From e93d37cacda0d9140f3a98572b9d6bba07278b4e Mon Sep 17 00:00:00 2001
From: adrien <adrien@malingrey.fr>
Date: Mon, 3 Apr 2023 22:43:26 +0200
Subject: [PATCH] init
---
.gitignore | 1 +
first_scan.sh | 14 ++++++
index.php | 12 +++++
logo.svg | 53 +++++++++++++++++++++
ls.php | 35 ++++++++++++++
rdp.php | 6 +++
rescan_all.php | 26 +++++++++++
results.php | 124 +++++++++++++++++++++++++++++++++++++++++++++++++
toyaml.xsl | 28 +++++++++++
9 files changed, 299 insertions(+)
create mode 100644 .gitignore
create mode 100644 first_scan.sh
create mode 100644 index.php
create mode 100644 logo.svg
create mode 100644 ls.php
create mode 100644 rdp.php
create mode 100644 rescan_all.php
create mode 100644 results.php
create mode 100644 toyaml.xsl
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..85aa2a3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+scans/
diff --git a/first_scan.sh b/first_scan.sh
new file mode 100644
index 0000000..61a45f9
--- /dev/null
+++ b/first_scan.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+###
+#
+# Scan un réseau avec nmap pour créer un fichier de configuration
+#
+###
+
+echo "Nom du site ?"
+read name
+echo "Plage IP (xxx.xxx.xxx.xxx/xx) ?"
+read network
+nmap --script smb-enum-shares.nse -oX "scans/$name.xml" $network
+xsltproc toyaml.xsl "scans/$name.xml" > "scans/$name.yaml"
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..3a736f1
--- /dev/null
+++ b/index.php
@@ -0,0 +1,12 @@
+<?php
+$site = filter_input(INPUT_GET, "site", FILTER_SANITIZE_STRING);
+$site = escapeshellcmd($site);
+
+if ($site and file_exists("scans/$site.yaml") and file_exists("scans/$site.xml")) {
+ $conf = yaml_parse_file("scans/$site.yaml");
+ $scan = simplexml_load_file("scans/$site.xml");
+ require("results.php");
+} else {
+ require("ls.php");
+}
+?>
diff --git a/logo.svg b/logo.svg
new file mode 100644
index 0000000..a5f8c6e
--- /dev/null
+++ b/logo.svg
@@ -0,0 +1,53 @@
+<svg class="logo" style="margin: 0 -8px 0 0; fill: white;" version="1.1" id="Layer_1" x="0px" y="0px"
+ viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg"
+ xmlns:svg="http://www.w3.org/2000/svg">
+ <defs id="defs206" />
+ <g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)">
+ <g id="g147">
+ <g id="g145">
+ <path
+ d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z"
+ id="path143" />
+ </g>
+ </g>
+ <g id="g153">
+ <g id="g151">
+ <path
+ d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z"
+ id="path149" />
+ </g>
+ </g>
+ <g id="g159">
+ <g id="g157">
+ <path
+ d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z"
+ id="path155" />
+ </g>
+ </g>
+ <g id="g165">
+ <g id="g163">
+ <rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161" />
+ </g>
+ </g>
+ <g id="g171">
+ <g id="g169">
+ <rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167" />
+ </g>
+ </g>
+ <g id="g173"></g>
+ <g id="g175"></g>
+ <g id="g177"></g>
+ <g id="g179"></g>
+ <g id="g181"></g>
+ <g id="g183"></g>
+ <g id="g185"></g>
+ <g id="g187"></g>
+ <g id="g189"></g>
+ <g id="g191"></g>
+ <g id="g193"></g>
+ <g id="g195"></g>
+ <g id="g197"></g>
+ <g id="g199"></g>
+ <g id="g201"></g>
+ </g>
+</svg>
\ No newline at end of file
diff --git a/ls.php b/ls.php
new file mode 100644
index 0000000..8696b1b
--- /dev/null
+++ b/ls.php
@@ -0,0 +1,35 @@
+<!doctype html>
+<html lang="fr">
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+ <title>lanScan</title>
+ <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-aFq/bzH65dt+w6FI2ooMVUpc+21e0SRygnTpmBvdBgSdnuTN7QbdgL+OapgHtvPp" crossorigin="anonymous">
