adrien/lanScan3
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: adrien:0c72ceb620e0b780317d6525f55b309c143cd000
Branches Tags
adrien:master
..
compare: adrien:master
Branches Tags
adrien:master

5 Commits
0c72ceb620 ... master

Author SHA1 Message Date
adrien
b445d08ce1 outch 2025-01-27 18:47:38 +01:00
adrien
e2c1c6604e WIP 2025-01-24 17:38:33 +01:00
adrien
a593148c38 add --defeat-rst-ratelimit 2024-12-04 16:26:58 +01:00
adrien
d45b05941f putain de point virgule 2024-11-26 15:18:01 +01:00
adrien
e423273752 save if name only 2024-11-26 15:15:12 +01:00
12 changed files with 86 additions and 69 deletions
Expand all files Collapse all files

34
config.php
View File

@ -1,29 +1,31 @@
<?php <?php
$port = (($_SERVER['REQUEST_SCHEME'] == "http" && $_SERVER['SERVER_PORT'] == 80) || ($_SERVER['REQUEST_SCHEME'] == "https" && $_SERVER['SERVER_PORT'] == 443)) ? "" : ":{$_SERVER['SERVER_PORT']}"; $port = (($_SERVER['REQUEST_SCHEME'] == "http" && $_SERVER['SERVER_PORT'] == 80) || ($_SERVER['REQUEST_SCHEME'] == "https" && $_SERVER['SERVER_PORT'] == 443)) ? "" : ":{$_SERVER['SERVER_PORT']}";
$BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}$port" . dirname($_SERVER['SCRIPT_NAME']); $BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}$port" . dirname($_SERVER['SCRIPT_NAME']);
$SCANSDIR = 'scans'; $SCANSDIR = 'scans';
$NMAPDIR = dirname(`which nmap`) . "/../share/nmap"; $TEMPLATESDIR = "templates";
$DATADIR = "datadir"; $NMAP = 'sudo nmap'; # nmap command, E.g. 'nmap', 'sudo nmap' for root privileges or '/usr/bin/nmap' if not in PATH
$SCRIPTARGS = "script-args.ini"; $NMAPDIR = dirname(`which nmap`) . "/../share/nmap";
$DATADIR = ".";
$SCRIPTARGS = "script-args.ini";
$presets = [ $presets = [
"default" => [ "default" => [
'-PS' => 'microsoft-ds', '-PS' => 'microsoft-ds',
'-F' => true, '-F' => true,
'-T' => 5, '-T' => 5,
'--stylesheet' => "$BASEDIR/templates/lanScan.xsl", '--stylesheet' => "lanScan",
'refreshPeriod' => 60, 'refreshPeriod' => 60,
'sudo' => false, #'sudo' => false,
], ],
"host" => [ "host" => [
'-Pn' => true, '-Pn' => true,
'-F' => true, '-F' => true,
'-sV' => true, '-sV' => true,
'-T' => 5, '-T' => 5,
'--script' => "http-info,smb-shares-size", '--script' => "http-info,smb-shares-size",
'--stylesheet' => "$BASEDIR/templates/hostScan.xsl", '--stylesheet' => "hostScan",
'refreshPeriod' => 60, 'refreshPeriod' => 60,
'sudo' => true, #'sudo' => true,
], ],
]; ];

7
filter_inputs.php
View File

@ -10,7 +10,7 @@ $tempoRegex = '/^\d+[smh]?$/';
$fileNameRegex = '/^[^<>:\/|?]+$/'; $fileNameRegex = '/^[^<>:\/|?]+$/';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]); $targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$preset = filter_input(INPUT_GET, "preset"); $preset = filter_input(INPUT_GET, "preset", FILTER_SANITIZE_STRING);
if ($preset && isset($presets[$preset])) { if ($preset && isset($presets[$preset])) {
$options = $presets[$preset]; $options = $presets[$preset];
@ -107,7 +107,7 @@ if ($preset && isset($presets[$preset])) {
'-V' => FILTER_VALIDATE_BOOLEAN, '-V' => FILTER_VALIDATE_BOOLEAN,
'--unprivileged' => FILTER_VALIDATE_BOOLEAN, '--unprivileged' => FILTER_VALIDATE_BOOLEAN,
'-h' => FILTER_VALIDATE_BOOLEAN, '-h' => FILTER_VALIDATE_BOOLEAN,
'--stylesheet' => FILTER_VALIDATE_URL, '--stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
// lanScan // lanScan
'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]], 'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
'originalURL' => FILTER_VALIDATE_URL, 'originalURL' => FILTER_VALIDATE_URL,
@ -116,6 +116,9 @@ if ($preset && isset($presets[$preset])) {
], false) ?: $presets["default"]; ], false) ?: $presets["default"];
} }
$options["--datadir"] = $DATADIR;
$options["--script-args-file"] = $SCRIPTARGS;
/*echo "<!--"; /*echo "<!--";
var_dump($options); var_dump($options);
echo "-->\n";*/ echo "-->\n";*/

