adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

sudo in web options

Browse Source
This commit is contained in:
Adrien MALINGREY
2024-10-16 19:01:44 +02:00
parent 260c8f073a
commit ec917b4602
5 changed files with 18 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -29,7 +29,3 @@ Pour donner les droits à lanScan sous Linux, installer `sudo` au besoin, puis c
```
www-data ALL = NOPASSWD: /usr/bin/nmap
````
et modifier le fichier `config.php` avec :
```php
$use_sudo = true;
```

4
config.php
View File

@ -13,12 +13,10 @@ $HOSTSCAN_OPTIONS = [
'Pn' => true,
'F' => true,
'sV' => true,
'T5' => true,
'stylesheet' => "$BASEDIR/hostScan.xsl"
];
$refreshPeriod = 60;
$use_sudo = false;
$SCANSDIR = 'scans';
$DATADIR = '/usr/share/nmap';

11
filter_inputs.php
View File

@ -1,5 +1,7 @@
<?php
include_once "config.php";
$targetsListRegex = "/^[\da-zA-Z-. \/]+$/";
$hostsListRegex = "/^[\da-zA-Z-.,:\/]+$/";
$protocolePortsListRegex = "/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/";
@ -7,12 +9,13 @@ $portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/";
$tempoRegex = "/^\d+[smh]?$/";
$fileNameRegex = '/^[^<>:"\/|?]+$/';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex]]);
$compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_URL);
$refreshPeriod = filter_input(INPUT_GET, 'refreshPeriod', FILTER_VALIDATE_INT, ['options' => ['min_range' => 0]]) ?? $refreshPeriod;
$refreshPeriod = filter_input(INPUT_GET, 'refreshPeriod', FILTER_VALIDATE_INT, ['options' => ['min_range' => 0]]);
$sudo = filter_input(INPUT_GET, 'sudo', FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
if ($lan) {
$targets = $lan;

7
options.php
View File

@ -363,6 +363,13 @@ foreach (scandir($SCANSDIR) as $filename) {
<div class="ui label">secondes</div>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox" title="sudo">
<input type="checkbox" id="sudoCheckbox" name="sudo" <?= $sudo ?? false ? 'checked' : ''; ?>/>
<label for="sudoCheckbox">Exécuter en tant qu'administrateur</label>
</div>
</div>
</div>
</div>

7
scan.php
View File

@ -1,11 +1,10 @@
<?php
include_once 'config.php';
include_once 'filter_inputs.php';
if (!$targets) {
http_response_code(400);
$errorMessage = 'Paramètre manquant : targets, lan ou host';
$errorMessage = "Valeur incorecte pour le paramètre <var>targets</var> : " . filter_input(INPUT_GET, "targets", FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once "options.php";
die();
}
@ -16,7 +15,7 @@ $args = '';
foreach ($inputs as $arg => $value) {
if (is_null($value)) {
http_response_code(400);
$errorMessage = "Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$errorMessage = "Valeur incorecte pour le paramètre <var>$arg</var> : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once "options.php";
die();
} else if ($value) {
@ -32,7 +31,7 @@ foreach ($inputs as $arg => $value) {
$tempPath = tempnam(sys_get_temp_dir(), 'scan_').".xml";
$command = ($use_sudo? "sudo " : "") . "nmap$args -oX '$tempPath' $targets 2>&1";
$command = ($sudo? "sudo " : "") . "nmap$args -oX '$tempPath' $targets 2>&1";
exec($command, $stderr, $retcode);