+ <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/bootstrap.bundle.min.js" integrity="sha384-qKXV1j0HvMUeCBQ+QVp7JcfGl760yU08IQ+GpUo5hlbpg51QRiuqHAJz8+BrxE/N" crossorigin="anonymous"></script>
+ <style>
+ .navbar-brand img {
+ margin: 0 -8px 0 0;
+ }
+ .card-body {
+ padding: .4rem;
+ }
+ </style>
+ </head>
+ <body>
+ <header>
+ <nav class="navbar navbar-fixed-top navbar-nav navbar-dark bg-primary p-0 mb-3">
+ <div class="navbar-brand">lan<img src="logo.svg" alt="S"/>can</div>
+ </nav>
+ </header>
+ <div class="container">
+ <div class="list-group">
+<?php foreach (scandir("./scans") as $file) {
+ if (strrpos($file, ".yaml")) {
+ $site = str_replace(".yaml", "", $file);
+ echo " <a href='?site=$site' class='list-group-item list-group-item-action'>$site</a>\n";
+ }
+} ?>
+ </div>
+ </div>
+ </body>
+</html>
\ No newline at end of file
diff --git a/rdp.php b/rdp.php
new file mode 100644
index 0000000..53d7b39
--- /dev/null
+++ b/rdp.php
@@ -0,0 +1,6 @@
+<?php
+header("Content-Disposition: attachment; filename=".str_replace(":", "_", $_GET["v"]).".rdp");
+header("Content-Type: application/rdp");
+print "full address:s:${_GET[v]}\n";
+exit();
+?>
diff --git a/rescan_all.php b/rescan_all.php
new file mode 100644
index 0000000..9ddb9d0
--- /dev/null
+++ b/rescan_all.php
@@ -0,0 +1,26 @@
+<?php
+foreach (scandir("./scans") as $file) {
+ if (strrpos($file, ".yaml")) {
+ $site = str_replace(".yaml", "", $file);
+ $conf = yaml_parse_file("scans/$file");
+
+ $targets = [];
+ $services = [];
+
+ foreach ($conf as $sitename => $hosts) {
+ foreach($hosts as $hostaddress => $servicesList) {
+ $targets[$hostaddress] = true;
+ foreach ($servicesList as $service) {
+ $services[$service] = true;
+ }
+ }
+ }
+
+ $targets = array_keys($targets);
+ $services = array_keys($services);
+
+ exec("nmap -v -Pn -p ".join($services, ",")." --script smb-enum-shares.nse -oX 'scans/$site.xml' ".join($targets, " "));
+ }
+};
+
+?>
diff --git a/results.php b/results.php
new file mode 100644
index 0000000..b6738c5
--- /dev/null
+++ b/results.php
@@ -0,0 +1,124 @@
+<!doctype html>
+<html lang="fr">
+ <head>
+ <meta charset="utf-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+ <meta http-equiv="refresh" content="300">
+ <title>lanScan - <?=$site?></title>
+ <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-aFq/bzH65dt+w6FI2ooMVUpc+21e0SRygnTpmBvdBgSdnuTN7QbdgL+OapgHtvPp" crossorigin="anonymous">
+ <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/bootstrap.bundle.min.js" integrity="sha384-qKXV1j0HvMUeCBQ+QVp7JcfGl760yU08IQ+GpUo5hlbpg51QRiuqHAJz8+BrxE/N" crossorigin="anonymous"></script>
+ <style>
+ .navbar-brand img {
+ margin: 0 -8px 0 0;
+ }
+ .card-body {
+ padding: .4rem;
+ }
+ </style>
+ </head>
+ <body>
+ <header>
+ <nav class="navbar navbar-fixed-top navbar-nav navbar-dark bg-primary p-0 mb-3">
+ <a href="." class="navbar-brand">lan<img src="logo.svg" alt="S"/>can</a>
+ </nav>
+ </header>
+ <div class="container">
+ <div class="mb-3">
+ <h1><?=$site?></h1>
+ <?=$scan->runstats->finished["summary"]?>
+ </div>
+<?php foreach($conf as $conf_groupname => $conf_hosts) { ?>
+ <h2><?=$conf_groupname?></h2>
+ <div class="row row-cols-1 g-2">
+<?php
+ foreach($conf_hosts as $conf_address => $conf_services) {
+ echo " <!-- $conf_address -->\n";
+ $scan_host = $scan->xpath("host[hostnames/hostname/@name='$conf_address' or address/@addr='$conf_address']")[0];
+ $short_name = preg_match("/^[\d\.]+$/", $conf_address) ? $conf_address : strtok($conf_address, ".")." <small>(".$scan_host->address["addr"].")</small>";
+ $address = count($scan_host->xpath("hostnames/hostname/@name")) ? $scan_host->xpath("hostnames/hostname/@name")[0] : $scan_host->xpath("address/@addr")[0];
+ if ($scan_host->status["state"] =="up") {
+?>
+ <div class="col col-sm-6 col-md-4 col-lg-3 mb-2">
+ <div class="card h-100">
+ <div class="card-body">
+ <div class="card-text" title="<?=$scan_host->hostnames->hostname["name"]?>"><?=$short_name?></div>
+<?php
+ foreach($conf_services as $conf_service) {
+ $scan_service = $scan_host->xpath("ports/port[service/@name='$conf_service' or @portid='$conf_service']")[0];
+ $state = $scan_service->state["state"] == "open" ? "text-bg-primary" : "text-bg-danger";
+ switch($scan_service->service['name']) {
+ case "microsoft-ds":
+ case "netbios-ssn":
+ $shares = $scan_host->xpath("hostscript/script[@id='smb-enum-shares']/table[not(contains(@key, '$'))]");
+ if (count($shares)) {
+?>
+ <div class="dropdown">
+ <button class="badge rounded-pill dropdown-toggle <?=$state?>" dropdown-toggle" type="button" data-bs-toggle="dropdown" aria-expanded="false"><?=$scan_service->service['name']?></button>
+ <ul class="dropdown-menu">
+<?php
+ foreach($shares as $share) {
+?>
+ <li><a class='dropdown-item' href='file:////$address/<?=$share['key']?>'><?=$share['key']?></a></li>
+<?php
+ }
+?>
+ </ul>
+ </div>
+<?php
+ } else {
+?>
+ <span title=":<?=$scan_service['portid']?>" class="badge rounded-pill <?=$state?>"><?=$scan_service->service['name']?></span>
+<?php
+ }
+ break;
+ case "telnet":
+ case "ftp":
+ case "ssh":
+ case "http":
+?>
+ <a href="<?=$scan_service->service['name']?>://<?=$address?>:<?=$scan_service['portid']?>" class="badge rounded-pill <?=$state?>"><?=$scan_service->service['name']?></a>
+<?php
+ break;
+ case "https":
+ case "pve":
+ case "arkeia":
+?>
+ <a href="https://<?=$address?>:<?=$scan_service['portid']?>" class="badge rounded-pill <?=$state?>"><?=$scan_service->service['name']?></a>
+<?php
+ break;
+ case "ms-wbt-server":
+?>
+ <a href="rdp.php?v=<?=$address?>:<?=$scan_service['portid']?>" class="badge rounded-pill <?=$state?>"><?=$scan_service->service['name']?></a>
+<?php
+ break;
+ default:
+?>
+ <span title=":<?=$scan_service['portid']?>" class="badge rounded-pill <?=$state?>"><?=$scan_service->service['name']?></span>
+<?php
+ }
+ }
+?>
+ </div>
+ </div>
+ </div>
+<?php
+ } else {
+?>
+ <div class="col col-sm-6 col-md-4 col-lg-3 mb-2">
+ <div class="card h-100 text-bg-danger">
+ <div class="card-body">
+ <div class="card-text" title="<?=$scan_host->hostnames->hostname["name"]?>"><?=$short_name?></div>
+ </div>
+ </div>
+ </div>
+<?php
+ }
+ }
+?>
+ </div>
+<?php
+}
+?>
+ </div>
+ </body>
+</html>
diff --git a/toyaml.xsl b/toyaml.xsl
new file mode 100644
index 0000000..7e70130
--- /dev/null
+++ b/toyaml.xsl
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xsl:stylesheet
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ version="1.1">
+<xsl:output method="text" encoding="UTF-8" indent="yes" />
+
+<xsl:template match="nmaprun">
+<xsl:text>---
+</xsl:text>
+<xsl:value-of select="substring-after(@args, '" ')" />:
+<xsl:apply-templates select="host"/>
+</xsl:template>
+
+<xsl:template match="host">
+<xsl:text> </xsl:text>
+<xsl:choose>
+<xsl:when test="hostnames/hostname/@name"><xsl:value-of select="hostnames/hostname/@name" /></xsl:when>
+<xsl:otherwise> <xsl:value-of select="address/@addr" /></xsl:otherwise>
+</xsl:choose>: [<xsl:apply-templates select="ports/port"/>]
+</xsl:template>
+
+<xsl:template match="port">
+<xsl:value-of select="service/@name" />
+<xsl:text>, </xsl:text>
+</xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file