nmap-services"); + foreach ($nmap_services as $service) { + if (0 !== strpos($service, '#')) { + [$name, $port] = explode("\t", $service); + $services[$name] = explode("/", $port); + } + } + } +} +foreach ($services as $name => [$portid, $protocol]) { + echo " \n"; +} +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + +\n"; + } + } +} +?> + + + + + + diff --git a/scan.php b/scan.php index 9d53dec..b70fe1d 100644 --- a/scan.php +++ b/scan.php @@ -2,9 +2,11 @@ include_once 'config.php'; -$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^[\da-zA-Z-. \/]+$/'], "flags" => FILTER_NULL_ON_FAILURE]); +$targetsListRegex = '/^[\da-zA-Z-. \/]+$/'; + +$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]); if ($lan) { - $cmd = "$lanScanCmd $lan"; + $cmd = "$NMAP $LANSCANOPTIONS $lan"; if (!file_exists($SCANSDIR)) mkdir($SCANSDIR); $filename = str_replace("/", "!", $lan); @@ -18,9 +20,9 @@ if ($lan) { exit(); } -$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^[\da-zA-Z-. \/]+$/'], "flags" => FILTER_NULL_ON_FAILURE]); +$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]); if ($host) { - $cmd = "$hostScanCmd $host"; + $cmd = "$NMAP $HOSTSCANOPTIONS $host"; if (!file_exists($SCANSDIR)) mkdir($SCANSDIR); $filename = str_replace("/", "!", $host); @@ -34,4 +36,156 @@ if ($host) { exit(); } -include "index.php"; +$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]); +if ($targets) { + $hostsListRegex = '/^[\da-zA-Z-.,:\/]+$/'; + $protocolePortsListRegex = '/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/'; + $portsListRegex = '/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/'; + $tempoRegex = '/^\d+[smh]?$/'; + $fileNameRegex = '/^[^<>:\/|?]+$/'; + + $inputs = filter_input_array(INPUT_GET, [ +// TARGET SPECIFICATION: + '-iR' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + '--exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], +// HOST DISCOVERY: + '-sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], + '-sP' => FILTER_VALIDATE_BOOLEAN, + '-P0' => FILTER_VALIDATE_BOOLEAN, + '-Pn' => FILTER_VALIDATE_BOOLEAN, + '-PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], + '-PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], + '-PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], + '-PE' => FILTER_VALIDATE_BOOLEAN, + '-PP' => FILTER_VALIDATE_BOOLEAN, + '-PM' => FILTER_VALIDATE_BOOLEAN, + '-PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]], + '-PR' => FILTER_VALIDATE_BOOLEAN, + '--send-ip' => FILTER_VALIDATE_BOOLEAN, + '-n' => FILTER_VALIDATE_BOOLEAN, + '-R' => FILTER_VALIDATE_BOOLEAN, + '--dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], +// SCAN TECHNIQUES: + '-sS' => FILTER_VALIDATE_BOOLEAN, + '-sT' => FILTER_VALIDATE_BOOLEAN, + '-sA' => FILTER_VALIDATE_BOOLEAN, + '-sW' => FILTER_VALIDATE_BOOLEAN, + '-sM' => FILTER_VALIDATE_BOOLEAN, + '-sF' => FILTER_VALIDATE_BOOLEAN, + '-sN' => FILTER_VALIDATE_BOOLEAN, + '-sX' => FILTER_VALIDATE_BOOLEAN, + '-sU' => FILTER_VALIDATE_BOOLEAN, + '--scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]$/']], + '-sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-zA-Z\d:.-]+(:\d+)?$/']], + '-sO' => FILTER_VALIDATE_BOOLEAN, + '-b' => FILTER_VALIDATE_URL, + '--traceroute' => FILTER_VALIDATE_BOOLEAN, + '--reason' => FILTER_VALIDATE_BOOLEAN, +// PORT SPECIFICATION AND SCAN ORDER: + '-p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], + '-F' => FILTER_VALIDATE_BOOLEAN, + '-r' => FILTER_VALIDATE_BOOLEAN, + '--top-ports' => FILTER_VALIDATE_INT, + '--port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]], +// SERVICE/VERSION DETECTION: + '-sV' => FILTER_VALIDATE_BOOLEAN, + '--version-light' => FILTER_VALIDATE_BOOLEAN, + '--version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]], + '--version-all' => FILTER_VALIDATE_BOOLEAN, + '--version-trace' => FILTER_VALIDATE_BOOLEAN, +// SCRIPT SCAN: + '-sC' => FILTER_VALIDATE_BOOLEAN, + '--script' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z][a-z0-9,\-\.