adrien/lanScan3
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: adrien:570e8f2252fe980e18c99b090d474a93d630584c
Branches Tags
adrien:master
...
compare: adrien:master
Branches Tags
adrien:master

90 Commits
570e8f2252 ... master

Author SHA1 Message Date
adrien
b445d08ce1 outch 2025-01-27 18:47:38 +01:00
adrien
e2c1c6604e WIP 2025-01-24 17:38:33 +01:00
adrien
a593148c38 add --defeat-rst-ratelimit 2024-12-04 16:26:58 +01:00
adrien
d45b05941f putain de point virgule 2024-11-26 15:18:01 +01:00
adrien
e423273752 save if name only 2024-11-26 15:15:12 +01:00
adrien
0c72ceb620 system 2024-11-25 18:02:54 +01:00
adrien
dc8fa57c0f fix ' in message 2024-11-25 15:17:12 +01:00
adrien
53679e2098 fixed navbar 2024-11-25 11:25:40 +01:00
adrien
8cd0ba066f rrr 2024-10-23 19:39:19 +02:00
adrien
602c1fc7f3 rename script-arg-file 2024-10-23 19:39:00 +02:00
adrien
06eb33187b ignore script-args-file.ini 2024-10-23 19:19:28 +02:00
adrien
43d2df7850 script-args-file.ini 2024-10-23 19:18:59 +02:00
adrien
9d7f526080 use shortport.http 2024-10-23 19:10:56 +02:00
adrien
80dc329353 https 2024-10-23 19:02:13 +02:00
adrien
81652e25c9 ignore password 2024-10-23 15:48:28 +02:00
adrien
4e14da1860 script-arg-file.ini 2024-10-23 15:46:59 +02:00
adrien
8e5f010da0 rename saveAs to name 2024-10-23 15:17:03 +02:00
adrien
df4648e12a f*cking css 2024-10-23 14:02:05 +02:00
adrien
154d731e55 use service template 2024-10-22 23:24:08 +02:00
adrien
2ef0421078 unfixed menu 2024-10-22 17:57:11 +02:00
adrien
f2acc56ef7 smb-shares-size template 2024-10-22 17:55:31 +02:00
adrien
1d5bb5446d move script arg file 2024-10-22 16:38:01 +02:00
adrien
7790369ac1 return to bin.pack 2024-10-22 15:50:19 +02:00
adrien
bfb7788df0 rawurlencode on $thisURL 2024-10-22 02:09:59 +02:00
adrien
c174b3a142 fix renaming 2024-10-22 01:52:34 +02:00
adrien
1a0bb6abf5 clearable 2024-10-22 01:50:37 +02:00
adrien
c01cfb631b renaming 2024-10-22 01:26:34 +02:00
adrien
f1bb88abec rename compareWith to original 2024-10-22 01:07:08 +02:00
adrien
f2af893303 more options 2024-10-22 00:35:00 +02:00
adrien
8865da906d hostgroup 2024-10-21 23:56:32 +02:00
adrien
f05edd0fc7 RTTDuration 2024-10-21 22:59:52 +02:00
adrien
2eda5ca9c9 change options icon 2024-10-21 22:31:28 +02:00
adrien
68a98fb5a5 more options 2024-10-21 01:14:22 +02:00
adrien
7bddbd3e10 fix nav 2024-10-20 17:58:53 +02:00
adrien
0b59c94f52 export nav 2024-10-20 17:35:37 +02:00
adrien
bd8e988444 export head 2024-10-20 15:03:45 +02:00
adrien
cadcd37408 export toast 2024-10-20 13:49:04 +02:00
adrien
d8bc7d99fb update cards 2024-10-20 13:46:35 +02:00
adrien
458c04afa1 remove htmlentities 2024-10-20 13:44:55 +02:00
adrien
f001e1b61d fix url 2024-10-20 13:41:51 +02:00
adrien
db6643b8bb split service label 2024-10-20 12:43:51 +02:00
adrien
a7c67292ed --script-args 2024-10-20 12:33:50 +02:00
adrien
dfd89a5add remove quotes on value 2024-10-20 12:30:09 +02:00
adrien
c6b8005958 split command parsing 2024-10-20 12:22:24 +02:00
adrien
705904fbfa update scripts 2024-10-20 02:36:26 +02:00
adrien
af6dc0a76b portrule 2024-10-20 02:18:46 +02:00