74
index.php
View File

@ -170,10 +170,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
</div> </div>
</div> </div>
<div class="title"> <div class="title"><i class="icon dropdown"></i>Techniques de scan de ports</div>
<i class="icon dropdown"></i>
Techniques de scan de ports
</div>
<div class="content"> <div class="content">
<div class="field"> <div class="field">
<div class="fields"> <div class="fields">
@ -269,10 +266,7 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
</div> </div>
</div> </div>
<div class="title"> <div class="title"><i class="icon dropdown"></i>Spécifications des ports et ordre du scan</div>
<i class="icon dropdown"></i>
Spécifications des ports et ordre du scan
</div>
<div class="content"> <div class="content">
<div class="inline field"> <div class="inline field">
<div class="ui toggle checkbox" title="-sP"> <div class="ui toggle checkbox" title="-sP">
@ -569,6 +563,12 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
value="<?= $options["--max-scan-delay"] ?? "" ?>"> value="<?= $options["--max-scan-delay"] ?? "" ?>">
</div> </div>
</div> </div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="defeatRSTRateLimitCheckbox" type="checkbox" name="--defeat-rst-ratelimit" <?= $options['--defeat-rst-ratelimit'] ?? false ? 'checked' : ''; ?> />
<label for="defeatRSTRateLimitCheckbox" title="--defeat-rst-ratelimit">Ignorer les limitations de paquets RST</label>
</div>
</div>
</div> </div>
<div class="title"><i class="icon dropdown"></i>Divers</div> <div class="title"><i class="icon dropdown"></i>Divers</div>
@ -577,14 +577,14 @@ Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.
<label for="stylesheetSelect" title="--stylesheet">Feuille de style</label> <label for="stylesheetSelect" title="--stylesheet">Feuille de style</label>
<select id="stylesheetSelect" class="ui dropdown" name="--stylesheet" value="<?= $options["--stylesheet"] ?? ""?>"> <select id="stylesheetSelect" class="ui dropdown" name="--stylesheet" value="<?= $options["--stylesheet"] ?? ""?>">
<?php <?php
foreach (scandir('templates') as $filename) { foreach (scandir($TEMPLATESDIR) as $filename) {
if (substr($filename, -4) === '.xsl') { if (substr($filename, -4) === '.xsl') {
$name = substr($filename, 0, -4); $name = substr($filename, 0, -4);
$URL = "$BASEDIR/templates/".rawurlencode($filename); #$URL = rawurlencode($filename);
if (isset($options["--stylesheet"]) && $URL == $options["--stylesheet"]) { if (isset($options["--stylesheet"]) && $name == $options["--stylesheet"]) {
echo " <option value='$URL' selected>$name</option>\n"; echo " <option value='$name' selected>$name</option>\n";
} else { } else {
echo " <option value='$URL'>$name</option>\n"; echo " <option value='$name'>$name</option>\n";
} }
} }
} }
@ -593,19 +593,19 @@ foreach (scandir('templates') as $filename) {
</div> </div>
<div class="field"> <div class="field">
<label for="originalURLSelect">Comparer avec un précédent scan</label> <label for="originalSelect">Comparer avec un précédent scan</label>
<select id="originalURLSelect" class="ui clearable dropdown" name="originalURL" value="<?= $options["originalURL"] ?? "" ?>"> <select id="originalSelect" class="ui clearable dropdown" name="original" value="<?= $options["original"] ?? "" ?>">
<option value="">Précédent scan</option> <option value="">Précédent scan</option>
<?php <?php
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR); if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
foreach (scandir($SCANSDIR) as $filename) { foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') { if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4); $name = substr($filename, 0, -4);
$URL = "$BASEDIR/$SCANSDIR/".rawurlencode($filename); #$URL = "$BASEDIR/$SCANSDIR/".rawurlencode($filename);
if (isset($options["originalURL"]) && $URL == $options["originalURL"]) { if (isset($options["original"]) && $name == $options["original"]) {
echo " <option value='$URL' selected>$name</option>\n"; echo " <option value='$name' selected>$name</option>\n";
} else { } else {
echo " <option value='$URL'>$name</option>\n"; echo " <option value='$name'>$name</option>\n";
} }
} }
} }
@ -621,13 +621,14 @@ foreach (scandir($SCANSDIR) as $filename) {
<div class="ui label">secondes</div> <div class="ui label">secondes</div>
</div> </div>
</div> </div>
<!--
<div class="inline field"> <div class="inline field">
<div class="ui toggle checkbox"> <div class="ui toggle checkbox">
<input id="sudoCheckbox" type="checkbox" name="sudo" <?= $options["sudo"] ?? false ? 'checked' : ''; ?>/> <input id="sudoCheckbox" type="checkbox" name="sudo" <?= $options["sudo"] ?? false ? 'checked' : ''; ?>/>
<label for="sudoCheckbox" title="sudo">Exécuter en tant qu'administrateur</label> <label for="sudoCheckbox" title="sudo">Exécuter en tant qu'administrateur</label>
</div> </div>
</div> </div>
-->
</div> </div>
</div> </div>
@ -641,23 +642,17 @@ foreach (scandir($SCANSDIR) as $filename) {
<button type="submit" class="ui teal submit button">Démarrer</button> <button type="submit" class="ui teal submit button">Démarrer</button>
</form> </form>
<h2 class="ui header">Derniers scans</h2> <h2 class="ui header">Scans enregistrés</h2>
<div class="ui relaxed list"> <div class="ui link list">
<?php <?php
if (!file_exists($SCANSDIR)) { if (file_exists($SCANSDIR)) {
mkdir($SCANSDIR); foreach (scandir($SCANSDIR) as $filename) {
} if (substr($filename, -4) == '.xml') {
$scans = []; $name = str_replace('!', '/', substr_replace($filename, '', -4));
foreach (scandir($SCANSDIR) as $filename) { echo "<a class='item' href='$SCANSDIR/".rawurlencode($filename)."'>$name</a>\n";
if (substr($filename, -4) == '.xml') { }
$scans[$filename] = filemtime("$SCANSDIR/$filename");
} }
} }
arsort($scans);
foreach ($scans as $filename => $date) {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo " <div class='item'><a class='header' href='$SCANSDIR/".rawurlencode($filename)."'>$name</a><div class='description'>".date(DATE_RFC7231, $date)."</div></div>\n";
}
?> ?>
</div> </div>
</main> </main>
@ -768,6 +763,15 @@ foreach ([$DATADIR, $NMAPDIR] as $dir) {
newScanForm.onsubmit = function(event) { newScanForm.onsubmit = function(event) {
if (this.checkValidity()) { if (this.checkValidity()) {
newScanForm.classList.add("loading") newScanForm.classList.add("loading")
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
return true return true
} else { } else {
event.preventDefault() event.preventDefault()

26
scan.php
View File

@ -3,14 +3,17 @@
include_once 'config.php'; include_once 'config.php';
include_once 'filter_inputs.php'; include_once 'filter_inputs.php';
$options["--datadir"] = $DATADIR; $options["--stylesheet"] = "$BASEDIR/$TEMPLATESDIR/${options["--stylesheet"]}.xsl#";
$options["--script-args-file"] = $SCRIPTARGS; if (isset($options["name"])) {
$options["--stylesheet"] .= "name=" . rawurlencode($options["name"]) . "&";
}
if (isset($options["original"])) {
$options["--stylesheet"] .= "original=" . rawurlencode($options["original"]) . "&";
}
if (isset($options["refreshPeriod"])) {
$options["--stylesheet"] .= "refreshPeriod={$options["refreshPeriod"]}&";
}
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
if (!$options["name"]) $options["name"] = str_replace('/', '!', $targets);
//$command = ($options["sudo"]?? false ? "sudo " : "") . "nmap";
$args = ""; $args = "";
foreach ($options as $option => $value) { foreach ($options as $option => $value) {
if (substr($option, 0, 1) == '-') { if (substr($option, 0, 1) == '-') {
@ -30,9 +33,14 @@ foreach ($options as $option => $value) {
} }
} }
$path = "$SCANSDIR/{$options["name"]}.xml";
$command = "nmap $args -oX - $targets | tee '$path'"; $command = "$NMAP $args -oX - $targets";
if (isset($options["name"])) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$path = "$SCANSDIR/{$options["name"]}.xml";
$command .= " | tee '$path'";
}
header('Content-type: text/xml'); header('Content-type: text/xml');
system($command, $retcode); system($command, $retcode);

0
script-args.ini Normal file
View File

0
datadir/scripts/README.md → scripts/README.md
View File

0
datadir/scripts/http-info.nse → scripts/http-info.nse
View File

0
datadir/scripts/smb-shares-size.nse → scripts/smb-shares-size.nse
View File

2
templates/cards.xsl
View File

@ -19,7 +19,7 @@
<xsl:param name="sudo" select="false"/> <xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/> <xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/> <xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/> <xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/> <xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison"> <xsl:variable name="nextComparison">

4
templates/compact.xsl
View File

@ -19,7 +19,7 @@
<xsl:param name="sudo" select="false"/> <xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/> <xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/> <xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/> <xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/> <xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison"> <xsl:variable name="nextComparison">
@ -51,7 +51,7 @@
<xsl:with-param name="sudo" select="$sudo"/> <xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates> </xsl:apply-templates>
<main class="ui container"> <main class="ui wide container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1> <h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<div class="form"> <div class="form">

2
templates/hostScan.xsl
View File

@ -19,7 +19,7 @@
<xsl:param name="sudo" select="false"/> <xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/> <xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/> <xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/> <xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/> <xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison"> <xsl:variable name="nextComparison">

6
templates/lanScan.xsl
View File

@ -16,10 +16,10 @@
<xsl:param name="thisURL" select=""/> <xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/> <xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/> <xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/> <xsl:param name="sudo" select="false()"/>
<xsl:variable name="current" select="./nmaprun"/> <xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/> <xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/> <xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/> <xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison"> <xsl:variable name="nextComparison">
@ -51,7 +51,7 @@
<xsl:with-param name="sudo" select="$sudo"/> <xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates> </xsl:apply-templates>
<main class="ui main wide container"> <main class="ui main container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1> <h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table"> <table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">