\/]*$/']], + '--script-args' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^([a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?)$/']], +// OS DETECTION: + '-O' => FILTER_VALIDATE_BOOLEAN, + '--osscan-limit' => FILTER_VALIDATE_BOOLEAN, + '--osscan-guess' => FILTER_VALIDATE_BOOLEAN, + '--max-os-tries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], +// TIMING AND PERFORMANCE: + '-T' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 5]], + '--min-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + '--max-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + '--min-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + '--max-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + '--min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]], + '--max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]], + '--initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]], + '--max-retries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + '--host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]], + '--scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]], + '--max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]], +// FIREWALL/IDS EVASION AND SPOOFING: + '-f' => FILTER_VALIDATE_INT, + '--mtu' => FILTER_VALIDATE_INT, + '-D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], + '-S' => ['filter' => FILTER_VALIDATE_IP], + '-e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z\d]+$/']], + '-g' => FILTER_VALIDATE_INT, + '--source-port' => FILTER_VALIDATE_INT, + '--data-length' => FILTER_VALIDATE_INT, + '--ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/']], + '--ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]], + '--spoof-mac' => FILTER_VALIDATE_MAC, + '--badsum' => FILTER_VALIDATE_BOOLEAN, +// MISC: + // '6' => FILTER_VALIDATE_BOOLEAN, + '-A' => FILTER_VALIDATE_BOOLEAN, + '--send-eth' => FILTER_VALIDATE_BOOLEAN, + '--privileged' => FILTER_VALIDATE_BOOLEAN, + '-V' => FILTER_VALIDATE_BOOLEAN, + '--unprivileged' => FILTER_VALIDATE_BOOLEAN, + '-h' => FILTER_VALIDATE_BOOLEAN, + '--stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]], +// lanScan + 'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]], + 'originalURL' => FILTER_VALIDATE_URL, + 'refreshPeriod' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]], + 'sudo' => FILTER_VALIDATE_BOOLEAN, + ], false); + + echo "\n"; + + $inputs["--datadir"] = $DATADIR; + $inputs["--script-args-file"] = $SCRIPTARGSFILE; + $inputs["-oX"] = "-"; + $inputs["--stylesheet"] = "$BASEDIR/$STYLESHEETSDIR/lanScan.xsl#"; + + $options = ""; + foreach ($inputs as $option => $value) { + if (substr($option, 0, 1) == '-') { + if (is_null($value)) { + http_response_code(400); + $errorMessage = "Valeur incorrecte pour le paramètre $option : " . filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS); + include_once "index.php"; + die(); + } else if ($value) { + if ($value === true) { + $options .= " $option"; + } else { + if (substr($option, 0, 2) == '--') $options .= " $option " . escapeshellarg($value); + else $options .= " $option" . escapeshellarg($value); + } + } + } + } + + $cmd = "$NMAP$options $targets"; + echo "\n"; + + if (!file_exists($SCANSDIR)) mkdir($SCANSDIR); + $filename = str_replace("/", "!", $targets); + $path = "$SCANSDIR/$filename.xml"; + + if (!file_exists($path)) $cmd .= " | tee '$path'"; + + header('Content-type: text/xml'); + system("$cmd", $retcode); + + exit(); +} + +include_once "index.php"; +die(); diff --git a/style.css b/style.css index 6e328d8..3208e0d 100644 --- a/style.css +++ b/style.css @@ -77,3 +77,7 @@ body { .ui.card .table { overflow-x: auto; } + +.inverted tags { + background-color: white; +}