adrien
321935e7a8 align 2024-10-20 02:18:38 +02:00
adrien
baef7123b8 option -T 2024-10-20 01:56:33 +02:00
adrien
f14062fda5 rename var 2024-10-20 01:32:54 +02:00
adrien
b55df2e880 not wide 2024-10-20 00:49:57 +02:00
adrien
5882baf8ae script filter 2024-10-20 00:49:52 +02:00
adrien
dba9e2e9b7 dont include known port on url 2024-10-20 00:29:41 +02:00
adrien
4928b346b3 default 2024-10-18 18:41:15 +02:00
adrien
0c736158aa merge index and options 2024-10-18 16:14:52 +02:00
adrien
17a628cc11 split domain suffix 2024-10-18 15:20:59 +02:00
adrien
b6900bc76a templates 2024-10-18 15:08:49 +02:00
adrien
c3ed9f9fc2 reorg 2024-10-18 14:47:02 +02:00
adrien
a773e8b8d9 datadir 2024-10-18 12:11:45 +02:00
adrien
54116d27d0 scripts 2024-10-18 02:04:55 +02:00
adrien
887e024f27 add http title 2024-10-18 01:31:04 +02:00
adrien
9f06bd0b66 add personnal scripts 2024-10-18 01:30:05 +02:00
adrien
63dbcb407f more options 2024-10-18 00:39:53 +02:00
adrien
e7b462c033 style 2024-10-17 20:09:26 +02:00
adrien
d39798ea4e title 2024-10-17 16:49:56 +02:00
adrien
88280ac41d update stylesheets 2024-10-17 15:56:32 +02:00
adrien
8c4dda99b5 add -sU 2024-10-17 14:52:20 +02:00
adrien
22de01a01b move nmap scripts to separate git projet nmap-scripts 2024-10-17 11:29:42 +02:00
adrien
1832864505 overflow 2024-10-17 09:00:12 +02:00
adrien
59d0695d1b no services 2024-10-17 08:45:25 +02:00
adrien
4b3634dc67 rename hostsTable 2024-10-17 08:41:50 +02:00
adrien
b3b9db4aa7 compact stylesheet 2024-10-17 03:27:22 +02:00
adrien
3b90e7f6cc move stylesheets to subfolder 2024-10-17 02:19:21 +02:00
adrien
290932a421 rename stylesheet 2024-10-17 00:48:26 +02:00
adrien
9683dd2283 fix options with - 2024-10-17 00:45:59 +02:00
adrien
df5c7e8497 layout 2024-10-16 23:44:47 +02:00
adrien
5e0985e7d6 undo footer 2024-10-16 23:41:46 +02:00
adrien
ff18e2352c footer 2024-10-16 23:38:20 +02:00
adrien
7aeb817c4c footer 2024-10-16 23:32:25 +02:00
adrien
7c4d32c83f cards stylesheet 2024-10-16 23:31:02 +02:00
adrien
4ccd659d63 fix no name 2024-10-16 22:13:48 +02:00
adrien
c2b40b5c71 fix no name 2024-10-16 22:11:04 +02:00
adrien
6fc85431af fix stylesheet value 2024-10-16 22:01:22 +02:00
adrien
18775fb8b1 rename host scan to services details 2024-10-16 21:50:44 +02:00
adrien
9f2826d522 inclure lanScan options in presets 2024-10-16 21:41:57 +02:00
adrien
653bb604f5 args name with "-" 2024-10-16 21:25:02 +02:00
adrien
6c33080785 presets 2024-10-16 20:55:43 +02:00
adrien
a1aeefee47 rename $inputs to $args 2024-10-16 20:15:54 +02:00
adrien
5e76b92b96 targets no longer required 2024-10-16 20:08:49 +02:00
adrien
ec917b4602 sudo in web options 2024-10-16 19:01:44 +02:00
Adrien MALINGREY
260c8f073a config 
Signed-off-by: Adrien MALINGREY <adrien@malingrey.fr>
 2024-10-16 11:52:42 +02:00
26 changed files with 2370 additions and 1654 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1,3 +1,3 @@
scans/
server.php
datadir/script-args.ini
test.php

30
README.md
View File

@ -2,6 +2,32 @@
Scanne le réseau avec `nmap` et affiche les résultats dans une page web.
