adrien/lanScan3
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

small fixes

Browse Source
This commit is contained in:
Adrien MALINGREY 2024-10-14 03:36:07 +02:00
parent 2f7eebdaf1
commit cf5dcf24a7
5 changed files with 102 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

177
filter_inputs.php
View File

@ -13,95 +13,104 @@ $host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['
$saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex]]); $saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex]]);
$compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_URL); $compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_URL);
$inputs = filter_input_array(INPUT_GET, [
'iR' => ['filter' => FILTER_VALIDATE_INT],
'exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], if ($lan) {
'sP' => ['filter' => FILTER_VALIDATE_BOOLEAN], $targets = $lan;
'P0' => ['filter' => FILTER_VALIDATE_BOOLEAN], $inputs = $LANSCAN_OPTIONS;
'Pn' => ['filter' => FILTER_VALIDATE_BOOLEAN], } else if ($host) {
'PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], $targets = $host;
'PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], $inputs = $HOSTSCAN_OPTIONS;
'PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], } else {
'PE' => ['filter' => FILTER_VALIDATE_BOOLEAN], $inputs = filter_input_array(INPUT_GET, [
'PP' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'iR' => FILTER_VALIDATE_INT,
'PM' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'PR' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'send-ip' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'n' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'R' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sS' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sT' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'sP' => FILTER_VALIDATE_BOOLEAN,
'sA' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'P0' => FILTER_VALIDATE_BOOLEAN,
'sW' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'Pn' => FILTER_VALIDATE_BOOLEAN,
'sM' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'sF' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'sN' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'sX' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'PE' => FILTER_VALIDATE_BOOLEAN,
'scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]], 'PP' => FILTER_VALIDATE_BOOLEAN,
'sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]], 'PM' => FILTER_VALIDATE_BOOLEAN,
'sO' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'b' => FILTER_VALIDATE_DOMAIN, 'PR' => FILTER_VALIDATE_BOOLEAN,
'traceroute' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'send-ip' => FILTER_VALIDATE_BOOLEAN,
'reason' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'n' => FILTER_VALIDATE_BOOLEAN,
'R' => FILTER_VALIDATE_BOOLEAN,
'dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]], 'sS' => FILTER_VALIDATE_BOOLEAN,
'F' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'sT' => FILTER_VALIDATE_BOOLEAN,
'r' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'sA' => FILTER_VALIDATE_BOOLEAN,
'top-ports' => FILTER_VALIDATE_INT, 'sW' => FILTER_VALIDATE_BOOLEAN,
'port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]], 'sM' => FILTER_VALIDATE_BOOLEAN,
'sF' => FILTER_VALIDATE_BOOLEAN,
'sN' => FILTER_VALIDATE_BOOLEAN,
'sX' => FILTER_VALIDATE_BOOLEAN,
'scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]],
'sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
'sO' => FILTER_VALIDATE_BOOLEAN,
'b' => FILTER_VALIDATE_URL,
'traceroute' => FILTER_VALIDATE_BOOLEAN,
'reason' => FILTER_VALIDATE_BOOLEAN,
'sV' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'version-light' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'F' => FILTER_VALIDATE_BOOLEAN,
'version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]], 'r' => FILTER_VALIDATE_BOOLEAN,
'version-all' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'top-ports' => FILTER_VALIDATE_INT,
'version-trace' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
'O' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'sV' => FILTER_VALIDATE_BOOLEAN,
'osscan-limit' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'version-light' => FILTER_VALIDATE_BOOLEAN,
'osscan-guess' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'version-all' => FILTER_VALIDATE_BOOLEAN,
'version-trace' => FILTER_VALIDATE_BOOLEAN,
'T0' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'O' => FILTER_VALIDATE_BOOLEAN,
'T1' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'T2' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'T3' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T4' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'T5' => ['filter' => FILTER_VALIDATE_BOOLEAN],
'min-hostgroup' => ['filter' => FILTER_VALIDATE_INT],
'max-hostgroup' => ['filter' => FILTER_VALIDATE_INT],
'min-parallelism' => ['filter' => FILTER_VALIDATE_INT],
'max-parallelism' => ['filter' => FILTER_VALIDATE_INT],
'min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-retries' => ['filter' => FILTER_VALIDATE_INT],
'host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'f' => ['filter' => FILTER_VALIDATE_INT], 'T0' => FILTER_VALIDATE_BOOLEAN,
'mtu' => ['filter' => FILTER_VALIDATE_INT], 'T1' => FILTER_VALIDATE_BOOLEAN,
'D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]], 'T2' => FILTER_VALIDATE_BOOLEAN,
'S' => ['filter' => FILTER_VALIDATE_IP], 'T3' => FILTER_VALIDATE_BOOLEAN,
'e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]], 'T4' => FILTER_VALIDATE_BOOLEAN,
'g' => ['filter' => FILTER_VALIDATE_INT], 'T5' => FILTER_VALIDATE_BOOLEAN,
'source-port' => ['filter' => FILTER_VALIDATE_INT], 'min-hostgroup' => FILTER_VALIDATE_INT,
'data-length' => ['filter' => FILTER_VALIDATE_INT], 'max-hostgroup' => FILTER_VALIDATE_INT,
'ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]], 'min-parallelism' => FILTER_VALIDATE_INT,
'ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]], 'max-parallelism' => FILTER_VALIDATE_INT,
'spoof-mac' => ['filter' => FILTER_VALIDATE_MAC], 'min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'badsum' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-retries' => FILTER_VALIDATE_INT,
'host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
//'6' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'f' => FILTER_VALIDATE_INT,
'A' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'mtu' => FILTER_VALIDATE_INT,
'send-eth' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'privileged' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'S' => ['filter' => FILTER_VALIDATE_IP],
'V' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]],
'unprivileged' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'g' => FILTER_VALIDATE_INT,
'h' => ['filter' => FILTER_VALIDATE_BOOLEAN], 'source-port' => FILTER_VALIDATE_INT,
'stylesheet' => ['filter' => FILTER_VALIDATE_URL], 'data-length' => FILTER_VALIDATE_INT,
], false) ?: $LANSCAN_OPTIONS; 'ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
'ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'spoof-mac' => FILTER_VALIDATE_MAC,
'badsum' => FILTER_VALIDATE_BOOLEAN,
//'6' => FILTER_VALIDATE_BOOLEAN,
'A' => FILTER_VALIDATE_BOOLEAN,
'send-eth' => FILTER_VALIDATE_BOOLEAN,
'privileged' => FILTER_VALIDATE_BOOLEAN,
'V' => FILTER_VALIDATE_BOOLEAN,
'unprivileged' => FILTER_VALIDATE_BOOLEAN,
'h' => FILTER_VALIDATE_BOOLEAN,
'stylesheet' => FILTER_VALIDATE_URL,
], false) ?: $LANSCAN_OPTIONS;
}

