commit

2023-04-11 18:39:57 +02:00 · 2023-04-11 18:39:57 +02:00 · 72ad03b03b
commit 72ad03b03b
parent 6eac85d5ad
4 changed files with 42 additions and 45 deletions
--- a/http-favicon-url.nse
+++ b/http-favicon-url.nse
@ -44,7 +44,6 @@ action = function(host, port)
  local answer
  local match
  local status
-  local result
  local index, icon
  local root = ""
  local url
@ -94,12 +93,12 @@ action = function(host, port)

  --- check for 200 response code
  if answer and answer.status == 200 then
-    result = url
+    return url
  else
    stdnse.debug1("No favicon found.")
    return
  end --- status == 200
-  return result
+  return
 end

 local function dirname(path)
--- a/http-get.nse
+++ b/http-get.nse
@ -25,7 +25,7 @@ categories = {"discovery", "intrusive"}
 author = "Adrien Malingrey"
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"

-portrule = shortport.http
+portrule = shortport.service({"http", "https", "ssl"})


 local http = require "http"
@ -33,10 +33,15 @@ local stdnse = require "stdnse"

 action = function(host, port)
  local path = ""
+  local scheme = ""

  if(stdnse.get_script_args('http-get.path')) then
    path = "/" .. stdnse.get_script_args('http-get.path')
  end

-  return http.get( host, port, "/" .. path )
+  if (port.service == "ssl") then scheme = "https"
+  else scheme = port.service
+  end
+
+  return http.get_url( scheme.."://"..(host.name or host.ip)..":"..port.number.."/"..path, {redirect_ok=true} )
 end
--- a/results.xsl
+++ b/results.xsl
@ -125,45 +125,38 @@
    <xsl:param name="scannedHostAddress" />
    <xsl:variable name="serviceName" select="@name"/>
    <xsl:variable name="scannedPort" select="$scannedHost/ports/port[service/@name=$serviceName or @portid=$serviceName]"/>
+    <xsl:variable name="state">
+        <xsl:choose>
+            <xsl:when test="$scannedPort/script[@id='http-get']/elem[@key='status']>=400">red</xsl:when>
+            <xsl:when test="$scannedPort/state/@state='filtered'">yellow</xsl:when>
+            <xsl:when test="$scannedPort/state/@state='open'">primary</xsl:when>
+            <xsl:otherwise>red</xsl:otherwise>
+        </xsl:choose>
+    </xsl:variable>
    <xsl:choose>
-        <xsl:when test="$scannedPort/state/@state='open'">
-            <xsl:choose>
-                <xsl:when test="($scannedPort/service/@name='microsoft-ds' or $scannedPort/service/@name='netbios-ssn' or $scannedPort/service/@name='smb') and $scannedHost/hostscript/script[@id='smb-enum-shares']/table[not(contains(@key, '$'))]">
-                    <div class="ui primary dropdown mini button">
-                        <div class="text"><xsl:value-of select="@name"/></div>
-                        <i class="dropdown icon"></i>
-                        <div class="menu">
-                            <xsl:apply-templates select="$scannedHost/hostscript/script[@id='smb-enum-shares']/table[not(contains(@key, '$'))]">
-                                <xsl:with-param name="scannedHostAddress" select="$scannedHostAddress" />
-                            </xsl:apply-templates>
-                        </div>
-                    </div>
-                </xsl:when>
-                <xsl:when test="$scannedPort/service/@name='ms-wbt-server' or $scannedPort/service/@name='rdp'">
-                    <a class="ui primary mini button" href="../rdp.php?v={$scannedHostAddress}:{$scannedPort/@portid}">
-                        <xsl:value-of select="@name"/>
-                    </a>
-                </xsl:when>
-                <xsl:when test="$scannedPort/service/@name='ftp' or $scannedPort/service/@name='ssh' or $scannedPort/service/@name='http' or $scannedPort/service/@name='https'">
-                    <a class="ui primary mini button" href="{$scannedPort/service/@name}://{$scannedHostAddress}:{$scannedPort/@portid}">
-                        <xsl:attribute name="class">
-                            <xsl:choose>
-                                <xsl:when test="$scannedPort/script[@id='http-get']/elem[@key='status']>=400">ui red mini button</xsl:when>
-                                <xsl:otherwise>ui primary mini button</xsl:otherwise>
-                            </xsl:choose>
-                        </xsl:attribute>
-                        <xsl:value-of select="@name"/>
-                    </a>
-                </xsl:when>
-                <xsl:otherwise>
-                    <a class="ui disabled primary mini button">
-                        <xsl:value-of select="@name"/>
-                    </a>
-                </xsl:otherwise>
-            </xsl:choose>
+        <xsl:when test="($scannedPort/service/@name='microsoft-ds' or $scannedPort/service/@name='netbios-ssn' or $scannedPort/service/@name='smb') and $scannedHost/hostscript/script[@id='smb-enum-shares']/table[not(contains(@key, '$'))]">
+            <div class="ui {$state} dropdown mini button" title="{$scannedPort/@protocol}/{$scannedPort/@portid} {$scannedPort/service/@name} {$scannedPort/state/@state}">
+                <div class="text"><xsl:value-of select="@name"/></div>
+                <i class="dropdown icon"></i>
+                <div class="menu">
+                    <xsl:apply-templates select="$scannedHost/hostscript/script[@id='smb-enum-shares']/table[not(contains(@key, '$'))]">
+                        <xsl:with-param name="scannedHostAddress" select="$scannedHostAddress" />
+                    </xsl:apply-templates>
+                </div>
+            </div>
+        </xsl:when>
+        <xsl:when test="$scannedPort/service/@name='ms-wbt-server' or $scannedPort/service/@name='rdp'">
+            <a class="ui {$state} mini button" href="../rdp.php?v={$scannedHostAddress}:{$scannedPort/@portid}" title="{$scannedPort/@protocol}/{$scannedPort/@portid} {$scannedPort/service/@name} {$scannedPort/state/@state}">
+                <xsl:value-of select="@name"/>
+            </a>
+        </xsl:when>
+        <xsl:when test="$scannedPort/service/@name='ftp' or $scannedPort/service/@name='ssh' or $scannedPort/service/@name='http' or $scannedPort/service/@name='https'">
+            <a class="ui {$state} mini button" href="{$scannedPort/service/@name}://{$scannedHostAddress}:{$scannedPort/@portid}"  target="_blank" title="{$scannedPort/@protocol}/{$scannedPort/@portid} {$scannedPort/service/@name} {$scannedPort/state/@state}">
+                <xsl:value-of select="@name"/>
+            </a>
        </xsl:when>
        <xsl:otherwise>
-            <a class="ui red disabled mini button">
+            <a class="ui disabled {$state} mini button" title="{$scannedPort/@protocol}/{$scannedPort/@portid} {$scannedPort/service/@name} {$scannedPort/state/@state}">
                <xsl:value-of select="@name"/>
            </a>
        </xsl:otherwise>
--- a/scan_all.php
+++ b/scan_all.php
@ -9,10 +9,10 @@ if (! function_exists('str_ends_with')) {
 if (!file_exists("scans")) mkdir("scans");
 if (!file_exists("site")) mkdir("site");

-foreach (scandir("./confs/") as $file) {
+foreach (scandir(__DIR__."/confs/") as $file) {
    if (str_ends_with($file, ".yaml")) {
        $site = str_replace(".yaml", "", $file);
-        $yaml = yaml_parse_file("confs/$file");
+        $yaml = yaml_parse_file(__DIR__."/confs/$file");

        $targets = [];
        $services = [];
@ -46,9 +46,9 @@ XML
        $targets = join(array_keys($targets), " ");
        $services = join(array_keys($services), ",");

-        exec("nmap -v -Pn -p $services --script smb-enum-shares,./http-get.nse,./http-favicon-url.nse -oX 'scans/$site.xml' $targets\n");
+        exec("nmap -v -Pn -p $services --script smb-enum-shares,./http-get.nse,./http-favicon-url.nse -oX '".__DIR__."/scans/$site.xml' $targets\n");

-        $xml->asXML("site/$site.xml");
+        $xml->asXML(__DIR__."/site/$site.xml");
    }
 }
 ?>