## Configuration
On peut personnaliser les options prédéfinies pour les scans de réseau ou d'hôte dans le fichier `config.php` :
```php
$presets = [
"default" => [
'-PS' => 'microsoft-ds',
'-F' => true,
'-T' => 5,
'--stylesheet' => "$BASEDIR/templates/lanScan.xsl",
'refreshPeriod' => 60,
'sudo' => false,
],
"host" => [
'-Pn' => true,
'-F' => true,
'-sV' => true,
'-T' => 5,
'--script' => "http-info,smb-shares-size",
'--stylesheet' => "$BASEDIR/templates/hostScan.xsl",
'refreshPeriod' => 60,
'sudo' => true,
],
];
```
## Accès root
Certaines options nécessitent l'accès root.
@ -10,7 +36,3 @@ Pour donner les droits à lanScan sous Linux, installer `sudo` au besoin, puis c
```
www-data ALL = NOPASSWD: /usr/bin/nmap
````
et modifier le fichier `config.php` avec :
```php
$use_sudo = true;
```

47
config.php
View File

@ -1,24 +1,31 @@
<?php
$BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}" . dirname($_SERVER['REQUEST_URI']);
$LANSCAN_OPTIONS = [
'PS' => 'microsoft-ds',
'F' => true,
'T5' => true,
'stylesheet' => "$BASEDIR/lanScan.xsl"
];
$HOSTSCAN_OPTIONS = [
'Pn' => true,
'F' => true,
'sV' => true,
'stylesheet' => "$BASEDIR/hostScan.xsl"
];
$refreshPeriod = 60;
$use_sudo = false;
$port = (($_SERVER['REQUEST_SCHEME'] == "http" && $_SERVER['SERVER_PORT'] == 80) || ($_SERVER['REQUEST_SCHEME'] == "https" && $_SERVER['SERVER_PORT'] == 443)) ? "" : ":{$_SERVER['SERVER_PORT']}";
$BASEDIR = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}$port" . dirname($_SERVER['SCRIPT_NAME']);
$SCANSDIR = 'scans';
$DATADIR = '/usr/share/nmap';
$TEMPLATESDIR = "templates";
$NMAP = 'sudo nmap'; # nmap command, E.g. 'nmap', 'sudo nmap' for root privileges or '/usr/bin/nmap' if not in PATH
$NMAPDIR = dirname(`which nmap`) . "/../share/nmap";
$DATADIR = ".";
$SCRIPTARGS = "script-args.ini";
$presets = [
"default" => [
'-PS' => 'microsoft-ds',
'-F' => true,
'-T' => 5,
'--stylesheet' => "lanScan",
'refreshPeriod' => 60,
#'sudo' => false,
],
"host" => [
'-Pn' => true,
'-F' => true,
'-sV' => true,
'-T' => 5,
'--script' => "http-info,smb-shares-size",
'--stylesheet' => "hostScan",
'refreshPeriod' => 60,
#'sudo' => true,
],
];

228
filter_inputs.php
View File

@ -1,116 +1,124 @@
<?php
$targetsListRegex = "/^[\da-zA-Z-. \/]+$/";
$hostsListRegex = "/^[\da-zA-Z-.,:\/]+$/";
$protocolePortsListRegex = "/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/";
$portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/";
$tempoRegex = "/^\d+[smh]?$/";
$fileNameRegex = '/^[^<>:"\/|?]+$/';
include_once "config.php";
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$lan = filter_input(INPUT_GET, 'lan', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$host = filter_input(INPUT_GET, 'host', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex]]);
$saveAs = filter_input(INPUT_GET, 'saveAs', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $fileNameRegex]]);
$compareWith = filter_input(INPUT_GET, 'compareWith', FILTER_VALIDATE_URL);
$refreshPeriod = filter_input(INPUT_GET, 'refreshPeriod', FILTER_VALIDATE_INT, ['options' => ['min_range' => 0]]) ?? $refreshPeriod;
$targetsListRegex = '/^[\da-zA-Z-. \/]+$/';
$hostsListRegex = '/^[\da-zA-Z-.,:\/]+$/';
$protocolePortsListRegex = '/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*$/';
$portsListRegex = '/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/';
$tempoRegex = '/^\d+[smh]?$/';
$fileNameRegex = '/^[^<>:\/|?]+$/';
if ($lan) {
$targets = $lan;
$inputs = $LANSCAN_OPTIONS;
} else if ($host) {
$targets = $host;
$inputs = $HOSTSCAN_OPTIONS;
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => $targetsListRegex], "flags" => FILTER_NULL_ON_FAILURE]);
$preset = filter_input(INPUT_GET, "preset", FILTER_SANITIZE_STRING);
if ($preset && isset($presets[$preset])) {
$options = $presets[$preset];
} else {
$inputs = filter_input_array(INPUT_GET, [
'iR' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sP' => FILTER_VALIDATE_BOOLEAN,
'P0' => FILTER_VALIDATE_BOOLEAN,
'Pn' => FILTER_VALIDATE_BOOLEAN,
'PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'PE' => FILTER_VALIDATE_BOOLEAN,
'PP' => FILTER_VALIDATE_BOOLEAN,
'PM' => FILTER_VALIDATE_BOOLEAN,
'PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'PR' => FILTER_VALIDATE_BOOLEAN,
'send-ip' => FILTER_VALIDATE_BOOLEAN,
'n' => FILTER_VALIDATE_BOOLEAN,
'R' => FILTER_VALIDATE_BOOLEAN,
'dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'sS' => FILTER_VALIDATE_BOOLEAN,
'sT' => FILTER_VALIDATE_BOOLEAN,
'sA' => FILTER_VALIDATE_BOOLEAN,
'sW' => FILTER_VALIDATE_BOOLEAN,
'sM' => FILTER_VALIDATE_BOOLEAN,
'sF' => FILTER_VALIDATE_BOOLEAN,
'sN' => FILTER_VALIDATE_BOOLEAN,
'sX' => FILTER_VALIDATE_BOOLEAN,
'scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]$/"]],
'sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
'sO' => FILTER_VALIDATE_BOOLEAN,
'b' => FILTER_VALIDATE_URL,
'traceroute' => FILTER_VALIDATE_BOOLEAN,
'reason' => FILTER_VALIDATE_BOOLEAN,
'p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'F' => FILTER_VALIDATE_BOOLEAN,
'r' => FILTER_VALIDATE_BOOLEAN,
'top-ports' => FILTER_VALIDATE_INT,
'port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
'sV' => FILTER_VALIDATE_BOOLEAN,
'version-light' => FILTER_VALIDATE_BOOLEAN,
'version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'version-all' => FILTER_VALIDATE_BOOLEAN,
'version-trace' => FILTER_VALIDATE_BOOLEAN,
'O' => FILTER_VALIDATE_BOOLEAN,
'osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'T0' => FILTER_VALIDATE_BOOLEAN,
'T1' => FILTER_VALIDATE_BOOLEAN,
'T2' => FILTER_VALIDATE_BOOLEAN,
'T3' => FILTER_VALIDATE_BOOLEAN,
'T4' => FILTER_VALIDATE_BOOLEAN,
'T5' => FILTER_VALIDATE_BOOLEAN,
'min-hostgroup' => FILTER_VALIDATE_INT,
'max-hostgroup' => FILTER_VALIDATE_INT,
'min-parallelism' => FILTER_VALIDATE_INT,
'max-parallelism' => FILTER_VALIDATE_INT,
'min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-retries' => FILTER_VALIDATE_INT,
'host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'f' => FILTER_VALIDATE_INT,
'mtu' => FILTER_VALIDATE_INT,
'D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'S' => ['filter' => FILTER_VALIDATE_IP],
'e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]],
'g' => FILTER_VALIDATE_INT,
'source-port' => FILTER_VALIDATE_INT,
'data-length' => FILTER_VALIDATE_INT,
'ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
'ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'spoof-mac' => FILTER_VALIDATE_MAC,
'badsum' => FILTER_VALIDATE_BOOLEAN,
//'6' => FILTER_VALIDATE_BOOLEAN,
'A' => FILTER_VALIDATE_BOOLEAN,
'send-eth' => FILTER_VALIDATE_BOOLEAN,
'privileged' => FILTER_VALIDATE_BOOLEAN,
'V' => FILTER_VALIDATE_BOOLEAN,
'unprivileged' => FILTER_VALIDATE_BOOLEAN,
'h' => FILTER_VALIDATE_BOOLEAN,
'stylesheet' => FILTER_VALIDATE_URL,
], false) ?: $LANSCAN_OPTIONS;
$options = filter_input_array(INPUT_GET, [
// TARGET SPECIFICATION:
'-iR' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// HOST DISCOVERY:
'-sL' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-sP' => FILTER_VALIDATE_BOOLEAN,
'-P0' => FILTER_VALIDATE_BOOLEAN,
'-Pn' => FILTER_VALIDATE_BOOLEAN,
'-PS' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PA' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PU' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-PE' => FILTER_VALIDATE_BOOLEAN,
'-PP' => FILTER_VALIDATE_BOOLEAN,
'-PM' => FILTER_VALIDATE_BOOLEAN,
'-PO' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'-PR' => FILTER_VALIDATE_BOOLEAN,
'--send-ip' => FILTER_VALIDATE_BOOLEAN,
'-n' => FILTER_VALIDATE_BOOLEAN,
'-R' => FILTER_VALIDATE_BOOLEAN,
'--dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
// SCAN TECHNIQUES:
'-sS' => FILTER_VALIDATE_BOOLEAN,
'-sT' => FILTER_VALIDATE_BOOLEAN,
'-sA' => FILTER_VALIDATE_BOOLEAN,
'-sW' => FILTER_VALIDATE_BOOLEAN,
'-sM' => FILTER_VALIDATE_BOOLEAN,
'-sF' => FILTER_VALIDATE_BOOLEAN,
'-sN' => FILTER_VALIDATE_BOOLEAN,
'-sX' => FILTER_VALIDATE_BOOLEAN,
'-sU' => FILTER_VALIDATE_BOOLEAN,
'--scanflags' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]$/']],
'-sI' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-zA-Z\d:.-]+(:\d+)?$/']],
'-sO' => FILTER_VALIDATE_BOOLEAN,
'-b' => FILTER_VALIDATE_URL,
'--traceroute' => FILTER_VALIDATE_BOOLEAN,
'--reason' => FILTER_VALIDATE_BOOLEAN,
// PORT SPECIFICATION AND SCAN ORDER:
'-p' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
'-F' => FILTER_VALIDATE_BOOLEAN,
'-r' => FILTER_VALIDATE_BOOLEAN,
'--top-ports' => FILTER_VALIDATE_INT,
'--port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
// SERVICE/VERSION DETECTION:
'-sV' => FILTER_VALIDATE_BOOLEAN,
'--version-light' => FILTER_VALIDATE_BOOLEAN,
'--version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
'--version-all' => FILTER_VALIDATE_BOOLEAN,
'--version-trace' => FILTER_VALIDATE_BOOLEAN,
// SCRIPT SCAN:
'-sC' => FILTER_VALIDATE_BOOLEAN,
'--script' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z][a-z0-9,\-\.\/]*$/']],
'--script-args' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^([a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?)$/']],
// OS DETECTION:
'-O' => FILTER_VALIDATE_BOOLEAN,
'--osscan-limit' => FILTER_VALIDATE_BOOLEAN,
'--osscan-guess' => FILTER_VALIDATE_BOOLEAN,
'--max-os-tries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
// TIMING AND PERFORMANCE:
'-T' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 5]],
'--min-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-hostgroup' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--max-parallelism' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--min-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-retries' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'--host-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
'--max-scan-delay' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
// FIREWALL/IDS EVASION AND SPOOFING:
'-f' => FILTER_VALIDATE_INT,
'--mtu' => FILTER_VALIDATE_INT,
'-D' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
'-S' => ['filter' => FILTER_VALIDATE_IP],
'-e' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^[a-z\d]+$/']],
'-g' => FILTER_VALIDATE_INT,
'--source-port' => FILTER_VALIDATE_INT,
'--data-length' => FILTER_VALIDATE_INT,
'--ip-options' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => '/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/']],
'--ttl' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
'--spoof-mac' => FILTER_VALIDATE_MAC,
'--badsum' => FILTER_VALIDATE_BOOLEAN,
// MISC:
// '6' => FILTER_VALIDATE_BOOLEAN,
'-A' => FILTER_VALIDATE_BOOLEAN,
'--send-eth' => FILTER_VALIDATE_BOOLEAN,
'--privileged' => FILTER_VALIDATE_BOOLEAN,
'-V' => FILTER_VALIDATE_BOOLEAN,
'--unprivileged' => FILTER_VALIDATE_BOOLEAN,
'-h' => FILTER_VALIDATE_BOOLEAN,
'--stylesheet' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
// lanScan
'name' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $fileNameRegex]],
'originalURL' => FILTER_VALIDATE_URL,
'refreshPeriod' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0]],
'sudo' => FILTER_VALIDATE_BOOLEAN,
], false) ?: $presets["default"];
}
$options["--datadir"] = $DATADIR;
$options["--script-args-file"] = $SCRIPTARGS;
/*echo "<!--";
var_dump($options);
echo "-->\n";*/

443
hostScan.xsl
View File

@ -1,443 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="saveAs" select=""/>
<xsl:param name="compareWith" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/..')"/>
<xsl:variable name="init" select="document($compareWith)/nmaprun"/>
<xsl:variable name="nextCompareWith">
<xsl:choose>
<xsl:when test="$saveAs"><xsl:value-of select="$saveAs"/></xsl:when>
<xsl:when test="$compareWith"><xsl:value-of select="$compareWith"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<xsl:variable name="refreshURL">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>compareWith=</xsl:text>
<xsl:value-of select="$nextCompareWith"/>
</xsl:variable>
<html lang="fr">
<head>
<meta charset="utf-8"/>
<xsl:if test="$refreshPeriod > 0">
<meta http-equiv="refresh">
<xsl:attribute name="content">
<xsl:value-of select="$refreshPeriod"/>
<xsl:text>;URL=</xsl:text>
<xsl:value-of select="$refreshURL"/>
</xsl:attribute>
</meta>
</xsl:if>
<title>
<xsl:text>lanScan - </xsl:text>
<xsl:value-of select="$targets"/>
</title>
<link rel="icon" href="{$basedir}/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css"/>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css"/>
<link href="https://cdn.datatables.net/v/dt/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/fh-4.0.1/r-3.0.3/cr-2.0.4/datatables.css" rel="stylesheet"/>
<link href="{$basedir}/style.css" rel="stylesheet" type="text/css"/>
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/pdfmake.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/v/dt/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/fh-4.0.1/r-3.0.3/cr-2.0.4/datatables.js"></script>
</head>
<body>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href="{$basedir}">
<xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><defs id="defs206"/><g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)"><g id="g147"><g id="g145"><path d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z" id="path143"/></g></g><g id="g153"><g id="g151"><path d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z" id="path149"/></g></g><g id="g159"><g id="g157"><path d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z" id="path155"/></g></g><g id="g165"><g id="g163"><rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161"/></g></g><g id="g171"><g id="g169"><rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167"/></g></g><g id="g173"></g><g id="g175"></g><g id="g177"></g><g id="g179"></g><g id="g181"></g><g id="g183"></g><g id="g185"></g><g id="g187"></g><g id="g189"></g><g id="g191"></g><g id="g193"></g><g id="g195"></g><g id="g197"></g><g id="g199"></g><g id="g201"></g></g></svg>
<xsl:text>can</xsl:text>
</a>
<form id="lanScanForm" class="right menu" onsubmit="targetsInputDiv.classList.add('loading')">
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" oninput="hiddenInput.value=this.value" required=""
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<i class="satellite dish icon"></i>
</div>
<input type="hidden" name="compareWith" value="{$nextCompareWith}"/>
<input type="hidden" name="refreshPeriod" value="{$refreshPeriod}"/>
<button style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php"></button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/scan.php" onclick="this.getElementsByTagName('i')[0].className = 'loading spinner icon'">
<i class="sync icon"></i>
</button>
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<main class="ui main container">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
DataTable.ext.type.detect.unshift(function (d) {
return /[\d]+\.[\d]+\.[\d]+\.[\d]+/.test(d)
? 'ipv4-address'
: null;
});
DataTable.ext.type.order['ipv4-address-pre'] = function (ipAddress) {
[a, b, c, d] = ipAddress.split(".").map(Number)
return 16777216*a + 65536*b + 256*c + d;
};
var table = $('#scanResultsTable').DataTable({
buttons : ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu : [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
colReorder: true,
buttons : ['copy', 'excel', 'pdf']
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
<xsl:if test="runstats/finished/@summary">
$.toast({
title : '<xsl:value-of select="runstats/finished/@exit"/>',
message : '<xsl:value-of select="runstats/finished/@summary"/>',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="runstats/finished/@errormsg">
$.toast({
title : '<xsl:value-of select="runstats/finished/@exit"/>',
message : '<xsl:value-of select="runstats/finished/@errormsg"/>',
showIcon : 'exclamation triangle',
class : 'error',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="$init">
$.toast({
message : 'Comparaison avec les résultats du <xsl:value-of select="$init/runstats/finished/@timestr"/>',
class : 'info',
showIcon : 'calendar',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
hiddenButton.onclick = function(event) {
targetsInputDiv.classList.add('loading')
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
refreshButton.onclick = function(event) {
refreshButton.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
function hostScanning(link) {
link.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<h1 class="ui header">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
<div class="sub header"><xsl:value-of select="address/@addr"/></div>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Protocole</th>
<th>Port</th>
<th>Service</th>
<th>Produit</th>
<th>Version</th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:sort select="@portid" order="ascending"/>
</xsl:apply-templates>
</tbody>
</table>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">negative</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">warning</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">positive</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">positive</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">warning</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
<xsl:when test="$currentHost/status/@state='up'">positive</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<div>
<xsl:attribute name="class">
<xsl:text>ui mini circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentPort/state/@state"/>
</div>
</td>
<td>
<xsl:value-of select="@protocol"/>
</td>
<td>
<xsl:value-of select="@portid"/>
</td>
<td>
<a>
<xsl:attribute name="class">
<xsl:text>ui mini button </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href">
<xsl:choose>
<xsl:when test="service/@name='http' and service/@tunnel='ssl'">
<xsl:text>https</xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:text>://</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:value-of select="service/@name"/>
</a>
</td>
<td>
<xsl:value-of select="service/@product"/>
</td>
<td>
<xsl:value-of select="service/@version"/>
</td>
</tr>
</xsl:template>
<xsl:template name="optionsList">
<xsl:param name="argList" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="nextArgs" select="substring-after($argList, ' -')"/>
<xsl:variable name="argAndValue">
<xsl:choose>
<xsl:when test="$nextArgs">
<xsl:value-of select="substring-before($argList, ' -')"/>
</xsl:when>
<xsl:otherwise><xsl:value-of select="$argList"/></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, '-')">
<xsl:choose>
<xsl:when test="contains($argAndValue, ' ')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring(substring-before($argAndValue, ' '), 2)"/>
<xsl:with-param name="value" select="substring-after($argAndValue, ' ')"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 2)"/>
<xsl:with-param name="value" select="on"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:otherwise>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, 'P') or starts-with($argAndValue, 's') or starts-with($argAndValue, 'o')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 2)"/>
<xsl:with-param name="value" select="substring($argAndValue, 3)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 1)"/>
<xsl:with-param name="value" select="substring($argAndValue, 2)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$nextArgs">
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="$nextArgs"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:if>
</xsl:template>
<xsl:template name="input">
<xsl:param name="name"/>
<xsl:param name="value" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:choose>
<xsl:when test="$asURL">
<xsl:value-of select="$name"/>
<xsl:text>=</xsl:text>
<xsl:choose>
<xsl:when test="$value"><xsl:value-of select="$value"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
<xsl:text>&amp;</xsl:text>
</xsl:when>
<xsl:otherwise>
<input type="hidden" name="{$name}">
<xsl:attribute name="value">
<xsl:choose>
<xsl:when test="$value"><xsl:value-of select="$value"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</input>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>

773
index.php
View File

@ -11,7 +11,8 @@ include_once 'filter_inputs.php';
<link rel="icon" href="favicon.ico" />
<script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<link rel="stylesheet" type="text/css"
href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
@ -23,63 +24,761 @@ include_once 'filter_inputs.php';
<a class="ui teal button item" href=".">
lan<?php include 'logo.svg'; ?>can
</a>
<form id="lanScanForm" class="right menu">
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="lan" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
<i class="satellite dish icon"></i>
</div>
<button id="hiddenButton" style="display: none;" type="submit" formmethod="get" formaction="scan.php"></button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
<div class="right menu">
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</div>
</nav>
<main class="ui main container">
<h1 class="ui header">Scans enregistrés</h1>
<div class="ui large relaxed card">
<?php if(isset($errorMessage)) { ?>
<div class="ui negative message">
<i class="close icon"></i>
<div class="header">Erreur</div>
<p><?=$errorMessage?></p>
</div>
<?php } ?>
<h1 class="header">Scanner un <?=$preset == "host"? "hôte" : "réseau" ?></h1>
<form id="newScanForm" class="ui form" method="get" action="scan.php">
<div class="field">
<label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles"
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div>
<div class="ui styled fluid accordion field">
<div class="title"><i class="icon dropdown"></i>Spécification des cibles</div>
<div class="content">
<div class="ui divided link list">
<div class="field">
<label for="excludeInput" title="--exclude">Exclure les hôtes ou réseaux</label>
<input id="excludeInput" type="text" name="--exclude" placeholder="Hôte/réseau" list="targetsList"
pattern="[a-zA-Z0-9._\/,\-]*" value="<?= $options['--exclude'] ?? "" ?>">
</div>
<div class="field">
<label for="iRInput" title="-iR">Nombre de cibles au hasard</label>
<input id="iRInput" type="number" min="0" name="-iR" placeholder="Nombre"
value="<?= $options['-iR'] ?? "" ?>">