4
index.php
View File

@ -35,7 +35,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
<button style="display: none;" type="submit" formmethod="get" formaction="scan.php"></button> <button style="display: none;" type="submit" formmethod="get" formaction="scan.php"></button>
</div> </div>
<div class="item"> <div class="item">
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="lanInput.required=false"> <button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i> <i class="sliders horizontal icon"></i>
</button> </button>
</div> </div>
@ -48,7 +48,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
<h1 class="ui header">Précédents scans</h1> <h1 class="ui header">Scans enregistrés</h1>
<div class="ui large relaxed card"> <div class="ui large relaxed card">
<div class="content"> <div class="content">
<div class="ui divided link list"> <div class="ui divided link list">

6
lanScan.xsl
View File

@ -116,7 +116,7 @@ Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<th>Adresse IP</th> <th>Adresse IP</th>
<th>Nom</th> <th>Nom</th>
<th class="ten wide">Services</th> <th class="ten wide">Services</th>
<th>Scanner</th> <th>Scanner les services</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
@ -243,14 +243,14 @@ $.toast({
</xsl:apply-templates> </xsl:apply-templates>
</td> </td>
<td> <td>
<a class="ui right labeled mini teal icon button" onclick="this.getElementsByTagName('i')[0].className = 'loading spinner icon'"> <a class="ui mini icon labeled teal button" onclick="this.getElementsByTagName('i')[0].className = 'loading spinner icon'">
<xsl:attribute name="href"> <xsl:attribute name="href">
<xsl:value-of select="$basedir"/> <xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?host=</xsl:text> <xsl:text>/scan.php?host=</xsl:text>
<xsl:value-of select="$hostAddress"/> <xsl:value-of select="$hostAddress"/>
</xsl:attribute> </xsl:attribute>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
<xsl:text>Scanner</xsl:text> <xsl:text>Services</xsl:text>
</a> </a>
</td> </td>
</tr> </tr>

4
options.php
View File

@ -41,7 +41,7 @@ include_once 'filter_inputs.php';
<label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. <label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label> Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles" required <input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets ?? $lan ?? $host; ?>" list="targetsList" pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" /> Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div> </div>
@ -164,7 +164,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
<div class="title"> <div class="title">
<i class="icon dropdown"></i> <i class="icon dropdown"></i>
Techniques de scan Spécifications des ports et ordre du scan
</div> </div>
<div class="content"> <div class="content">
<div class="inline field" title="-sP"> <div class="inline field" title="-sP">

12
scan.php
View File

@ -3,15 +3,7 @@
include_once 'config.php'; include_once 'config.php';
include_once 'filter_inputs.php'; include_once 'filter_inputs.php';
if ($targets) { if (!$targets) {
$options = $inputs;
} else if ($lan) {
$targets = $lan;
$options = $LANSCAN_OPTIONS;
} else if ($host) {
$targets = $host;
$options = $HOSTSCAN_OPTIONS;
} else {
http_response_code(400); http_response_code(400);
die('Paramètre manquant : targets, lan ou host'); die('Paramètre manquant : targets, lan ou host');
} }
@ -19,7 +11,7 @@ if ($targets) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR); if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$args = ''; $args = '';
foreach ($options as $arg => $value) { foreach ($inputs as $arg => $value) {
if (is_null($value)) { if (is_null($value)) {
http_response_code(400); http_response_code(400);
die("Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS)); die("Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS));