diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..85aa2a3 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +scans/ diff --git a/config.php b/config.php new file mode 100644 index 0000000..0edf7c0 --- /dev/null +++ b/config.php @@ -0,0 +1,4 @@ + - - - - lanScan - - - - - - -
-
-
-
-
-
Scan de découverte
-
- - -
-
- - -
-
- -
-
-
-
-
-
- - - - - - \ No newline at end of file diff --git a/logo.svg b/logo.svg old mode 100644 new mode 100755 diff --git a/new-scan.php b/new-scan.php new file mode 100755 index 0000000..d2e44e2 --- /dev/null +++ b/new-scan.php @@ -0,0 +1,73 @@ + FILTER_NULL_ON_FAILURE, + 'options' => ['regexp' => '/^[^<>:"\/|?]+$/'], +]); + +$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ + 'flags' => FILTER_NULL_ON_FAILURE, + 'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'], +]); +if (!$targets) { + $targets = $_SERVER['SERVER_NAME'].' '.$_SERVER['REMOTE_ADDR']; +} +?> + + + + + + lanScan + + + + + + + + + + + + +
+
+

Nouveau scan

+
+ + +
+
+ + +
+ +
+
+ + + + \ No newline at end of file diff --git a/nmap/scripts/http-info.nse b/nmap/scripts/http-info.nse new file mode 100644 index 0000000..827212c --- /dev/null +++ b/nmap/scripts/http-info.nse @@ -0,0 +1,109 @@ +local shortport = require "shortport" + +description = [[ +Get and return a page info +]] + +--- +-- @args http-get.path Path to get. Default /. +-- +-- @usage nmap -p80 --script http-info.nse --script-args http-info.path=/ +-- +-- @output +-- status: 200 +-- status-line: HTTP/1.1 200 OK\x0D +--- + +categories = {"discovery", "intrusive"} +author = "Adrien Malingrey" +license = "Same as Nmap--See https://nmap.org/book/man-legal.html" + +portrule = shortport.service({"http", "https", "ssl"}) + +local http = require "http" +local stdnse = require "stdnse" + +action = function(host, port) + local scheme = "" + local hostaddress = (host.name ~= '' and host.name) or host.ip + local path = "/" + local uri + local favicon_relative_uri = "/favicon.ico" + local favicon + + if (port.service == "ssl") then + scheme = "https" + else + scheme = port.service + end + + if(stdnse.get_script_args('http-get.path')) then + path = stdnse.get_script_args('http-info.path') + end + + uri = scheme.."://"..hostaddress..":"..port.number..path + stdnse.debug1("Try to download %s", uri) + local answer = http.get_url(uri, {}) + + local info = {status=answer.status, ["status-line"]=answer["status-line"]} + + if (answer and answer.status == 200) then + stdnse.debug1("[SUCCESS] Load page %s", uri) + -- Taken from http-title.nse by Diman Todorov + local title = string.match(answer.body, "<[Tt][Ii][Tt][Ll][Ee][^>]*>([^<]*)") + if (title) then + info.title = title + end + stdnse.debug1("[INFO] Try favicon %s", favicon_relative_uri) + favicon_relative_uri = parseIcon(answer.body) or "favicon.ico" + else + stdnse.debug1("[ERROR] Can't load page %s", uri) + end + + favicon_absolute_uri = scheme.."://"..hostaddress..":"..port.number..favicon_relative_uri + favicon = http.get_url(favicon_absolute_uri, {}) + + if (favicon and favicon.status == 200) then + stdnse.debug1("[SUCCESS] Load favicon %s", favicon_absolute_uri) + info.favicon = favicon_absolute_uri + else + stdnse.debug1("[ERROR] Can't load favicon %s", favicon_absolute_uri) + end + + return info +end + +--- function taken from http_favicon.nse by Vlatko Kosturjak + +function parseIcon( body ) + local _, i, j + local rel, href, word + + -- Loop through link elements. + i = 0 + while i do + _, i = string.find(body, "<%s*[Ll][Ii][Nn][Kk]%s", i + 1) + if not i then + return nil + end + -- Loop through attributes. + j = i + while true do + local name, quote, value + _, j, name, quote, value = string.find(body, "^%s*(%w+)%s*=%s*([\"'])(.-)%2", j + 1) + if not j then + break + end + if string.lower(name) == "rel" then + rel = value + elseif string.lower(name) == "href" then + href = value + end + end + for word in string.gmatch(rel or "", "%S+") do + if string.lower(word) == "icon" then + return href + end + end + end +end diff --git a/nmap/scripts/script-args.ini b/nmap/scripts/script-args.ini new file mode 100644 index 0000000..28a1b90 --- /dev/null +++ b/nmap/scripts/script-args.ini @@ -0,0 +1,2 @@ +smbuser = +smbpassword = \ No newline at end of file diff --git a/nmap/scripts/smb-shares-size.nse b/nmap/scripts/smb-shares-size.nse new file mode 100644 index 0000000..ab6b5a2 --- /dev/null +++ b/nmap/scripts/smb-shares-size.nse @@ -0,0 +1,206 @@ +local stdnse = require "stdnse" +local smb = require "smb" +local smb2 = require "smb2" +local msrpc = require "msrpc" +local bin = require "bin" +local shortport = require "shortport" + +description = [[ +Return free and total size in octets of each SMB shares +]] + +--- +-- @args See the documentation for the smbauth library. +-- +-- @usage nmap -p445 --script smb-shares-size.nse +-- +-- @output +-- Host script results: +-- | smb-shares-size: +-- | data: +-- | FreeSize: 38495883264 +-- | TotalSize: 500961574912 +-- |_ IPC$: NT_STATUS_ACCESS_DENIED +--- + +categories = {"discovery", "intrusive"} +author = "Adrien Malingrey" +license = "Same as Nmap--See https://nmap.org/book/man-legal.html" + +portrule = shortport.service({"microsoft-ds", "netbios-ssn"}) + + +action = function(host) + local status, shares, extra + local response = stdnse.output_table() + + -- Try and do this the good way, make a MSRPC call to get the shares + stdnse.debug1("SMB: Attempting to log into the system to enumerate shares") + status, shares = msrpc.enum_shares(host) + if(status == false) then + return stdnse.format_output(false, string.format("Couldn't enumerate shares: %s", shares)) + end + + -- Get more information on each share + for i = 1, #shares, 1 do + local share = shares[i] + if (share ~= nil) then + local status, result = get_share_info(host, share) + if (status) then + response[share] = result + end + end + end + + return response +end + +TRANS2_QUERY_FS_INFORMATION = 0x0003 +SMB_QUERY_FS_SIZE_INFO = 0x0103 +---Attempts to retrieve additional information about a share. Will fail unless we have +-- administrative access. +-- +--@param host The host object. +--@return Status (true or false). +--@return A table of information about the share (if status is true) or an an error string (if +-- status is false). +function get_share_info(host, share) + local status, smbstate, err + local hostaddress = (host.name ~= '' and host.name) or host.ip + local path = "\\\\" .. hostaddress .. "\\" .. share + + status, smbstate = smb.start(host) + status, err = smb.negotiate_protocol(smbstate, {}) + status, err = smb.start_session(smbstate, {}) + status, err = smb.tree_connect(smbstate, path, {}) + + stdnse.debug1("SMB: Getting information for share: %s", path) + + local status, err = send_transaction2(smbstate, TRANS2_QUERY_FS_INFORMATION, bin.pack(" FILTER_NULL_ON_FAILURE, + 'options' => ['regexp' => '/^[^@<>:"\/|?]+$/'], +]); +if (!$name) { + http_response_code(400); + exit('Paramètre name manquant.'); +} + +$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ + 'flags' => FILTER_NULL_ON_FAILURE, + 'options' => ['regexp' => "/^[\da-zA-Z.:\/_ -]+$/"], +]); +if (!$targets) { + http_response_code(400); + exit('Paramètre targets manquant.'); +} + +$basedir = $_SERVER['REQUEST_SCHEME'].'://'.$_SERVER['SERVER_NAME'].':'.$_SERVER['SERVER_PORT'].dirname($_SERVER['REQUEST_URI']); + +$dir = $SCANS_DIR; +if (!file_exists($dir)) { + mkdir($dir); +} +$firstPath = ("$dir/${name}.xml"); +if (file_exists($firstPath)) { + $path = ("$dir/${name}@".date('YmdHis').'.xml'); +} else { + $path = $firstPath; + $firstPath = ''; +} + +$stylesheetUrl = "$basedir/stylesheet.xsl"; + +$command = 'NMAPDIR=./nmap nmap'; +$command .= " $NMAP_OPTIONS"; +$command .= ' -oX '.escapeshellarg($path); +$command .= ' --stylesheet '.escapeshellarg($stylesheetUrl); +$command .= " $targets"; + +exec($command, $output, $retval); + +if (!file_exists(__DIR__."/$path")) { + http_response_code(500); + exit(implode("
\n", $output)); +} + +// Add params +$xml = new DOMDocument(); +$xml->load($path); +$processingInstruction = $xml->createProcessingInstruction('xslt-param', "name='name' value='$name'"); +$xml->insertBefore($processingInstruction, $xml->documentElement); +$processingInstruction = $xml->createProcessingInstruction('xslt-param', "name='targets' value='$targets'"); +$xml->insertBefore($processingInstruction, $xml->documentElement); +$processingInstruction = $xml->createProcessingInstruction('xslt-param', "name='basedir' value='$basedir'"); +$xml->insertBefore($processingInstruction, $xml->documentElement); +$processingInstruction = $xml->createProcessingInstruction('xslt-param', "name='compareWith' value='$basedir/$firstPath'"); +$xml->insertBefore($processingInstruction, $xml->documentElement); +$xml->save($path); + +header('Location: '.$path); diff --git a/server.php b/server.php new file mode 100644 index 0000000..ad0145b --- /dev/null +++ b/server.php @@ -0,0 +1,2 @@ + .detail { + margin-left: .3em; +} + +.share-size { + --free-ratio: calc(var(--free) / var(--total)); + --used-percent: calc(100% - 100%*var(--free-ratio)); + --color: hsl(calc(120*var(--free-ratio)) 100% 50%); + background-image: linear-gradient(to right, var(--color) var(--used-percent), transparent var(--used-percent), transparent) !important; +} \ No newline at end of file diff --git a/stylesheet copy.php b/stylesheet copy.php new file mode 100755 index 0000000..330ebd6 --- /dev/null +++ b/stylesheet copy.php @@ -0,0 +1,259 @@ + FILTER_NULL_ON_FAILURE, + 'options' => ['regexp' => '/^[^<>:"\/|@?]+$/'], +]); + +$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ + 'flags' => FILTER_NULL_ON_FAILURE, + 'options' => ['regexp' => '/^[\da-zA-Z.\/_ -]+$/'], +]); + +$basedir = $_SERVER['REQUEST_SCHEME'].'://'.$_SERVER['SERVER_NAME'].':'.$_SERVER['SERVER_PORT'].dirname($_SERVER['REQUEST_URI']); + +$firstScan = "$basedir/scans/$name.xml"; +?> + + + + + + + + + + + + + + + + + <xsl:value-of select="$name"/> - lanScan + + + + + + + + + + + + + + + + +
+ + +
+ +
+
+

+
+
+ + +
+ +
+
+

+
+
+ + +

+ + + + + + + + + + + + +
EtatAdresse IPNomServices
+
+ + + + + + + + + + + + positive + negative + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ui label + + red + orange + green + green + orange disabled + red disabled + + + mini dropdown button share-size + small + + + + + ://: + + + + + /rdp.php?v=: + + + + + + + + --free: + + ; --total: + + + + + + +
+ + U: + : + + +
+ + +
+ + + +
+ + + + + + + + + \ No newline at end of file diff --git a/stylesheet.xsl b/stylesheet.xsl new file mode 100755 index 0000000..943f2dd --- /dev/null +++ b/stylesheet.xsl @@ -0,0 +1,235 @@ + + + + + + + + + + + + + + + + + lanScan - <xsl:value-of select="$name"/> + + + + + + + + + + + + + + + + +
+ +
+ +
+
+

+
+
+ + +

+ +
+

+ + +
+ Comparaison avec le scan de + +
+ + + + + + + + + + + + + + + +
EtatAdresse IPNomServices
+
+ + + + + + + + + + + + + positive + negative + + + + + + + + down + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ui label + + red + orange + green + green + orange disabled + red disabled + + + mini dropdown button share-size + small + + + + + ://: + + + + + /rdp.php?v=: + + + + + + + + --free: + + ; --total: + + + + + + +
+ + U: + : + + +
+ + +
+ + + +
+ + + + + + + + + \ No newline at end of file