adrien/lanScan3
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new scan menu

Browse Source
This commit is contained in:
Adrien MALINGREY 2024-10-07 20:42:16 +02:00
parent b02c89973c
commit d5dd51921c
6 changed files with 77 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
common.php Normal file
View File

@ -0,0 +1,13 @@
<?php
include_once 'config.php';
$name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[^<>:"\/|?]+$/'],
]);
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'],
]);

4
config.php
View File

@ -1,4 +1,4 @@
<?php <?php
$NMAP_OPTIONS = '-PSssh,http,https,msrpc,microsoft-ds -F -T5';
$SCANS_DIR = 'scans'; $SCANS_DIR = 'scans';
?> $NMAP_OPTIONS = '-PSssh,http,https,msrpc,microsoft-ds -F -T5';

36
index.php
View File

@ -1,11 +1,4 @@
<?php <?php include_once 'common.php'; ?>
include_once 'config.php';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'],
]);
?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fr"> <html lang="fr">
@ -27,18 +20,21 @@ $targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
<a class="header item" href="."> <a class="header item" href=".">
lan<?php include 'logo.svg'; ?>can lan<?php include 'logo.svg'; ?>can
</a> </a>
<div class="right menu"> <form class="right menu">
<iconsearch class="ui right aligned search category item"> <div class="ui category search item">
<div class="ui icon input"> <div class="ui icon input">
<form id="newScanForm" class="ui form" method="get" action="scan.php"> <input class="prompt" type="text" id="targetsInput" name="targets" required=""
<input class="prompt" type="text" name="targets" placeholder="Scanner un réseau..." required="" autocomplete="off" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" placeholder="Scanner un réseau..."
Exemple: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>" pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" /> title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
</form> Exemple: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>"/>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
</div> <button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button>
<div class="results"></div> </div>
</iconsearch> </div>
</div> <div class="item" >
<button class="ui teal button" type="submit" formaction="scan-options.php" formmethod="get">Options</button>
</div>
</form>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">

9
advanced-scan.php → scan-options.php
View File

@ -1,13 +1,6 @@
<?php <?php
$name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, [ include_once 'common.php';
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[^<>:"\/|?]+$/'],
]);
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'],
]);
if (!$targets) { if (!$targets) {
$targets = $_SERVER['SERVER_NAME'].' '.$_SERVER['REMOTE_ADDR']; $targets = $_SERVER['SERVER_NAME'].' '.$_SERVER['REMOTE_ADDR'];
} }

55
scan.php
View File

@ -1,14 +1,16 @@
<?php <?php
include_once 'config.php'; include_once 'config.php';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ $targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE, 'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => "/^[\da-zA-Z.:\/_ -]+$/"], 'options' => ['regexp' => "/^[\da-zA-Z.:\/_ -]+$/"],
]); ]);
if (!$targets) {
http_response_code(400); $name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, [
exit('Paramètre targets manquant.'); 'flags' => FILTER_NULL_ON_FAILURE,
} 'options' => ['regexp' => '/^[^@<>:"\/|!?]+$/'],
]);
$dir = $SCANS_DIR; $dir = $SCANS_DIR;
if (!file_exists($SCANS_DIR)) { if (!file_exists($SCANS_DIR)) {
@ -26,28 +28,27 @@ if (file_exists($initPath)) {
$basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}".dirname($_SERVER['REQUEST_URI']); $basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}".dirname($_SERVER['REQUEST_URI']);
$result = `nmap $NMAP_OPTIONS --stylesheet $basedir/stylesheet.xsl -oX - $targets`; $result = `nmap $NMAP_OPTIONS --stylesheet $basedir/stylesheet.xsl -oX - $targets`;
if (!$result) {
if ($result) {
$xml = new DOMDocument();
$xml->loadXML($result);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='targets' value='$targets'"), $xml->documentElement);
$dir = $SCANS_DIR;
if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR);
}
$path = "$SCANS_DIR/".str_replace('/', '!', $targets).'.xml';
if (!file_exists($path)) {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value=''"), $xml->documentElement);
$xml->save($path);
} else {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value='$path'"), $xml->documentElement);
}
header('Content-type: text/xml');
exit($xml->saveXML());
} else {
http_response_code(500); http_response_code(500);
exit(); exit();
} }
$xml = new DOMDocument();
$xml->loadXML($result);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='targets' value='$targets'"), $xml->documentElement);
$dir = $SCANS_DIR;
if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR);
}
$path = "$SCANS_DIR/".str_replace('/', '!', $targets).'.xml';
if (!file_exists($path)) {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value=''"), $xml->documentElement);
$xml->save($path);
} else {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value='$path'"), $xml->documentElement);
}
header('Content-type: text/xml');
exit($xml->saveXML());

31
stylesheet.xsl
View File

@ -31,7 +31,7 @@
<body> <body>
<nav class="ui inverted teal fixed menu"> <nav class="ui inverted teal fixed menu">
<a class="header item" href="."> <a class="header item" href="./?targets={$targets}">
<xsl:text>lan</xsl:text> <xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" <svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40"
xmlns="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg"
@ -83,18 +83,21 @@
<xsl:text>can</xsl:text> <xsl:text>can</xsl:text>
</a> </a>
<div class="right menu"> <form class="right menu">
<iconsearch class="ui right aligned search category item"> <div class="ui category search item">
<div class="ui icon input"> <div class="ui icon input">
<form id="newScanForm" class="ui form" method="get" action="scan.php"> <input class="prompt" type="text" id="targetsInput" name="targets" required=""
<input class="prompt" type="text" name="targets" placeholder="Scanner un réseau..." required="" autocomplete="off" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
Exemple: scanme.nmap.org microsoft.com/24 192.168.0.1 10.0-255.0-255.1-254" pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" /> title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
</form> Exemple: 192.168.1.0/24 scanme.nmap.org"/>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
</div> <button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button>
<div class="results"></div> </div>
</iconsearch> </div>
</div> <div class="item" >
<button class="ui teal button" type="submit" formaction="scan-options.php" formmethod="get">Options</button>
</div>
</form>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
@ -246,7 +249,7 @@ Exemple: scanme.nmap.org microsoft.com/24 192.168.0.1 10.0-255.0-255.1-254" patt
</xsl:attribute> </xsl:attribute>
</xsl:if> </xsl:if>
<xsl:if test="service/@name='ms-wbt-server'"> <xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress" />:<xsl:value-of select="@portid" /> <xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress" />&amp;p=<xsl:value-of select="@portid" />
</xsl:attribute> </xsl:attribute>
</xsl:if> </xsl:if>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> <xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">