adrien/lanScan
adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

small fixes

Browse Source
This commit is contained in:
Adrien MALINGREY 2024-10-14 03:36:07 +02:00
parent 2f7eebdaf1
commit cf5dcf24a7
5 changed files with 102 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

177
filter_inputs.php
View File

@ -13,95 +13,104 @@ $host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['
$saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex]]);
$compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_URL);
$inputs = filter_input_array(INPUT_GET, [
'iR' => ['filter' => FILTER_VALIDATE_INT],
'exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sP' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'P0' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'Pn' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PE' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'PP' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'PM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'PR' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'send-ip' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'n' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'R' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
if ($lan) {
$targets = $lan;
$inputs = $LANSCAN_OPTIONS;
} else if ($host) {
$targets = $host;
$inputs = $HOSTSCAN_OPTIONS;
} else {
$inputs = filter_input_array(INPUT_GET, [
'iR' => FILTER_VALIDATE_INT,
'exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sS' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sT' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sA' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sW' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sM' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sF' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sN' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sX' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]],
'sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
'sO' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'b' => FILTER_VALIDATE_DOMAIN,
'traceroute' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'reason' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sP' => FILTER_VALIDATE_BOOLEAN,
'P0' => FILTER_VALIDATE_BOOLEAN,
'Pn' => FILTER_VALIDATE_BOOLEAN,
'PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PE' => FILTER_VALIDATE_BOOLEAN,
'PP' => FILTER_VALIDATE_BOOLEAN,
'PM' => FILTER_VALIDATE_BOOLEAN,
'PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'PR' => FILTER_VALIDATE_BOOLEAN,
'send-ip' => FILTER_VALIDATE_BOOLEAN,
'n' => FILTER_VALIDATE_BOOLEAN,
'R' => FILTER_VALIDATE_BOOLEAN,
'dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'F' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'r' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'top-ports' => FILTER_VALIDATE_INT,
'port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
'sS' => FILTER_VALIDATE_BOOLEAN,
'sT' => FILTER_VALIDATE_BOOLEAN,
'sA' => FILTER_VALIDATE_BOOLEAN,
'sW' => FILTER_VALIDATE_BOOLEAN,
'sM' => FILTER_VALIDATE_BOOLEAN,
'sF' => FILTER_VALIDATE_BOOLEAN,
'sN' => FILTER_VALIDATE_BOOLEAN,
'sX' => FILTER_VALIDATE_BOOLEAN,
'scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]],
'sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
'sO' => FILTER_VALIDATE_BOOLEAN,
'b' => FILTER_VALIDATE_URL,
'traceroute' => FILTER_VALIDATE_BOOLEAN,
'reason' => FILTER_VALIDATE_BOOLEAN,
'sV' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'version-light' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'version-all' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'version-trace' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'F' => FILTER_VALIDATE_BOOLEAN,
'r' => FILTER_VALIDATE_BOOLEAN,
'top-ports' => FILTER_VALIDATE_INT,
'port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
'O' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'osscan-limit' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'osscan-guess' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'sV' => FILTER_VALIDATE_BOOLEAN,
'version-light' => FILTER_VALIDATE_BOOLEAN,
'version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'version-all' => FILTER_VALIDATE_BOOLEAN,
'version-trace' => FILTER_VALIDATE_BOOLEAN,
'T0' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T1' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T2' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T3' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T4' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T5' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'min-hostgroup' => ['filter' => FILTER_VALIDATE_INT],
'max-hostgroup' => ['filter' => FILTER_VALIDATE_INT],
'min-parallelism' => ['filter' => FILTER_VALIDATE_INT],
'max-parallelism' => ['filter' => FILTER_VALIDATE_INT],
'min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-retries' => ['filter' => FILTER_VALIDATE_INT],
'host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'O' => FILTER_VALIDATE_BOOLEAN,
'osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'f' => ['filter' => FILTER_VALIDATE_INT],
'mtu' => ['filter' => FILTER_VALIDATE_INT],
'D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'S' => ['filter' => FILTER_VALIDATE_IP],
'e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]],
'g' => ['filter' => FILTER_VALIDATE_INT],
'source-port' => ['filter' => FILTER_VALIDATE_INT],
'data-length' => ['filter' => FILTER_VALIDATE_INT],
'ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
'ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'spoof-mac' => ['filter' => FILTER_VALIDATE_MAC],
'badsum' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T0' => FILTER_VALIDATE_BOOLEAN,
'T1' => FILTER_VALIDATE_BOOLEAN,
'T2' => FILTER_VALIDATE_BOOLEAN,
'T3' => FILTER_VALIDATE_BOOLEAN,
'T4' => FILTER_VALIDATE_BOOLEAN,
'T5' => FILTER_VALIDATE_BOOLEAN,
'min-hostgroup' => FILTER_VALIDATE_INT,
'max-hostgroup' => FILTER_VALIDATE_INT,
'min-parallelism' => FILTER_VALIDATE_INT,
'max-parallelism' => FILTER_VALIDATE_INT,
'min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-retries' => FILTER_VALIDATE_INT,
'host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
//'6' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'A' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'send-eth' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'privileged' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'V' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'unprivileged' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'h' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'stylesheet' => ['filter' => FILTER_VALIDATE_URL],
], false) ?: $LANSCAN_OPTIONS;
'f' => FILTER_VALIDATE_INT,
'mtu' => FILTER_VALIDATE_INT,
'D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'S' => ['filter' => FILTER_VALIDATE_IP],
'e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]],
'g' => FILTER_VALIDATE_INT,
'source-port' => FILTER_VALIDATE_INT,
'data-length' => FILTER_VALIDATE_INT,
'ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
'ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'spoof-mac' => FILTER_VALIDATE_MAC,
'badsum' => FILTER_VALIDATE_BOOLEAN,
//'6' => FILTER_VALIDATE_BOOLEAN,
'A' => FILTER_VALIDATE_BOOLEAN,
'send-eth' => FILTER_VALIDATE_BOOLEAN,
'privileged' => FILTER_VALIDATE_BOOLEAN,
'V' => FILTER_VALIDATE_BOOLEAN,
'unprivileged' => FILTER_VALIDATE_BOOLEAN,
'h' => FILTER_VALIDATE_BOOLEAN,
'stylesheet' => FILTER_VALIDATE_URL,
], false) ?: $LANSCAN_OPTIONS;
}

4
index.php
View File

@ -35,7 +35,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
<button style="display: none;" type="submit" formmethod="get" formaction="scan.php"></button>
</div>
<div class="item">
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="lanInput.required=false">
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
</div>
@ -48,7 +48,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
</nav>
<main class="ui main container">
<h1 class="ui header">Précédents scans</h1>
<h1 class="ui header">Scans enregistrés</h1>
<div class="ui large relaxed card">
<div class="content">
<div class="ui divided link list">

6
lanScan.xsl
View File

@ -116,7 +116,7 @@ Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<th>Adresse IP</th>
<th>Nom</th>
<th class="ten wide">Services</th>
<th>Scanner</th>
<th>Scanner les services</th>
</tr>
</thead>
<tbody>
@ -243,14 +243,14 @@ $.toast({
</xsl:apply-templates>
</td>
<td>
<a class="ui right labeled mini teal icon button" onclick="this.getElementsByTagName('i')[0].className = 'loading spinner icon'">
<a class="ui mini icon labeled teal button" onclick="this.getElementsByTagName('i')[0].className = 'loading spinner icon'">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?host=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
<xsl:text>Scanner</xsl:text>
<xsl:text>Services</xsl:text>
</a>
</td>
</tr>

4
options.php
View File

@ -41,7 +41,7 @@ include_once 'filter_inputs.php';
<label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets ?? $lan ?? $host; ?>" list="targetsList"
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div>
@ -164,7 +164,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
<div class="title">
<i class="icon dropdown"></i>
Techniques de scan
Spécifications des ports et ordre du scan
</div>
<div class="content">
<div class="inline field" title="-sP">

12
scan.php
View File

@ -3,15 +3,7 @@
include_once 'config.php';
include_once 'filter_inputs.php';
if ($targets) {
$options = $inputs;
} else if ($lan) {
$targets = $lan;
$options = $LANSCAN_OPTIONS;
} else if ($host) {
$targets = $host;
$options = $HOSTSCAN_OPTIONS;
} else {
if (!$targets) {
http_response_code(400);
die('Paramètre manquant : targets, lan ou host');
}
@ -19,7 +11,7 @@ if ($targets) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$args = '';
foreach ($options as $arg => $value) {
foreach ($inputs as $arg => $value) {
if (is_null($value)) {
http_response_code(400);
die("Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS));