adrien/lanScan
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: adrien/lanScan:v1
Branches Tags
adrien/lanScan:master adrien/lanScan:v4 adrien/lanScan:v3 adrien/lanScan:v2 adrien/lanScan:v1
..
compare: adrien/lanScan:b445d08ce172db2521b5c8a6a7e1ae3d795587c3
Branches Tags
adrien/lanScan:master adrien/lanScan:v4 adrien/lanScan:v3 adrien/lanScan:v2 adrien/lanScan:v1

150 Commits
v1 .. b445d08ce1

Author SHA1 Message Date
adrien b445d08ce1 outch 2025-01-27 18:47:38 +01:00
adrien e2c1c6604e WIP 2025-01-24 17:38:33 +01:00
adrien a593148c38 add --defeat-rst-ratelimit 2024-12-04 16:26:58 +01:00
adrien d45b05941f putain de point virgule 2024-11-26 15:18:01 +01:00
adrien e423273752 save if name only 2024-11-26 15:15:12 +01:00
adrien 0c72ceb620 system 2024-11-25 18:02:54 +01:00
adrien dc8fa57c0f fix ' in message 2024-11-25 15:17:12 +01:00
adrien 53679e2098 fixed navbar 2024-11-25 11:25:40 +01:00
adrien 8cd0ba066f rrr 2024-10-23 19:39:19 +02:00
adrien 602c1fc7f3 rename script-arg-file 2024-10-23 19:39:00 +02:00
adrien 06eb33187b ignore script-args-file.ini 2024-10-23 19:19:28 +02:00
adrien 43d2df7850 script-args-file.ini 2024-10-23 19:18:59 +02:00
adrien 9d7f526080 use shortport.http 2024-10-23 19:10:56 +02:00
adrien 80dc329353 https 2024-10-23 19:02:13 +02:00
adrien 81652e25c9 ignore password 2024-10-23 15:48:28 +02:00
adrien 4e14da1860 script-arg-file.ini 2024-10-23 15:46:59 +02:00
adrien 8e5f010da0 rename saveAs to name 2024-10-23 15:17:03 +02:00
adrien df4648e12a f*cking css 2024-10-23 14:02:05 +02:00
adrien 154d731e55 use service template 2024-10-22 23:24:08 +02:00
adrien 2ef0421078 unfixed menu 2024-10-22 17:57:11 +02:00
adrien f2acc56ef7 smb-shares-size template 2024-10-22 17:55:31 +02:00
adrien 1d5bb5446d move script arg file 2024-10-22 16:38:01 +02:00
adrien 7790369ac1 return to bin.pack 2024-10-22 15:50:19 +02:00
adrien bfb7788df0 rawurlencode on $thisURL 2024-10-22 02:09:59 +02:00
adrien c174b3a142 fix renaming 2024-10-22 01:52:34 +02:00
adrien 1a0bb6abf5 clearable 2024-10-22 01:50:37 +02:00
adrien c01cfb631b renaming 2024-10-22 01:26:34 +02:00
adrien f1bb88abec rename compareWith to original 2024-10-22 01:07:08 +02:00
adrien f2af893303 more options 2024-10-22 00:35:00 +02:00
adrien 8865da906d hostgroup 2024-10-21 23:56:32 +02:00
adrien f05edd0fc7 RTTDuration 2024-10-21 22:59:52 +02:00
adrien 2eda5ca9c9 change options icon 2024-10-21 22:31:28 +02:00
adrien 68a98fb5a5 more options 2024-10-21 01:14:22 +02:00
adrien 7bddbd3e10 fix nav 2024-10-20 17:58:53 +02:00
adrien 0b59c94f52 export nav 2024-10-20 17:35:37 +02:00
adrien bd8e988444 export head 2024-10-20 15:03:45 +02:00
adrien cadcd37408 export toast 2024-10-20 13:49:04 +02:00
adrien d8bc7d99fb update cards 2024-10-20 13:46:35 +02:00
adrien 458c04afa1 remove htmlentities 2024-10-20 13:44:55 +02:00
adrien f001e1b61d fix url 2024-10-20 13:41:51 +02:00
adrien db6643b8bb split service label 2024-10-20 12:43:51 +02:00
adrien a7c67292ed --script-args 2024-10-20 12:33:50 +02:00
adrien dfd89a5add remove quotes on value 2024-10-20 12:30:09 +02:00
adrien c6b8005958 split command parsing 2024-10-20 12:22:24 +02:00
adrien 705904fbfa update scripts 2024-10-20 02:36:26 +02:00
adrien af6dc0a76b portrule 2024-10-20 02:18:46 +02:00
adrien 321935e7a8 align 2024-10-20 02:18:38 +02:00
adrien baef7123b8 option -T 2024-10-20 01:56:33 +02:00
adrien f14062fda5 rename var 2024-10-20 01:32:54 +02:00
adrien b55df2e880 not wide 2024-10-20 00:49:57 +02:00
adrien 5882baf8ae script filter 2024-10-20 00:49:52 +02:00
adrien dba9e2e9b7 dont include known port on url 2024-10-20 00:29:41 +02:00
adrien 4928b346b3 default 2024-10-18 18:41:15 +02:00
adrien 0c736158aa merge index and options 2024-10-18 16:14:52 +02:00
adrien 17a628cc11 split domain suffix 2024-10-18 15:20:59 +02:00
adrien b6900bc76a templates 2024-10-18 15:08:49 +02:00
adrien c3ed9f9fc2 reorg 2024-10-18 14:47:02 +02:00
adrien a773e8b8d9 datadir 2024-10-18 12:11:45 +02:00
adrien 54116d27d0 scripts 2024-10-18 02:04:55 +02:00
adrien 887e024f27 add http title 2024-10-18 01:31:04 +02:00
adrien 9f06bd0b66 add personnal scripts 2024-10-18 01:30:05 +02:00
adrien 63dbcb407f more options 2024-10-18 00:39:53 +02:00
adrien e7b462c033 style 2024-10-17 20:09:26 +02:00
adrien d39798ea4e title 2024-10-17 16:49:56 +02:00
adrien 88280ac41d update stylesheets 2024-10-17 15:56:32 +02:00
adrien 8c4dda99b5 add -sU 2024-10-17 14:52:20 +02:00
adrien 22de01a01b move nmap scripts to separate git projet nmap-scripts 2024-10-17 11:29:42 +02:00
adrien 1832864505 overflow 2024-10-17 09:00:12 +02:00
adrien 59d0695d1b no services 2024-10-17 08:45:25 +02:00
adrien 4b3634dc67 rename hostsTable 2024-10-17 08:41:50 +02:00
adrien b3b9db4aa7 compact stylesheet 2024-10-17 03:27:22 +02:00
adrien 3b90e7f6cc move stylesheets to subfolder 2024-10-17 02:19:21 +02:00
adrien 290932a421 rename stylesheet 2024-10-17 00:48:26 +02:00
adrien 9683dd2283 fix options with - 2024-10-17 00:45:59 +02:00
adrien df5c7e8497 layout 2024-10-16 23:44:47 +02:00
adrien 5e0985e7d6 undo footer 2024-10-16 23:41:46 +02:00
adrien ff18e2352c footer 2024-10-16 23:38:20 +02:00
adrien 7aeb817c4c footer 2024-10-16 23:32:25 +02:00
adrien 7c4d32c83f cards stylesheet 2024-10-16 23:31:02 +02:00
adrien 4ccd659d63 fix no name 2024-10-16 22:13:48 +02:00
adrien c2b40b5c71 fix no name 2024-10-16 22:11:04 +02:00
adrien 6fc85431af fix stylesheet value 2024-10-16 22:01:22 +02:00
adrien 18775fb8b1 rename host scan to services details 2024-10-16 21:50:44 +02:00
adrien 9f2826d522 inclure lanScan options in presets 2024-10-16 21:41:57 +02:00
adrien 653bb604f5 args name with "-" 2024-10-16 21:25:02 +02:00
adrien 6c33080785 presets 2024-10-16 20:55:43 +02:00
adrien a1aeefee47 rename $inputs to $args 2024-10-16 20:15:54 +02:00
adrien 5e76b92b96 targets no longer required 2024-10-16 20:08:49 +02:00
adrien ec917b4602 sudo in web options 2024-10-16 19:01:44 +02:00
adrien 260c8f073a config 
Signed-off-by: Adrien MALINGREY <adrien@malingrey.fr>
 2024-10-16 11:52:42 +02:00
adrien 570e8f2252 use sudo at will 2024-10-16 11:04:12 +02:00
adrien cd6f64679b include error message 2024-10-16 10:43:11 +02:00
adrien 6422830783 more options 2024-10-15 23:19:22 +02:00
adrien 7ef62104f0 don't spin all form 2024-10-15 22:34:36 +02:00
adrien 386d0fc65d use sudo on need 2024-10-15 16:24:07 +02:00
adrien 9a525b6ffe install sudo 2024-10-15 08:35:50 +02:00
adrien 6a3589b988 README 2024-10-15 08:34:00 +02:00
adrien 2c771c0766 split some options 2024-10-15 08:29:01 +02:00
adrien 1befb0017c more options 2024-10-15 02:55:42 +02:00
adrien 95d509e1b1 merge right menu items 2024-10-15 01:38:58 +02:00
adrien f8f1183fe7 refreshPeriod input 2024-10-14 23:37:57 +02:00
adrien 9cb008785c host options 2024-10-14 21:21:08 +02:00
adrien 2337fe1e60 little fixes 2024-10-14 15:40:50 +02:00
adrien 1f2ab88641 fix sudo 2024-10-14 14:43:55 +02:00
adrien 641f214899 basedir o logo 2024-10-14 12:48:32 +02:00
adrien 89a7613f9e encode url 2024-10-14 05:00:51 +02:00
adrien fdf15e5a7d datatable import 2024-10-14 04:54:49 +02:00
adrien 47c0bbdb4c mac vendor 2024-10-14 04:41:18 +02:00
adrien db216baf46 reorder options 2024-10-14 04:12:56 +02:00
adrien cf5dcf24a7 small fixes 2024-10-14 03:36:07 +02:00
adrien 2f7eebdaf1 host scan stylesheet 2024-10-14 02:50:36 +02:00
adrien ad79495608 saveAs and compareWith as URL 2024-10-14 00:49:19 +02:00
adrien 76e1832c28 use other stylesheets 2024-10-13 18:07:32 +02:00
adrien f7629028f6 footer 2024-10-13 15:36:46 +02:00
adrien f5a0cffc05 temp file 2024-10-13 15:04:58 +02:00
adrien bcf6ddff0d default values 2024-10-13 14:20:20 +02:00
adrien df6f5154e2 refresh to scan.php 2024-10-13 14:16:52 +02:00
adrien efff220fe3 pass inputs with recursive template 2024-10-13 07:29:16 +02:00
adrien cb0a4d94a5 dont serve stdout if ok 2024-10-13 07:29:00 +02:00
adrien 48113dc7cc fix names 2024-10-13 07:28:11 +02:00
adrien b197af448a quote in name, params on index link 2024-10-13 04:37:49 +02:00
adrien 97a4c5801b lot of stuff 2024-10-12 19:10:50 +02:00
adrien 8a9b822cf6 fix 2024-10-10 18:08:42 +02:00
adrien f413212db9 fix scan args 2024-10-10 18:07:44 +02:00
adrien 01f8ee3ea0 circular label on status 2024-10-10 09:03:27 +02:00
adrien 664bee1249 options 2024-10-10 02:10:06 +02:00
adrien bcb63b3d0f remove - 2024-10-10 02:07:00 +02:00
adrien 3c9978569b toast 2024-10-10 02:05:32 +02:00
adrien eae12a8e4e get query 2024-10-09 03:08:41 +02:00
adrien ce4f8dda1a get default args 2024-10-09 03:08:20 +02:00
adrien b3cffaed35 default args 2024-10-09 03:07:56 +02:00
adrien a6ba7c4b23 oops 2024-10-09 01:46:44 +02:00
adrien 865a8efb62 filter inputs 2024-10-09 01:36:51 +02:00
adrien 3a594acb48 index list 2024-10-08 18:30:24 +02:00
adrien b4f75a5984 more fields 2024-10-08 18:08:39 +02:00
adrien 4e9dd60477 input with checkbox 2024-10-08 12:21:55 +02:00
adrien 20e6b22d0d tag validation 2024-10-08 11:14:31 +02:00
adrien 3dd9e39f5c tag input 2024-10-08 05:26:09 +02:00
adrien 7062b94aaa scan options draft 2024-10-08 05:13:40 +02:00
adrien d5dd51921c new scan menu 2024-10-07 20:42:16 +02:00
adrien b02c89973c filename 2024-10-07 20:34:38 +02:00
adrien 0d56163339 filter input 2024-10-07 20:33:03 +02:00
adrien 6319d411c5 remove basedir 2024-10-07 16:28:29 +02:00
adrien 6dd728ce0d save only first scan 2024-10-07 12:09:12 +02:00
adrien 1d8457d020 faivonc 2024-10-07 10:27:34 +02:00
adrien 85fab8e41b variable rename 2024-10-07 03:38:29 +02:00
adrien bef547fae0 true example 2024-10-07 03:38:10 +02:00
adrien 42e16d3ef8 index 2024-10-07 02:48:34 +02:00
adrien f44e1d8267 second draft 2024-10-07 01:16:44 +02:00
adrien 34a4058ba4 first draft 2024-10-04 18:04:25 +02:00
27 changed files with 2831 additions and 192 deletions
Expand all files Collapse all files
.gitignore
+3 -27
View File
@@ -1,27 +1,3 @@
# ---> CakePHP
# CakePHP 3
/vendor/*
/config/app.php
/tmp/cache/models/*
!/tmp/cache/models/empty
/tmp/cache/persistent/*
!/tmp/cache/persistent/empty
/tmp/cache/views/*
!/tmp/cache/views/empty
/tmp/sessions/*
!/tmp/sessions/empty
/tmp/tests/*
!/tmp/tests/empty
/logs/*
!/logs/empty
# CakePHP 2
/app/tmp/*
/app/Config/core.php
/app/Config/database.php
/vendors/*
scans/
datadir/script-args.ini
test.php
LICENSE
-11
View File
@@ -1,11 +0,0 @@
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
Version 2, December 2004
Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
Everyone is permitted to copy and distribute verbatim or modified copies of this license document, and changing it is allowed as long as the name is changed.
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. You just DO WHAT THE FUCK YOU WANT TO.
README.md
+37 -2
View File
@@ -1,3 +1,38 @@
# LanScan
# lanScan
Web UI for nmap
Scanne le réseau avec `nmap` et affiche les résultats dans une page web.
## Configuration
On peut personnaliser les options prédéfinies pour les scans de réseau ou d'hôte dans le fichier `config.php` :
```php
$presets = [
"default" => [
'-PS' => 'microsoft-ds',
'-F' => true,
'-T' => 5,
'--stylesheet' => "$BASEDIR/templates/lanScan.xsl",
'refreshPeriod' => 60,
'sudo' => false,
],
"host" => [
'-Pn' => true,
'-F' => true,
'-sV' => true,
'-T' => 5,
'--script' => "http-info,smb-shares-size",
'--stylesheet' => "$BASEDIR/templates/hostScan.xsl",
'refreshPeriod' => 60,
'sudo' => true,
],
];
```
## Accès root
Certaines options nécessitent l'accès root.
Pour donner les droits à lanScan sous Linux, installer `sudo` au besoin, puis créer le fichier `/etc/sudoers.d/lanScan` avec le contenu
(en remplaçant `www-data` par l'utilisateur du service web) :
```
www-data ALL = NOPASSWD: /usr/bin/nmap
````
config.php
+31
View File
@@ -0,0 +1,31 @@
<?php
$port = (($_SERVER['REQUEST_SCHEME'] == "http" && $_SERVER['SERVER_PORT'] == 80) || ($_SERVER['REQUEST_SCHEME'] == "https" && $_SERVER['SERVER_PORT'] == 443)) ? "" : ":{$_SERVER['SERVER_PORT']}";
$BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}$port" . dirname($_SERVER['SCRIPT_NAME']);
$SCANSDIR = 'scans';
$TEMPLATESDIR = "templates";
$NMAP = 'sudo nmap'; # nmap command, E.g. 'nmap', 'sudo nmap' for root privileges or '/usr/bin/nmap' if not in PATH
$NMAPDIR = dirname(`which nmap`) . "/../share/nmap";
$DATADIR = ".";
$SCRIPTARGS = "script-args.ini";
$presets = [
"default" => [
'-PS' => 'microsoft-ds',
'-F' => true,
'-T' => 5,
'--stylesheet' => "lanScan",
'refreshPeriod' => 60,
#'sudo' => false,
],
"host" => [
'-Pn' => true,
'-F' => true,
'-sV' => true,
'-T' => 5,
'--script' => "http-info,smb-shares-size",
'--stylesheet' => "hostScan",
'refreshPeriod' => 60,
#'sudo' => true,
],
];
favicon.ico
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.3 KiB

filter_inputs.php
+124
View File
@@ -0,0 +1,124 @@
<?php
include_once "config.php";
$targetsListRegex = '/^[\da-zA-Z-. \/]+$/';
$hostsListRegex = '/^[\da-zA-Z-.,:\/]+$/';
$protocolePortsListRegex = '/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/';
$portsListRegex = '/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/';
$tempoRegex = '/^\d+[smh]?$/';
$fileNameRegex = '/^[^<>:\/|?]+$/';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$preset = filter_input(INPUT_GET, "preset", FILTER_SANITIZE_STRING);
if ($preset && isset($presets[$preset])) {
$options = $presets[$preset];
} else {
$options = filter_input_array(INPUT_GET, [
// TARGET SPECIFICATION:
'-iR' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// HOST DISCOVERY:
'-sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sP' => FILTER_VALIDATE_BOOLEAN,
'-P0' => FILTER_VALIDATE_BOOLEAN,
'-Pn' => FILTER_VALIDATE_BOOLEAN,
'-PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PE' => FILTER_VALIDATE_BOOLEAN,
'-PP' => FILTER_VALIDATE_BOOLEAN,
'-PM' => FILTER_VALIDATE_BOOLEAN,
'-PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'-PR' => FILTER_VALIDATE_BOOLEAN,
'--send-ip' => FILTER_VALIDATE_BOOLEAN,
'-n' => FILTER_VALIDATE_BOOLEAN,
'-R' => FILTER_VALIDATE_BOOLEAN,
'--dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// SCAN TECHNIQUES:
'-sS' => FILTER_VALIDATE_BOOLEAN,
'-sT' => FILTER_VALIDATE_BOOLEAN,
'-sA' => FILTER_VALIDATE_BOOLEAN,
'-sW' => FILTER_VALIDATE_BOOLEAN,
'-sM' => FILTER_VALIDATE_BOOLEAN,
'-sF' => FILTER_VALIDATE_BOOLEAN,
'-sN' => FILTER_VALIDATE_BOOLEAN,
'-sX' => FILTER_VALIDATE_BOOLEAN,
'-sU' => FILTER_VALIDATE_BOOLEAN,
'--scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]$/']],
'-sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-zA-Z\d:.-]+(:\d+)?$/']],
'-sO' => FILTER_VALIDATE_BOOLEAN,
'-b' => FILTER_VALIDATE_URL,
'--traceroute' => FILTER_VALIDATE_BOOLEAN,
'--reason' => FILTER_VALIDATE_BOOLEAN,
// PORT SPECIFICATION AND SCAN ORDER:
'-p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-F' => FILTER_VALIDATE_BOOLEAN,
'-r' => FILTER_VALIDATE_BOOLEAN,
'--top-ports' => FILTER_VALIDATE_INT,
'--port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
// SERVICE/VERSION DETECTION:
'-sV' => FILTER_VALIDATE_BOOLEAN,
'--version-light' => FILTER_VALIDATE_BOOLEAN,
'--version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'--version-all' => FILTER_VALIDATE_BOOLEAN,
'--version-trace' => FILTER_VALIDATE_BOOLEAN,
// SCRIPT SCAN:
'-sC' => FILTER_VALIDATE_BOOLEAN,
'--script' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z][a-z0-9,\-\.\/]*$/']],
'--script-args' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^([a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?)$/']],
// OS DETECTION:
'-O' => FILTER_VALIDATE_BOOLEAN,
'--osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'--osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'--max-os-tries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
// TIMING AND PERFORMANCE:
'-T' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 5]],
'--min-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-retries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
// FIREWALL/IDS EVASION AND SPOOFING:
'-f' => FILTER_VALIDATE_INT,
'--mtu' => FILTER_VALIDATE_INT,
'-D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-S' => ['filter' => FILTER_VALIDATE_IP],
'-e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z\d]+$/']],
'-g' => FILTER_VALIDATE_INT,
'--source-port' => FILTER_VALIDATE_INT,
'--data-length' => FILTER_VALIDATE_INT,
'--ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/']],
'--ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'--spoof-mac' => FILTER_VALIDATE_MAC,
'--badsum' => FILTER_VALIDATE_BOOLEAN,
// MISC:
// '6' => FILTER_VALIDATE_BOOLEAN,
'-A' => FILTER_VALIDATE_BOOLEAN,
'--send-eth' => FILTER_VALIDATE_BOOLEAN,
'--privileged' => FILTER_VALIDATE_BOOLEAN,
'-V' => FILTER_VALIDATE_BOOLEAN,
'--unprivileged' => FILTER_VALIDATE_BOOLEAN,
'-h' => FILTER_VALIDATE_BOOLEAN,
'--stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
// lanScan
'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
'originalURL' => FILTER_VALIDATE_URL,
'refreshPeriod' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'sudo' => FILTER_VALIDATE_BOOLEAN,
], false) ?: $presets["default"];
}
$options["--datadir"] = $DATADIR;
$options["--script-args-file"] = $SCRIPTARGS;
/*echo "<!--";
var_dump($options);
echo "-->\n";*/
index.php
Executable
+784
View File
@@ -0,0 +1,784 @@
<?php
include_once 'config.php';
include_once 'filter_inputs.php';
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8" />
<title>lanScan</title>
<link rel="icon" href="favicon.ico" />
<script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
<link rel="stylesheet" type="text/css"
href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href=".">
lan<?php include 'logo.svg'; ?>can
</a>
<div class="right menu">
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</div>
</nav>
<main class="ui main container">
<?php if(isset($errorMessage)) { ?>
<div class="ui negative message">
<i class="close icon"></i>
<div class="header">Erreur</div>
<p><?=$errorMessage?></p>
</div>
<?php } ?>
<h1 class="header">Scanner un <?=$preset == "host"? "hôte" : "réseau" ?></h1>
<form id="newScanForm" class="ui form" method="get" action="scan.php">
<div class="field">
<label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles"
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div>
<div class="ui styled fluid accordion field">
<div class="title"><i class="icon dropdown"></i>Spécification des cibles</div>
<div class="content">
<div class="field">
<label for="excludeInput" title="--exclude">Exclure les hôtes ou réseaux</label>
<input id="excludeInput" type="text" name="--exclude" placeholder="Hôte/réseau" list="targetsList"
pattern="[a-zA-Z0-9._\/,\-]*" value="<?= $options['--exclude'] ?? "" ?>">
</div>
<div class="field">
<label for="iRInput" title="-iR">Nombre de cibles au hasard</label>
<input id="iRInput" type="number" min="0" name="-iR" placeholder="Nombre"
value="<?= $options['-iR'] ?? "" ?>">
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Découverte des hôtes actifs</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox">
<input id="PnCheckbox" type="checkbox" name="-Pn" <?= $options['-Pn'] ?? false ? 'checked' : ''; ?> />
<label for="PnCheckbox" title="-Pn">Sauter cette étape (considérer tous les hôtes comme actifs)</label>
</div>
</div>
<div class="field">
<label for="PSInput" title="-PS">TCP SYN</label>
<input id="PSInput" type="text" name="-PS" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-PS'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label for="PAInput" title="-PA">TCP ACK</label>
<input id="PAInput" type="text" name="-PA" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-PA'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label for="PUInput" title="-PU">UDP</label>
<input id="PUInput" type="text" name="-PU" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-PU'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label>ICMP</label>
<div class="inline fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="PECheckbox" type="checkbox" name="-PE" <?= $options['-PE'] ?? false ? 'checked' : ''; ?> />
<label for="PECheckbox" title="-PE">Echo request</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="PPCheckbox" type="checkbox" name="-PP" <?= $options['-PP'] ?? false ? 'checked' : ''; ?> />
<label for="PPCheckbox" title="-PP">Timestamp request</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="PMCheckbox" type="checkbox" name="-PM" <?= $options['-PM'] ?? false ? 'checked' : ''; ?> />
<label for="PMCheckbox" title="-PM">Mask request</label>
</div>
</div>
</div>
</div>
<div class="field">
<label for="POInput" title="-PO">Protocole IP (par type)</label>
<input id="POInput" type="text" name="-PO" placeholder="Protocole"
pattern="[0-9,\-]+" value="<?= $options['-PO'] ?? "" ?>"
title="[num de protocole]">
</div>
<div class="inline fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="PRCheckbox" type="checkbox" name="-PR" <?= $options['-PR'] ?? false ? 'checked' : ''; ?> />
<label for="PRCheckbox" title="-PR">Ping ARP</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sendIPCheckbox" type="checkbox" name="--send-ip" <?= $options['--send-ip'] ?? false ? 'checked' : ''; ?> />
<label for="sendIPCheckbox" title="--send-ip">Pas de scan ARP</label>
</div>
</div>
</div>
<div class="inline fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="nCheckbox" type="checkbox" name="-n" <?= $options['-n'] ?? false ? 'checked' : ''; ?> />
<label for="nCheckbox" title="-n">Ne jamais résoudre les noms DNS</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="RCheckbox" type="checkbox" name="-R" <?= $options['-R'] ?? false ? 'checked' : ''; ?> />
<label for="nCheckbox" title="-R">Toujours résoudre les noms DNS<br />(par défault seuls les hôtes actifs sont résolus)</label>
</div>
</div>
</div>
<div class="field">
<label for="dnsServersInput" title="--dns-servers">Utiliser les serveurs DNS</label>
<input id="dnsServersInput" type="text" name="--dns-servers" placeholder="serveur"
pattern="[a-zA-Z0-9._,\-]*" value="<?= $options['--dns-servers'] ?? "" ?>"
title="serv1[,serv2],...">
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Techniques de scan de ports</div>
<div class="content">
<div class="field">
<div class="fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="sSCheckbox" type="checkbox" name="-sS" <?= $options['-sS'] ?? false ? 'checked' : ''; ?> />
<label for="sSCheckbox" title="-sS">TCP SYN</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sTCheckbox" type="checkbox" name="-sT" <?= $options['-sT'] ?? false ? 'checked' : ''; ?> />
<label for="sTCheckbox" title="-sT">TCP Connect()</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sACheckbox" type="checkbox" name="-sA" <?= $options['-sA'] ?? false ? 'checked' : ''; ?> />
<label for="sACheckbox" title="-sA">TCP ACK</label>
</div>
</div>
</div>
<div class="fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="sWCheckbox" type="checkbox" name="-sW" <?= $options['-sW'] ?? false ? 'checked' : ''; ?> />
<label for="sWCheckbox" title="-sW">Fenêtre TCP</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sMCheckbox" type="checkbox" name="-sM" <?= $options['-sM'] ?? false ? 'checked' : ''; ?> />
<label for="sMCheckbox" title="-sM">Maimon</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sNCheckbox" type="checkbox" name="-sN" <?= $options['-sN'] ?? false ? 'checked' : ''; ?> />
<label for="sNCheckbox" title="-sN">TCP Null</label>
</div>
</div>
</div>
<div class="fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="sFCheckbox" type="checkbox" name="-sF" <?= $options['-sF'] ?? false ? 'checked' : ''; ?> />
<label for="sFCheckbox" title="-sF">TCP FIN</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sXCheckbox" type="checkbox" name="-sX" <?= $options['-sX'] ?? false ? 'checked' : ''; ?> />
<label for="sXCheckbox" title="-sX">Sapin de Noël</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sUCheckbox" type="checkbox" name="-sU" <?= $options['-sU'] ?? false ? 'checked' : ''; ?> />
<label for="sUCheckbox" title="-sU">UDP</label>
</div>
</div>
</div>
<div class="field">
<label for="scanflagsInput" title="--scanflags">Scan TCP personnalisé</label>
<input id="scanflagsInput" type="text" name="--scanflags" placeholder="Drapeaux TCP" list="flagsList"
pattern="(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]" value="<?= $options['--scanflags'] ?? "" ?>"
title="Mélanger simplement les drapeaux URG, ACK, PSH, RST, SYN et FIN.">
</div>
<div class="field">
<label for="sIInput" title="-sI">Hôte zombie</label>
<input id="sIInput" type="text" name="-p" placeholder="zombie host[:probeport]"
pattern="[a-zA-Z0-9._\-]+(:[0-9]+)?" value="<?= $options['-sI'] ?? "" ?>"
title="zombie host[:probeport]">
</div>
<div class="field">
<label for="bInput" title="-b">Rebond FTP</label>
<input id="bInput" type="text" name="-p" placeholder="[<username>[:<password>]@]<server>[:<port>]"
pattern="([a-zA-Z0-9._\-]+(:.+)?@)?[a-zA-Z0-9._\-]+(:[0-9]+)?" value="<?= $options['-b'] ?? "" ?>"
title="[<username>[:<password>]@]<server>[:<port>]">
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sUCheckbox" type="checkbox" name="-sU" <?= $options['-sU'] ?? false ? 'checked' : ''; ?> />
<label for="sUCheckbox" title="-sO">Scan des protocoles supportés par la couche IP</label>
</div>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Spécifications des ports et ordre du scan</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox" title="-sP">
<input id="sPCheckbox" type="checkbox" name="-sP" <?= $options['-sP'] ?? false ? 'checked' : ''; ?> />
<label for="sPCheckbox">Sauter cette étape</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox" title="-F">
<input id="FCheckbox" type="checkbox" name="-F" <?= $options['-F'] ?? false ? 'checked' : ''; ?>
onchange="pInput.disabled = FCheckbox.checked" />
<label for="FCheckbox">Scanner les ports connus</label>
</div>
</div>
<div class="field">
<label for="pInput" title="-p">Scanner les ports</label>
<input id="pInput" type="text" name="-p" placeholder="Ports" list="servicesList" <?= $options['-F'] ?? false ? 'disabled' : ''; ?>
pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-p'] ?? "" ?>"
title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
</div>
<div class="inline field">
<div class="ui toggle checkbox" title="-r">
<input id="rCheckbox" type="checkbox" name="-r" <?= $options['-r'] ?? false ? 'checked' : ''; ?> />
<label for="rCheckbox">Ne pas mélanger les ports</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Détection de services et de versions</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox" title="-sV">
<input id="sVCheckbox" type="checkbox" name="-sV" <?= $options['-sV'] ?? false ? 'checked' : ''; ?> />
<label for="sVCheckbox">Détection de version</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="allportsCheckbox" type="checkbox" name="--allports" <?= $options['--allports'] ?? false ? 'checked' : ''; ?> />
<label for="allportsCheckbox" title="--allports">N'exclure aucun port de la détection de version</label>
</div>
</div>
<div class="field">
<label for="versionIntensityInput" title="--version-intensity">Intensité des tests de version</label>
<input type="number" min="0" max="9" id="versionIntensityInput" name="--version-intensity" placeholder="0-9"
value="<?= $options["--version-intensity"] ?? "" ?>" title="2: léger, 9: tous, défaut: 7">
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="sRCheckbox" type="checkbox" name="-sR" <?= $options['-sR'] ?? false ? 'checked' : ''; ?> />
<label for="sRCheckbox" title="-sR">Scan RPC</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Scripts</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox">
<input id="sCCheckbox" type="checkbox" name="-sC" <?= $options['-sC'] ?? false ? 'checked' : ''; ?> />
<label for="sCCheckbox" title="-sC">Scripts par défaut</label>
</div>
</div>
<div class="field">
<label for="scriptInput">Scripts</label>
<input id="scriptInput" type="text" name="--script" placeholder="Nom"
title="<catégories|répertoire|nom|all>" list="scripts" pattern="[a-z][a-z0-9\-\.\/]*"
value="<?= $options["--script"] ?? ""; ?>">
</div>
<div class="field">
<label for="scriptArgsInput" title="--script-args">Arguments des scripts</label>
<input id="scriptArgsInput" type="text" name="--script-args" placeholder="arg=valeur"
pattern='[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?' value="<?= $options['--script-args'] ?? "" ?>"
title="<n1=v1,[n2=v2,...]>">
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="scriptTraceCheckbox" type="checkbox" name="--script-trace" <?= $options['--script-trace'] ?? false ? 'checked' : ''; ?> />
<label for="scriptTraceCheckbox" title="--script-trace">Montrer toutes les données envoyées ou recues</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="scriptUpdateDBCheckbox" type="checkbox" name="--script-updatedb" <?= $options['--script-updatedb'] ?? false ? 'checked' : ''; ?> />
<label for="scriptUpdateDBCheckbox" title="--script-updatedb">Mettre à jour la base de données des scripts</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Détection du système d'exploitation</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox">
<input id="OCheckbox" type="checkbox" name="-O" <?= $options['-O'] ?? false ? 'checked' : ''; ?> />
<label for="OCheckbox" title="-O">Détecter le système d'exploitation</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="osscanLimitCheckbox" type="checkbox" name="--osscan-limit" <?= $options['--osscan-limit'] ?? false ? 'checked' : ''; ?> />
<label for="osscanLimitCheckbox" title="--osscan-limit">Seulement les cibles prometteuses</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="osscanGuessCheckbox" type="checkbox" name="--osscan-guess" <?= $options['--osscan-guess'] ?? false ? 'checked' : ''; ?> />
<label for="osscanGuessCheckbox" title="--osscan-guess">Essayer de deviner</label>
</div>
</div>
<div class="field">
<label for="maxOSTriesInput" title="--max-os-tries">Nombre d'essais maximum</label>
<input type="number" min="0" id="maxOSTriesInput" name="--max-os-tries" placeholder="Nombre"
value="<?= $options["--max-os-tries"] ?? "" ?>">
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Temporisation et performances</div>
<div class="content">
<div class="field">
<label for="TSelect" title="--T">Intensité des tests de version</label>
<select id="TSelect" class="ui clearable dropdown" name="-T" value="<?= $options["-T"] ?? ""?>">
<option value="0"<?=($options["-T"]??"")==0?" selected":""?>>Paranoïaque</option>
<option value="1"<?=($options["-T"]??"")==1?" selected":""?>>Sournois</option>
<option value="2"<?=($options["-T"]??"")==2?" selected":""?>>Poli</option>
<option value="3"<?=($options["-T"]??"")==3?" selected":""?>>Normal</option>
<option value="4"<?=($options["-T"]??"")==4?" selected":""?>>Aggressif</option>
<option value="5"<?=($options["-T"]??"")==5?" selected":""?>>Dément</option>
</select>
</div>
<div class="field">
<label>Tailles des groupes d'hôtes à scanner en parallèle</label>
<div class="two fields">
<div class="field">
<label for="minHostgroupInput" title="--min-hostgroup">Minimum</label>
<input id="minHostgroupInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--min-hostgroup"] ?? "" ?>"
oninput="maxHostgroupInput.min = minHostgroupInput.value">
</div>
<div class="field">
<label for="maxHostgroupInput" title="--max-hostgroup">Maximum</label>
<input id="maxHostgroupInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--max-hostgroup"] ?? "" ?>"
oninput="minHostgroupInput.max = maxHostgroupInput.value">
</div>
</div>
</div>
<div class="field">
<label>Parallélisation des paquets de tests</label>
<div class="two fields">
<div class="field">
<label for="minParallelismInput" title="--min-parallelism">Minimum</label>
<input id="minParallelismInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--min-parallelism"] ?? "" ?>"
oninput="maxParallelismInput.min = minParallelismInput.value">
</div>
<div class="field">
<label for="maxParallelismInput" title="--max-parallelism">Maximum</label>
<input id="maxParallelismInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--max-parallelism"] ?? "" ?>"
oninput="minParallelismInput.max = maxParallelismInput.value">
</div>
</div>
</div>
<div class="field">
<label>Temps d'aller-retour des paquets de tests</label>
<div class="three fields">
<div class="field">
<label for="initialRTTNumber" title="--initial-rtt-timeout">Initial</label>
<div class="ui right labeled input">
<input type="number" min="0" id="initialRTTNumber" placeholder="Durée"
oninput="initialRTTHidden.value = initialRTTNumber.value? initialRTTNumber.value+initialRTTUnit.value: ''; maxRTTHidden.initial=initialRTTHidden.value"
<?= preg_match("/^\d+/", $options["--initial-rtt-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="initialRTTUnit" class="ui clearable dropdown label"
oninput="initialRTTHidden.value = initialRTTNumber.value? initialRTTNumber.value+initialRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--initial-rtt-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--initial-rtt-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--initial-rtt-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="initialRTTHidden" type="hidden" name="--initial-rtt-timeout"
value="<?= $options["--initial-rtt-timeout"] ?? "" ?>">
</div>
<div class="field">
<label for="minRTTNumber" title="--min-rtt-timeout">Minimum</label>
<div class="ui right labeled input">
<input type="number" min="0" id="minRTTNumber" placeholder="Durée"
oninput="minRTTHidden.value = minRTTNumber.value? minRTTNumber.value+minRTTUnit.value: ''; maxRTTHidden.min=minRTTHidden.value"
<?= preg_match("/^\d+/", $options["--min-rtt-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="minRTTUnit" class="ui clearable dropdown label"
oninput="minRTTHidden.value = minRTTNumber.value? minRTTNumber.value+minRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--min-rtt-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--min-rtt-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--min-rtt-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="minRTTHidden" type="hidden" name="--min-rtt-timeout"
value="<?= $options["--min-rtt-timeout"] ?? "" ?>">
</div>
<div class="field">
<label for="maxRTTNumber" title="--max-rtt-timeout">Maximum</label>
<div class="ui right labeled input">
<input type="number" min="0" id="maxRTTNumber" placeholder="Durée"
oninput="maxRTTHidden.value = maxRTTNumber.value? maxRTTNumber.value+maxRTTUnit.value: ''; minRTTHidden.max=maxRTTHidden.value"
<?= preg_match("/^\d+/", $options["--max-rtt-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="maxRTTUnit" class="ui clearable dropdown label"
oninput="maxRTTHidden.value = maxRTTNumber.value? maxRTTNumber.value+maxRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--max-rtt-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--max-rtt-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--max-rtt-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="maxRTTHidden" type="hidden" name="--max-rtt-timeout"
value="<?= $options["--max-rtt-timeout"] ?? "" ?>">
</div>
</div>
</div>
<div class="field">
<label for="maxRetriesInput" title="--max-retries">Nombre de retransmissions des paquets de tests des scans de ports</label>
<input type="number" min="0" id="maxRetriesInput" name="--max-retries" placeholder="Nombre"
value="<?= $options["--max-retries"] ?? "" ?>">
</div>
<div class="field">
<label for="hostTimoutInput" title="--host-timeout">Délai d'expiration du scan d'un hôte trop lent</label>
<div class="ui right labeled input">
<input type="number" min="0" id="hostTimoutNumber" placeholder="Durée"
oninput="hostTimoutHidden.value = hostTimoutNumber.value? hostTimoutNumber.value+hostTimoutUnit.value: ''"
<?= preg_match("/^\d+/", $options["--host-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="hostTimoutUnit" class="ui clearable dropdown label"
oninput="hostTimoutHidden.value = hostTimoutNumber.value? hostTimoutNumber.value+hostTimoutUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--host-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--host-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--host-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="hostTimoutHidden" type="hidden" name="--host-timeout"
value="<?= $options["--host-timeout"] ?? "" ?>">
</div>
<div class="two fields">
<div class="field">
<label for="scanDelayNumber" title="--scan-delay">Délai entre les paquets de tests</label>
<div class="ui right labeled input">
<input type="number" min="0" id="scanDelayNumber" placeholder="Durée"
oninput="scanDelayHidden.value = scanDelayNumber.value? scanDelayNumber.value+scanDelayUnit.value: ''"
<?= preg_match("/^\d+/", $options["--scan-delay"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="scanDelayUnit" class="ui clearable dropdown label"
oninput="scanDelayHidden.value = scanDelayNumber.value? scanDelayNumber.value+scanDelayUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--scan-delay"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--scan-delay"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--scan-delay"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="scanDelayHidden" type="hidden" name="--scan-delay"
value="<?= $options["--scan-delay"] ?? "" ?>">
</div>
<div class="field">
<label for="maxScanDelay" title="--max-scan-delay">Maximum</label>
<div class="ui right labeled input">
<input type="number" min="0" id="maxScanDelay" placeholder="Durée"
oninput="maxRTTHidden.value = maxScanDelay.value? maxScanDelay.value+maxRTTUnit.value: ''"
<?= preg_match("/^\d+/", $options["--max-scan-delay"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="maxRTTUnit" class="ui clearable dropdown label"
oninput="maxRTTHidden.value = maxScanDelay.value? maxScanDelay.value+maxRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--max-scan-delay"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--max-scan-delay"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--max-scan-delay"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="maxRTTHidden" type="hidden" name="--max-scan-delay"
value="<?= $options["--max-scan-delay"] ?? "" ?>">
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="defeatRSTRateLimitCheckbox" type="checkbox" name="--defeat-rst-ratelimit" <?= $options['--defeat-rst-ratelimit'] ?? false ? 'checked' : ''; ?> />
<label for="defeatRSTRateLimitCheckbox" title="--defeat-rst-ratelimit">Ignorer les limitations de paquets RST</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Divers</div>
<div class="content">
<div class="field">
<label for="stylesheetSelect" title="--stylesheet">Feuille de style</label>
<select id="stylesheetSelect" class="ui dropdown" name="--stylesheet" value="<?= $options["--stylesheet"] ?? ""?>">
<?php
foreach (scandir($TEMPLATESDIR) as $filename) {
if (substr($filename, -4) === '.xsl') {
$name = substr($filename, 0, -4);
#$URL = rawurlencode($filename);
if (isset($options["--stylesheet"]) && $name == $options["--stylesheet"]) {
echo " <option value='$name' selected>$name</option>\n";
} else {
echo " <option value='$name'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="field">
<label for="originalSelect">Comparer avec un précédent scan</label>
<select id="originalSelect" class="ui clearable dropdown" name="original" value="<?= $options["original"] ?? "" ?>">
<option value="">Précédent scan</option>
<?php
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4);
#$URL = "$BASEDIR/$SCANSDIR/".rawurlencode($filename);
if (isset($options["original"]) && $name == $options["original"]) {
echo " <option value='$name' selected>$name</option>\n";
} else {
echo " <option value='$name'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="field">
<label for="refreshPeriodInput">Rafraîchir toutes les</label>
<div class="ui right labeled input">
<input id="refreshPeriodInput" type="number" min="0" name="refreshPeriod" placeholder="Période"
value="<?= $options["refreshPeriod"] ?? "" ?>">
<div class="ui label">secondes</div>
</div>
</div>
<!--
<div class="inline field">
<div class="ui toggle checkbox">
<input id="sudoCheckbox" type="checkbox" name="sudo" <?= $options["sudo"] ?? false ? 'checked' : ''; ?>/>
<label for="sudoCheckbox" title="sudo">Exécuter en tant qu'administrateur</label>
</div>
</div>
-->
</div>
</div>
<div class="field">
<label for="nameInput">Enregistrer sous le nom</label>
<input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
title="Caractères interdits : &lt;&gt;:&quot;\/|@?"
value="<?= $options["name"] ?? ""; ?>">
</div>
<button type="submit" class="ui teal submit button">Démarrer</button>
</form>
<h2 class="ui header">Scans enregistrés</h2>
<div class="ui link list">
<?php
if (file_exists($SCANSDIR)) {
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) == '.xml') {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo "<a class='item' href='$SCANSDIR/".rawurlencode($filename)."'>$name</a>\n";
}
}
}
?>
</div>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<datalist id='targetsList'>
<option value="<?= $_SERVER['REMOTE_ADDR']; ?>/24"></option>
<option value="<?= $_SERVER['SERVER_NAME']; ?>"></option>
</datalist>
<datalist id='servicesList'>
<?php
$services = [];
foreach ([$DATADIR, $NMAPDIR] as $dir) {
echo "<!-- $nmap_services -->\n";
if (file_exists("$dir/nmap-services")) {
$nmap_services = file("$dir/nmap-services");
foreach ($nmap_services as $service) {
if (0 !== strpos($service, '#')) {
[$name, $port] = explode("\t", $service);
$services[$name] = explode("/", $port);
}
}
}
}
foreach ($services as $name => [$portid, $protocol]) {
echo " <option value='$name'></option>\n";
}
?>
</datalist>
<datalist id="flagsList">
<option value="URG"></option>
<option value="ACK"></option>
<option value="PSH"></option>
<option value="RST"></option>
<option value="SYN"></option>
<option value="FIN"></option>
</datalist>
<datalist id="scripts">
<!-- categories -->
<option value="auth"></option>
<option value="broadcast"></option>
<option value="brute"></option>
<option value="default"></option>
<option value="ddiscovery"></option>
<option value="dos"></option>
<option value="exploit"></option>
<option value="external"></option>
<option value="fuzzer"></option>
<option value="intrusive"></option>
<option value="malware"></option>
<option value="safe"></option>
<option value="version"></option>
<option value="vuln"></option>
<!-- names -->
<?php
foreach ([$DATADIR, $NMAPDIR] as $dir) {
foreach (scandir("$dir/scripts") as $filename) {
if (substr($filename, -4) === '.nse') {
$name = substr($filename, 0, -4);
echo " <option value='$name'></option>\n";
}
}
}
?>
</datalist>
<script>
class TagsInput extends Tagify {
constructor(input, options={}, delim = ",") {
if (!options.delimiters) options.delimiters = " |,"
if (!options.originalInputValueFormat) options.originalInputValueFormat = tags => tags.map(tag => tag.value).join(delim)
if (input.list) options.whitelist = Array.from(input.list.options).map(option => option.value)
super(input, options)
}
}
$(".ui.accordion").accordion()
$(".ui.clearable.dropdown").dropdown({
clearable: true
})
$(".ui:not(.clearable).dropdown").dropdown({
clearable: false
})
new TagsInput(targetsInput, {}, " ")
new TagsInput(excludeInput)
new TagsInput(PSInput)
new TagsInput(PAInput)
new TagsInput(PUInput)
new TagsInput(POInput)
var pTagsInput = new TagsInput(pInput)
FCheckbox.onchange = () => {
pInput.disabled = FCheckbox.checked
pTagsInput.setDisabled(FCheckbox.checked)
}
new TagsInput(dnsServersInput)
new TagsInput(scanflagsInput)
new TagsInput(scriptInput, {enforceWhitelist: true})
new TagsInput(scriptArgsInput, {delimiters: ','})
newScanForm.onsubmit = function(event) {
if (this.checkValidity()) {
newScanForm.classList.add("loading")
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
return true
} else {
event.preventDefault()
this.reportValidity()
}
}
</script>
</body>
</html>
index.php.bak
Executable
+86
View File
@@ -0,0 +1,86 @@
<?php include_once "config.php"; ?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8" />
<title>lanScan</title>
<link rel="icon" href="favicon.ico" />
<script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<nav class="ui inverted teal menu">
<a class="ui teal button item" href=".">
lan<?php include 'logo.svg'; ?>can
</a>
<form id="lanScanForm" class="right menu">
<input type="hidden" name="preset" value="lan"/>
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets"
pattern="[a-zA-Z0-9._\/ \-]+" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
<i class="satellite dish icon"></i>
</div>
<button id="hiddenButton" style="display: none;" type="submit" formmethod="get" formaction="scan.php"></button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="targetsInput.required=false">
<i class="settings icon"></i>
</button>
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<main class="ui main container">
<h1 class="ui header">Scans enregistrés</h1>
<div class="ui large relaxed card">
<div class="content">
<div class="ui divided link list">
<?php
if (!file_exists($SCANSDIR)) {
mkdir($SCANSDIR);
}
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) == '.xml') {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo "<a class='item' href='".htmlentities("$SCANSDIR/$filename", ENT_QUOTES)."'>$name</a>\n";
}
}
?>
</div>
</div>
</div>
<script>
hiddenButton.onclick = (event) => {
if (lanScanForm.checkValidity()) {
targetsInputDiv.classList.add('loading')
$.toast({
title: 'Scan en cours...',
message: 'Merci de patienter',
class: 'info',
showIcon: 'satellite dish',
displayTime: 0,
closeIcon: true,
position: 'bottom right',
})
}
}
</script>
</main>
<footer class="ui fixed footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
</body>
</html>
logo.svg
Executable
+53
View File
@@ -0,0 +1,53 @@
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px"
viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<defs id="defs206" />
<g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)">
<g id="g147">
<g id="g145">
<path
d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z"
id="path143" />
</g>
</g>
<g id="g153">
<g id="g151">
<path
d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z"
id="path149" />
</g>
</g>
<g id="g159">
<g id="g157">
<path
d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z"
id="path155" />
</g>
</g>
<g id="g165">
<g id="g163">
<rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161" />
</g>
</g>
<g id="g171">
<g id="g169">
<rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167" />
</g>
</g>
<g id="g173"></g>
<g id="g175"></g>
<g id="g177"></g>
<g id="g179"></g>
<g id="g181"></g>
<g id="g183"></g>
<g id="g185"></g>
<g id="g187"></g>
<g id="g189"></g>
<g id="g191"></g>
<g id="g193"></g>
<g id="g195"></g>
<g id="g197"></g>
<g id="g199"></g>
<g id="g201"></g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB

rdp.php
+15
View File
@@ -0,0 +1,15 @@
<?php
$host = filter_input(INPUT_GET, 'v', FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) ?: filter_input(INPUT_GET, 'v', FILTER_VALIDATE_IP);
if (!$host) {
exit();
}
$port = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT);
if ($port) {
$host = "$host:$port";
}
header("Content-Disposition: attachment; filename=$host.rdp");
header('Content-Type: application/rdp');
echo "full address:s:$host\n";
scan.php
Executable
+48
View File
@@ -0,0 +1,48 @@
<?php
include_once 'config.php';
include_once 'filter_inputs.php';
$options["--stylesheet"] = "$BASEDIR/$TEMPLATESDIR/${options["--stylesheet"]}.xsl#";
if (isset($options["name"])) {
$options["--stylesheet"] .= "name=" . rawurlencode($options["name"]) . "&";
}
if (isset($options["original"])) {
$options["--stylesheet"] .= "original=" . rawurlencode($options["original"]) . "&";
}
if (isset($options["refreshPeriod"])) {
$options["--stylesheet"] .= "refreshPeriod={$options["refreshPeriod"]}&";
}
$args = "";
foreach ($options as $option => $value) {
if (substr($option, 0, 1) == '-') {
if (is_null($value)) {
http_response_code(400);
$errorMessage = "Valeur incorrecte pour le paramètre <var>$option</var> : " . filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once ".";
die();
} else if ($value) {
if ($value === true) {
$args .= " $option";
} else {
if (substr($option, 0, 2) == '--') $args .= " $option " . escapeshellarg($value);
else $args .= " $option" . escapeshellarg($value);
}
}
}
}
$command = "$NMAP $args -oX - $targets";
if (isset($options["name"])) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$path = "$SCANSDIR/{$options["name"]}.xml";
$command .= " | tee '$path'";
}
header('Content-type: text/xml');
system($command, $retcode);
exit();
script-args.ini
View File
scripts/README.md
+34
View File
@@ -0,0 +1,34 @@
# nmap-scripts
## http-info.nse
Return status, title and favicon URL of a webpage
```lua
@args http-get.path Path to get. Default /.
@usage nmap -phttp,https --script http-info.nse --script-args http-info.path=/ <host>
@output
80/tcp open http
| http-info:
| status-line: HTTP/1.1 200 OK\x0D
|
| title: Go ahead and ScanMe!
| favicon: http://scanme.nmap.org:80/shared/images/tiny-eyeicon.png
|_ status: 200
```
## smb-shares-size.nse
Return free and total size in octets of each SMB shares
```lua
@args See the documentation for the smbauth library.
@usage nmap -p137-139,445 --script smb-shares-size.nse --script-args-file smb-shares-size.ini <host>
@output
Host script results:
| smb-shares-size:
| data:
| FreeSize: 38495883264
| TotalSize: 500961574912
|_ IPC$: NT_STATUS_ACCESS_DENIED
```
scripts/http-info.nse
+113
View File
@@ -0,0 +1,113 @@
local shortport = require "shortport"
description = [[
Return status, title and favicon URL of a webpage
]]
---
-- @args http-get.path Path to get. Default /.
--
-- @usage nmap -phttp,https --script http-info.nse --script-args http-info.path=/ <host>
--
-- @output
-- 80/tcp open http
-- | http-info:
-- | status-line: HTTP/1.1 200 OK\x0D
-- |
-- | title: Go ahead and ScanMe!
-- | favicon: http://scanme.nmap.org:80/shared/images/tiny-eyeicon.png
-- |_ status: 200
---
categories = {"discovery", "intrusive"}
author = "Adrien Malingrey"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
portrule = shortport.http
local http = require "http"
local stdnse = require "stdnse"
action = function(host, port)
local scheme = ""
local hostaddress = (host.name ~= '' and host.name) or host.ip
local path = "/"
local favicon_relative_uri = "/favicon.ico"
local favicon
stdnse.debug1("port", port.service)
if (port.service == "ssl") then
scheme = "https"
else
scheme = port.service
end
stdnse.debug1("scheme", scheme)
if(stdnse.get_script_args('http-get.path')) then
path = stdnse.get_script_args('http-info.path')
end
stdnse.debug1("Try to download %s", path)
local answer = http.get(hostaddress, port, path)
local output = {status=answer.status, ["status-line"]=answer["status-line"]}
if (answer and answer.status == 200) then
stdnse.debug1("[SUCCESS] Load page %s", path)
-- Taken from http-title.nse by Diman Todorov
local title = string.match(answer.body, "<[Tt][Ii][Tt][Ll][Ee][^>]*>([^<]*)</[Tt][Ii][Tt][Ll][Ee]>")
if (title) then
output.title = title
end
stdnse.debug1("[INFO] Try favicon %s", favicon_relative_uri)
favicon_relative_uri = parseIcon(answer.body) or favicon_relative_uri
else
stdnse.debug1("[ERROR] Can't load page %s", path)
end
favicon = http.get(hostaddress, port, favicon_relative_uri)
if (favicon and favicon.status == 200) then
stdnse.debug1("[SUCCESS] Load favicon %s", favicon_relative_uri)
output.favicon = favicon_relative_uri
else
stdnse.debug1("[ERROR] Can't load favicon %s", favicon_relative_uri)
end
return output
end
--- function taken from http_favicon.nse by Vlatko Kosturjak
function parseIcon( body )
local _, i, j
local rel, href, word
-- Loop through link elements.
i = 0
while i do
_, i = string.find(body, "<%s*[Ll][Ii][Nn][Kk]%s", i + 1)
if not i then
return nil
end
-- Loop through attributes.
j = i
while true do
local name, quote, value
_, j, name, quote, value = string.find(body, "^%s*(%w+)%s*=%s*([\"'])(.-)%2", j + 1)
if not j then
break
end
if string.lower(name) == "rel" then
rel = value
elseif string.lower(name) == "href" then
href = value
end
end
for word in string.gmatch(rel or "", "%S+") do
if string.lower(word) == "icon" then
return href
end
end
end
end
scripts/smb-shares-size.nse
+206
View File
@@ -0,0 +1,206 @@
local shortport = require "shortport"
description = [[
Return free and total size in octets of each SMB shares
]]
---
-- @args See the documentation for the smbauth library.
--
-- @usage nmap -p137-139,445 --script smb-shares-size.nse --script-args-file smb-authentication.ini <host>
--
-- @output
-- Host script results:
-- | smb-shares-size:
-- | data:
-- | FreeSize: 38495883264
-- | TotalSize: 500961574912
-- |_ IPC$: NT_STATUS_ACCESS_DENIED
---
categories = {"discovery", "intrusive"}
author = "Adrien Malingrey"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
portrule = shortport.service({"microsoft-ds", "netbios-ssn", "smb"})
local stdnse = require "stdnse"
local smb = require "smb"
local smb2 = require "smb2"
local msrpc = require "msrpc"
local bin = require "bin"
action = function(host)
local status, shares, extra
local response = stdnse.output_table()
-- Try and do this the good way, make a MSRPC call to get the shares
stdnse.debug1("SMB: Attempting to log into the system to enumerate shares")
status, shares = msrpc.enum_shares(host)
if(status == false) then
return stdnse.format_output(false, string.format("Couldn't enumerate shares: %s", shares))
end
-- Get more information on each share
for i = 1, #shares, 1 do
local share = shares[i]
if (share ~= nil) then
local status, result = get_share_info(host, share)
if (status) then
response[share] = result
end
end
end
return response
end
TRANS2_QUERY_FS_INFORMATION = 0x0003
SMB_QUERY_FS_SIZE_INFO = 0x0103
---Attempts to retrieve additional information about a share. Will fail unless we have
-- administrative access.
--
--@param host The host object.
--@return Status (true or false).
--@return A table of information about the share (if status is true) or an an error string (if
-- status is false).
function get_share_info(host, share)
local status, smbstate, err
local hostaddress = (host.name ~= '' and host.name) or host.ip
local path = "\\\\" .. hostaddress .. "\\" .. share
status, smbstate = smb.start(host)
status, err = smb.negotiate_protocol(smbstate, {})
status, err = smb.start_session(smbstate, {})
status, err = smb.tree_connect(smbstate, path, {})
stdnse.debug1("SMB: Getting information for share: %s", path)
local status, err = send_transaction2(smbstate, TRANS2_QUERY_FS_INFORMATION, bin.pack("<S", SMB_QUERY_FS_SIZE_INFO))
if ( not(status) ) then
status, err = smb.stop(smbstate)
return false, "Failed to send data to server: send_transaction2"
end
local status, response = receive_transaction2(smbstate)
if ( not(status) ) then
status, err = smb.stop(smbstate)
return false, response
end
local pos, totalAllocationUnits, totalFreeAllocationUnits, sectorsPerAllocationUnit, bytesPerSector = bin.unpack("<LLII", response.data)
status, err = smb.stop(smbstate)
return true, {
TotalSize = totalAllocationUnits * sectorsPerAllocationUnit * bytesPerSector,
FreeSize = totalFreeAllocationUnits * sectorsPerAllocationUnit * bytesPerSector
}
end
-- Taken from smb lib
function send_transaction2(smbstate, sub_command, function_parameters, function_data, overrides)
overrides = overrides or {}
local header1, header2, header3, header4, command, status, flags, flags2, pid_high, signature, unused, pid, mid
local header, parameters, data
local parameter_offset = 0
local parameter_size = 0
local data_offset = 0
local data_size = 0
local total_word_count, total_data_count, reserved1, parameter_count, parameter_displacement, data_count, data_displacement, setup_count, reserved2
local response = {}
-- Header is 0x20 bytes long (not counting NetBIOS header).
header = smb.smb_encode_header(smbstate, smb.command_codes['SMB_COM_TRANSACTION2'], overrides) -- 0x32 = SMB_COM_TRANSACTION2
if(function_parameters) then
parameter_offset = 0x44
parameter_size = #function_parameters
data_offset = #function_parameters + 33 + 32
end
-- Parameters are 0x20 bytes long.
parameters = bin.pack("<SSSSCCSISSSSSCCS",
parameter_size, -- Total parameter count.
data_size, -- Total data count.
0x000a, -- Max parameter count.
0x3984, -- Max data count.
0x00, -- Max setup count.
0x00, -- Reserved.
0x0000, -- Flags (0x0000 = 2-way transaction, don't disconnect TIDs).
0x00001388, -- Timeout (0x00000000 = return immediately).
0x0000, -- Reserved.
parameter_size, -- Parameter bytes.
parameter_offset, -- Parameter offset.
data_size, -- Data bytes.
data_offset, -- Data offset.
0x01, -- Setup Count
0x00, -- Reserved
sub_command -- Sub command
)
local data = "\0\0\0" .. (function_parameters or '')
.. (function_data or '')
-- Send the transaction request
stdnse.debug2("SMB: Sending SMB_COM_TRANSACTION2")
local result, err = smb.smb_send(smbstate, header, parameters, data, overrides)
if(result == false) then
stdnse.debug1("SMB: Try SMBv2 connexion")
local result, err = smb2.smb2_send(smbstate, header, parameters, data, overrides)
if(result == false) then
return false, err
end
end
return true
end
function receive_transaction2(smbstate)
-- Read the result
local status, header, parameters, data = smb.smb_read(smbstate)
if(status ~= true) then
stdnse.debug1("SMB: Try SMBv2 connexion")
local status, header, parameters, data = smb2.smb2_read(smbstate)
if(status ~= true) then
return false, header
end
end
-- Check if it worked
local pos, header1, header2, header3, header4, command, status, flags, flags2, pid_high, signature, unused, tid, pid, uid, mid = bin.unpack("<CCCCCICSSlSSSSS", header)
if(header1 == nil or mid == nil) then
return false, "SMB: ERROR: Server returned less data than it was supposed to (one or more fields are missing); aborting [29]"
end
if(status ~= 0) then
if(smb.status_names[status] == nil) then
return false, string.format("Unknown SMB error: 0x%08x\n", status)
else
return false, smb.status_names[status]
end
end
-- Parse the parameters
local pos, total_word_count, total_data_count, reserved1, parameter_count, parameter_offset, parameter_displacement, data_count, data_offset, data_displacement, setup_count, reserved2 = bin.unpack("<SSSSSSSSSCC", parameters)
if(total_word_count == nil or reserved2 == nil) then
return false, "SMB: ERROR: Server returned less data than it was supposed to (one or more fields are missing); aborting [30]"
end
-- Convert the parameter/data offsets into something more useful (the offset into the data section)
-- - 0x20 for the header, - 0x01 for the length.
parameter_offset = parameter_offset - 0x20 - 0x01 - #parameters - 0x02;
-- - 0x20 for the header, - 0x01 for parameter length, the parameter length, and - 0x02 for the data length.
data_offset = data_offset - 0x20 - 0x01 - #parameters - 0x02;
-- I'm not sure I entirely understand why the '+1' is here, but I think it has to do with the string starting at '1' and not '0'.
local function_parameters = string.sub(data, parameter_offset + 1, parameter_offset + parameter_count)
local function_data = string.sub(data, data_offset + 1, data_offset + data_count)
local response = {}
response['parameters'] = function_parameters
response['data'] = function_data
return true, response
end
server.php
+3
View File
@@ -0,0 +1,3 @@
<?php
print_r($_SERVER);
style.css
+106
View File
@@ -0,0 +1,106 @@
:root{
--nav-height: 3.6rem;
--footer-height: 3.6rem;
}
nav {
height: var(--nav-height);
}
main {
padding-top: var(--nav-height);
min-height: calc(100vh - var(--footer-height) - 1rem)
}
h1:first-child, h2:first-child, h3:first-child, h4:first-child, h5:first-child, .ui.header:first-child {
margin-top: 1rem;
}
svg {
margin: -0.3em -0.5em -0.5em -0.4em;
fill: currentColor;
}
.ui.footer.segment {
margin-bottom: 0;
}
.tagify {
width: 100%;
border-radius: 0.28571429rem;
--tags-focus-border-color: #85b7d9;
--placeholder-color: rgba(191, 191, 191, 0.87);
--placeholder-color-focus: rgba(115, 115, 115, 0.87);
}
.ui.table {
caption-side: bottom;
}
.ui.label {
margin: 0.14285714em;
}
.ui.label > .detail {
margin-left: 0.3em;
text-transform: capitalize;
}
.ui.form .fields > .field {
width: 100%;
}
.ui.ui.form .field .fields .field:not(:only-child) .ui.checkbox {
margin-top: 0;
}
.ui.dropdown.label {
min-width: auto;
}
.ui.dropdown.label > .remove.icon {
right: 2.3em;
}
.toast-container .ui.header {
text-transform: capitalize;
}
.share-size {
--free-ratio: calc(var(--free) / var(--total));
--used-percent: calc(100% - 100% * var(--free-ratio));
--color: hsl(calc(120 * var(--free-ratio)) 100% 50%);
background-image: linear-gradient(
to right,
var(--color) var(--used-percent),
transparent var(--used-percent),
transparent
) !important;
text-align: center !important;
}
.compact {
position: static !important;
overflow-x: auto;
}
.compact > input {
min-width: 10em;
padding-right: 0.1em;
}
.compact .ui.buttons .mini.button {
padding: 0.5em;
position: static;
}
.compact .ui.dropdown.button:not(.pointing):not(.floating).active {
border-radius: 0;
}
.compact .ui.dropdown .menu {
left: 0;
right: 0;
margin: -.7em .7em;
min-width: auto;
}
stylesheet.xsl
-152
View File
@@ -1,152 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="2.0">
<xsl:output method="html" encoding="UTF-8" />
<xsl:output indent="yes" />
<xsl:strip-space elements="*" />
<xsl:template match="nmaprun">
<html lang="fr">
<head>
<meta charset="utf-8" />
<title><xsl:value-of select="./@args" /></title>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<style>
.btn {
margin: 2px;
padding: 2px 6px !important;
}
.badge {
margin: 0px;
padding: 2px 4px !important;
}
</style>
<link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/css/bootstrap.min.css"/>
<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/v/bs5/jq-3.6.0/dt-1.12.1/b-2.2.3/b-html5-2.2.3/b-print-2.2.3/cr-1.5.6/fc-4.1.0/fh-3.2.3/r-2.3.0/rr-1.2.8/sc-2.0.6/datatables.min.css"/>
</head>
<body>
<table id="scanResults" class="table table-striped table-hover compact caption-top" style="width:100%">
<thead>
<tr>
<th>Adresse IP</th>
<th>Nom DNS</th>
<th>Services</th>
</tr>
</thead>
<tbody>
<xsl:for-each select="host[status/@state='up']">
<tr>
<td>
<xsl:value-of select="address/@addr" />
</td>
<td>
<xsl:value-of select="hostnames/hostname/@name" />
</td>
<td>
<xsl:for-each select="ports/port[state/@state='open']">
<a target="_blank" style="text-transform:uppercase;" type="button" class="btn btn-success btn-sm">
<xsl:variable name="protocol">
<xsl:choose>
<xsl:when test="service/@name='http' or service/@name='https' or service/@name='http-alt' or @portid = 8006 or @portid = 9292 or @portid = 20618">
<xsl:choose>
<xsl:when test="service/@tunnel='ssl' or script[@id='ssl-cert'] or script[@id='ssl-date']">
<xsl:text>https://</xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:text>http://</xsl:text>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:when test="service/@name='ftp' or service/@name='ssh' or service/@name='telnet'">
<xsl:value-of select="service/@name" />
<xsl:text>://</xsl:text>
</xsl:when>
<xsl:when test="service/@name = 'microsoft-ds' or service/@name = 'netbios-ssn'">
<xsl:text>file://///</xsl:text>
</xsl:when>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="$protocol != ''">
<xsl:attribute name="href">
<xsl:value-of select="$protocol" />
<xsl:choose>
<xsl:when test="count(../../hostnames/hostname) > 0">
<xsl:value-of select="../../hostnames/hostname/@name" />
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="../../address/@addr" />
</xsl:otherwise>
</xsl:choose>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:when>
<xsl:otherwise>
<xsl:attribute name="class">
btn btn-success btn-sm disabled
</xsl:attribute>
</xsl:otherwise>
</xsl:choose>
<xsl:attribute name="title">
<xsl:for-each select="service/@*">
<xsl:value-of select="concat(name(), ': ', ., ', ')"/>
</xsl:for-each>
</xsl:attribute>
<span class="badge bg-secondary rounded-pill"><xsl:value-of select="@portid"/></span>
<xsl:value-of select="service/@name" />
</a>
</xsl:for-each>
</td>
</tr>
</xsl:for-each>
</tbody>
<caption>
<pre class="mb-0" style="white-space:pre-wrap; word-wrap:break-word;">
<xsl:value-of select="/nmaprun/@args" />
</pre>
<time>
<xsl:value-of select="/nmaprun/@startstr" />
</time> - <time>
<xsl:value-of select="/nmaprun/runstats/finished/@timestr" />
</time><br />
<small>
<xsl:value-of select="/nmaprun/@scanner" /> v
<xsl:value-of select="/nmaprun/@version" />
</small>
</caption>
</table>
<script
src="https://code.jquery.com/jquery-3.6.0.min.js"
integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4="
crossorigin="anonymous">
</script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.bundle.min.js"></script>
<script type="text/javascript" src="https://cdn.datatables.net/v/bs5/jq-3.6.0/dt-1.12.1/b-2.2.3/b-html5-2.2.3/b-print-2.2.3/cr-1.5.6/fc-4.1.0/fh-3.2.3/r-2.3.0/rr-1.2.8/sc-2.0.6/datatables.min.js"></script>
<script>
$(document).ready( function() {
$('#scanResults').DataTable({
fixedHeader: true,
lengthMenu: [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
scrollCollapse: true,
paging: false,
responsive: true,
});
} );
</script>
</body>
</html>
</xsl:template>
</xsl:stylesheet>
templates/cards.xsl
Executable
+186
View File
@@ -0,0 +1,186 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui wide container">
<div class="ui header container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
</div>
<div class="ui doubling stackable five column compact grid">
<div class="ui centered link cards">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</div>
</div>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
$('.ui.dropdown').dropdown()
function hostScanning(link) {
link.parentElement.parentElement.classList.add("loading")
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<div>
<xsl:attribute name="class">
<xsl:text>ui card </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<div class="content">
<div class="header">
<xsl:choose>
<xsl:when test="$currentHost">
<div>
<xsl:attribute name="class">
<xsl:text>ui empty circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</div>
</xsl:when>
<xsl:otherwise><div class="ui empty circular label red"></div></xsl:otherwise>
</xsl:choose>
<xsl:text> </xsl:text>
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="substring-before(hostnames/hostname/@name, '.')"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</div>
<div class="meta">
<xsl:if test="substring-after(hostnames/hostname/@name, '.')">
<div>
<xsl:text>.</xsl:text>
<xsl:value-of select="substring-after(hostnames/hostname/@name, '.')"/>
</div>
</xsl:if>
<div><xsl:value-of select="address/@addr"/></div>
<xsl:if test="address[@addrtype='mac']/@vendor">
<div><xsl:value-of select="address[@addrtype='mac']/@vendor"/></div>
</xsl:if>
</div>
<div class="description">
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]" mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui label'"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</div>
</div>
<div class="ui buttons">
<a class="ui icon labeled teal button" onclick="hostScanning(this)">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
<xsl:text> Services</xsl:text>
</a>
<a class="ui icon teal button ">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="settings icon"></i>
</a>
</div>
</div>
</xsl:template>
</xsl:stylesheet>
templates/compact.xsl
Executable
+200
View File
@@ -0,0 +1,200 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui wide container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<div class="form">
<div class="ui doubling stackable four column compact grid">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</div>
</div>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
$('.ui.dropdown').dropdown()
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<div class="column">
<div>
<xsl:attribute name="class">
<xsl:text>ui fluid mini compact input </xsl:text>
<xsl:if test="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:text>action buttons </xsl:text>
</xsl:if>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">success</xsl:when>
<xsl:otherwise>error</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<input type="text" readonly="" value="{substring-before(hostnames/hostname/@name, '.')}" placeholder="{address/@addr}"
title="{$currentHost/hostnames/hostname/@name} ({address/@addr})"
onfocus="this.value='{hostnames/hostname/@name}'; this.select()" onblur="this.value='{substring-before(hostnames/hostname/@name, '.')}'"
/>
<xsl:apply-templates select="$initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')] | $currentHost/ports/port" mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui mini button'"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</div>
</div>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<xsl:variable name="state">
<xsl:choose>
<xsl:when test="$currentHost/state/@state='open'">green</xsl:when>
<xsl:when test="$currentHost/state/@state='filtered'">yellow</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<a target="_blank">
<xsl:attribute name="class">
<xsl:text>ui mini button </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> dropdown share-size</xsl:if>
</xsl:attribute>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:attribute name="title">
<xsl:value-of select="@portid"/>/<xsl:value-of select="@protocol"/>
</xsl:attribute>
<xsl:choose>
<xsl:when test="service/@name='unknown'">
<xsl:choose>
<xsl:when test="@protocol='tcp'">:</xsl:when>
<xsl:otherwise><xsl:value-of select="substring(@protocol, 1, 1)"/>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>
templates/hostScan.xsl
Executable
+203
View File
@@ -0,0 +1,203 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui main container">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
var table = $('#scanResultsTable').DataTable({
buttons : ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu : [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
colReorder: true,
buttons : ['copy', 'excel', 'pdf']
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<h1 class="ui header">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
<div class="sub header"><xsl:value-of select="address/@addr"/></div>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Protocole</th>
<th>Port</th>
<th>Service</th>
<th>Produit</th>
<th>Version</th>
<th>Infos</th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</tbody>
</table>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">negative</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">warning</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">positive</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">positive</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">warning</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<div>
<xsl:attribute name="class">
<xsl:text>ui mini circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentPort/state/@state"/>
</div>
</td>
<td style="text-transform: uppercase">
<xsl:value-of select="@protocol"/>
</td>
<td>
<xsl:value-of select="@portid"/>
</td>
<td>
<xsl:apply-templates select="." mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui mini fluid button'"/>
</xsl:apply-templates>
</td>
<td>
<xsl:value-of select="service/@product"/>
</td>
<td>
<xsl:value-of select="service/@version"/>
</td>
<td>
<xsl:value-of select="service/@extrainfo"/>
</td>
</tr>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>
templates/lanScan.xsl
Executable
+198
View File
@@ -0,0 +1,198 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false()"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '-oX - ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui main container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Adresse IP</th>
<th>Nom</th>
<th>Fabricant</th>
<th class="six wide">Services</th>
<th>Scanner les services</th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</tbody>
</table>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
var table = $('#scanResultsTable').DataTable({
buttons : ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu : [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
colReorder: true,
buttons : ['copy', 'excel', 'pdf']
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
function hostScanning(link) {
link.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">positive</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<xsl:choose>
<xsl:when test="$currentHost">
<div>
<xsl:attribute name="class">
<xsl:text>ui mini circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentHost/status/@state"/>
</div>
</xsl:when>
<xsl:otherwise><div class="ui red circular label">down</div></xsl:otherwise>
</xsl:choose>
</td>
<td>
<xsl:value-of select="address/@addr"/>
</td>
<td>
<div><b><xsl:value-of select="substring-before(hostnames/hostname/@name, '.')"/></b></div>
<xsl:if test="substring-after(hostnames/hostname/@name, '.')">
<div>.<xsl:value-of select="substring-after(hostnames/hostname/@name, '.')"/></div>
</xsl:if>
</td>
<td>
<xsl:value-of select="address[@addrtype='mac']/@vendor"/>
</td>
<td>
<xsl:apply-templates select="$initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')] | $currentHost/ports/port" mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui label'"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</td>
<td>
<div class="ui mini right labeled button">
<a class="ui mini icon teal button" onclick="hostScanning(this)">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="address/@addr"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
<xsl:text> Services</xsl:text>
</a>
<a class="ui mini icon teal label">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="address/@addr"/>
</xsl:attribute>
<i class="settings icon"></i>
</a>
</div>
</td>
</tr>
</xsl:template>
</xsl:stylesheet>
templates/lib/head.xsl
+70
View File
@@ -0,0 +1,70 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="parseCommand.xsl"/>
<xsl:template match="nmaprun" mode="head">
<xsl:param name="basedir"/>
<xsl:param name="targets"/>
<xsl:param name="nextComparison"/>
<xsl:param name="refreshPeriod"/>
<xsl:param name="sudo"/>
<head>
<meta charset="utf-8"/>
<xsl:if test="$refreshPeriod > 0">
<meta http-equiv="refresh">
<xsl:attribute name="content">
<xsl:value-of select="$refreshPeriod"/>
<xsl:text>;URL=</xsl:text>
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="parseCommand">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>originalURL=</xsl:text>
<xsl:value-of select="$nextComparison"/>
<xsl:text>&amp;refreshPeriod=</xsl:text>
<xsl:value-of select="$refreshPeriod"/>
<xsl:text>&amp;sudo=</xsl:text>
<xsl:value-of select="$sudo"/>
</xsl:attribute>
</meta>
</xsl:if>
<title>
<xsl:text>lanScan - </xsl:text>
<xsl:value-of select="$targets"/>
</title>
<link rel="icon" href="{$basedir}/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css"/>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css"/>
<link href="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/cr-2.0.4/fc-5.0.3/fh-4.0.1/r-3.0.3/datatables.min.css" rel="stylesheet"/>
<link href="{$basedir}/style.css" rel="stylesheet" type="text/css"/>
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/pdfmake.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/cr-2.0.4/fc-5.0.3/fh-4.0.1/r-3.0.3/datatables.min.js"></script>
<script>
DataTable.ext.type.detect.unshift(function (d) {
return /[\d]+\.[\d]+\.[\d]+\.[\d]+/.test(d)
? 'ipv4-address'
: null;
});
DataTable.ext.type.order['ipv4-address-pre'] = function (ipAddress) {
[a, b, c, d] = ipAddress.split(".").map(Number)
return 16777216*a + 65536*b + 256*c + d;
};
</script>
</head>
</xsl:template>
</xsl:stylesheet>
templates/lib/nav.xsl
+80
View File
@@ -0,0 +1,80 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="parseCommand.xsl"/>
<xsl:template match="nmaprun" mode="nav">
<xsl:param name="basedir"/>
<xsl:param name="targets"/>
<xsl:param name="nextComparison"/>
<xsl:param name="refreshPeriod"/>
<xsl:param name="sudo"/>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href="{$basedir}">
<xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><defs id="defs206"/><g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)"><g id="g147"><g id="g145"><path d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z" id="path143"/></g></g><g id="g153"><g id="g151"><path d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z" id="path149"/></g></g><g id="g159"><g id="g157"><path d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z" id="path155"/></g></g><g id="g165"><g id="g163"><rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161"/></g></g><g id="g171"><g id="g169"><rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167"/></g></g><g id="g173"></g><g id="g175"></g><g id="g177"></g><g id="g179"></g><g id="g181"></g><g id="g183"></g><g id="g185"></g><g id="g187"></g><g id="g189"></g><g id="g191"></g><g id="g193"></g><g id="g195"></g><g id="g197"></g><g id="g199"></g><g id="g201"></g></g></svg>
<xsl:text>can</xsl:text>
</a>
<form id="lanScanForm" class="right menu">
<xsl:call-template name="parseCommand">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="false()"/>
</xsl:call-template>
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" oninput="hiddenInput.value=this.value"
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<i class="satellite dish icon"></i>
</div>
<input type="hidden" name="originalURL" value="{$nextComparison}"/>
<input type="hidden" name="refreshPeriod" value="{$refreshPeriod}"/>
<input type="hidden" name="sudo" value="{$sudo}"/>
<button id="hiddenButton" style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php"></button>
<button id="refreshButton" class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/scan.php">
<i class="sync icon"></i>
</button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/">
<i class="settings icon"></i>
</button>
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<script>
hiddenButton.onclick = function(event) {
if (lanScanForm.checkValidity()) {
targetsInputDiv.classList.add('loading')
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
}
refreshButton.onclick = function(event) {
refreshButton.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
</xsl:template>
</xsl:stylesheet>
templates/lib/parseCommand.xsl
+105
View File
@@ -0,0 +1,105 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:template name="parseCommand">
<xsl:param name="argList" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="nextArgs" select="substring-after($argList, ' -')"/>
<xsl:variable name="argAndValue">
<xsl:choose>
<xsl:when test="$nextArgs">
<xsl:value-of select="substring-before($argList, ' -')"/>
</xsl:when>
<xsl:otherwise><xsl:value-of select="$argList"/></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, '-')">
<xsl:choose>
<xsl:when test="contains($argAndValue, ' ')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring-before($argAndValue, ' ')"/>
<xsl:with-param name="value" select="substring-after($argAndValue, ' ')"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="$argAndValue"/>
<xsl:with-param name="value" select="on"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:otherwise>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, 'P') or starts-with($argAndValue, 's') or starts-with($argAndValue, 'o')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 2)"/>
<xsl:with-param name="value" select="substring($argAndValue, 3)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 1)"/>
<xsl:with-param name="value" select="substring($argAndValue, 2)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$nextArgs">
<xsl:call-template name="parseCommand">
<xsl:with-param name="argList" select="$nextArgs"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:if>
</xsl:template>
<xsl:template name="input">
<xsl:param name="name"/>
<xsl:param name="value" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="valueWithoutQuotes">
<xsl:choose>
<xsl:when test="substring-after($value, '&quot;')">
<xsl:value-of select="substring-before(substring-after($value, '&quot;'), '&quot;')"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="$value"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="$asURL">
<xsl:text>-</xsl:text>
<xsl:value-of select="$name"/>
<xsl:text>=</xsl:text>
<xsl:choose>
<xsl:when test="$valueWithoutQuotes"><xsl:value-of select="$valueWithoutQuotes"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
<xsl:text>&amp;</xsl:text>
</xsl:when>
<xsl:otherwise>
<input type="hidden" name="-{$name}">
<xsl:attribute name="value">
<xsl:choose>
<xsl:when test="$valueWithoutQuotes"><xsl:value-of select="$valueWithoutQuotes"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</input>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>
templates/lib/service.xsl
+102
View File
@@ -0,0 +1,102 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:template match="port" mode="service">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:param name="class"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<a target="_blank">
<xsl:attribute name="class">
<xsl:value-of select="$class"/>
<xsl:text> </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='smb-shares-size']/table"> mini dropdown button share-size</xsl:when>
<xsl:otherwise> small</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:if test="$currentPort/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentPort/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href">
<xsl:choose>
<xsl:when test="service/@name='http' and service/@tunnel='ssl'">
<xsl:text>https</xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:text>://</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:attribute name="title">
<xsl:value-of select="@portid"/>/<xsl:value-of select="@protocol"/>
</xsl:attribute>
<xsl:choose>
<xsl:when test="service/@name='unknown'">
<xsl:choose>
<xsl:when test="@protocol='tcp'">:</xsl:when>
<xsl:otherwise><xsl:value-of select="substring(@protocol, 1, 1)"/>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$currentPort/script[@id='smb-shares-size']/table">
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentPort/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>
templates/lib/toast.xsl
+44
View File
@@ -0,0 +1,44 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:template match="runstats">
<xsl:param name="init"/>
<script>
<xsl:if test="finished/@summary">
$.toast({
title : '<xsl:value-of select="finished/@exit"/>',
message : `<xsl:value-of select="finished/@summary"/>`,
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="finished/@errormsg">
$.toast({
title : '<xsl:value-of select="finished/@exit"/>',
message : `<xsl:value-of select="finished/@errormsg"/>`,
showIcon : 'exclamation triangle',
class : 'error',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="$init/runstats/finished">
$.toast({
message : 'Comparaison avec les résultats du <xsl:value-of select="$init/runstats/finished/@timestr"/>',
class : 'info',
showIcon : 'calendar',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
</script>
</xsl:template>
</xsl:stylesheet>