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Découverte des hôtes actifs</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox">
<input id="PnCheckbox" type="checkbox" name="-Pn" <?= $options['-Pn'] ?? false ? 'checked' : ''; ?> />
<label for="PnCheckbox" title="-Pn">Sauter cette étape (considérer tous les hôtes comme actifs)</label>
</div>
</div>
<div class="field">
<label for="PSInput" title="-PS">TCP SYN</label>
<input id="PSInput" type="text" name="-PS" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-PS'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label for="PAInput" title="-PA">TCP ACK</label>
<input id="PAInput" type="text" name="-PA" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-PA'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label for="PUInput" title="-PU">UDP</label>
<input id="PUInput" type="text" name="-PU" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-PU'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label>ICMP</label>
<div class="inline fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="PECheckbox" type="checkbox" name="-PE" <?= $options['-PE'] ?? false ? 'checked' : ''; ?> />
<label for="PECheckbox" title="-PE">Echo request</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="PPCheckbox" type="checkbox" name="-PP" <?= $options['-PP'] ?? false ? 'checked' : ''; ?> />
<label for="PPCheckbox" title="-PP">Timestamp request</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="PMCheckbox" type="checkbox" name="-PM" <?= $options['-PM'] ?? false ? 'checked' : ''; ?> />
<label for="PMCheckbox" title="-PM">Mask request</label>
</div>
</div>
</div>
</div>
<div class="field">
<label for="POInput" title="-PO">Protocole IP (par type)</label>
<input id="POInput" type="text" name="-PO" placeholder="Protocole"
pattern="[0-9,\-]+" value="<?= $options['-PO'] ?? "" ?>"
title="[num de protocole]">
</div>
<div class="inline fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="PRCheckbox" type="checkbox" name="-PR" <?= $options['-PR'] ?? false ? 'checked' : ''; ?> />
<label for="PRCheckbox" title="-PR">Ping ARP</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sendIPCheckbox" type="checkbox" name="--send-ip" <?= $options['--send-ip'] ?? false ? 'checked' : ''; ?> />
<label for="sendIPCheckbox" title="--send-ip">Pas de scan ARP</label>
</div>
</div>
</div>
<div class="inline fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="nCheckbox" type="checkbox" name="-n" <?= $options['-n'] ?? false ? 'checked' : ''; ?> />
<label for="nCheckbox" title="-n">Ne jamais résoudre les noms DNS</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="RCheckbox" type="checkbox" name="-R" <?= $options['-R'] ?? false ? 'checked' : ''; ?> />
<label for="nCheckbox" title="-R">Toujours résoudre les noms DNS<br />(par défault seuls les hôtes actifs sont résolus)</label>
</div>
</div>
</div>
<div class="field">
<label for="dnsServersInput" title="--dns-servers">Utiliser les serveurs DNS</label>
<input id="dnsServersInput" type="text" name="--dns-servers" placeholder="serveur"
pattern="[a-zA-Z0-9._,\-]*" value="<?= $options['--dns-servers'] ?? "" ?>"
title="serv1[,serv2],...">
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Techniques de scan de ports</div>
<div class="content">
<div class="field">
<div class="fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="sSCheckbox" type="checkbox" name="-sS" <?= $options['-sS'] ?? false ? 'checked' : ''; ?> />
<label for="sSCheckbox" title="-sS">TCP SYN</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sTCheckbox" type="checkbox" name="-sT" <?= $options['-sT'] ?? false ? 'checked' : ''; ?> />
<label for="sTCheckbox" title="-sT">TCP Connect()</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sACheckbox" type="checkbox" name="-sA" <?= $options['-sA'] ?? false ? 'checked' : ''; ?> />
<label for="sACheckbox" title="-sA">TCP ACK</label>
</div>
</div>
</div>
<div class="fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="sWCheckbox" type="checkbox" name="-sW" <?= $options['-sW'] ?? false ? 'checked' : ''; ?> />
<label for="sWCheckbox" title="-sW">Fenêtre TCP</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sMCheckbox" type="checkbox" name="-sM" <?= $options['-sM'] ?? false ? 'checked' : ''; ?> />
<label for="sMCheckbox" title="-sM">Maimon</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sNCheckbox" type="checkbox" name="-sN" <?= $options['-sN'] ?? false ? 'checked' : ''; ?> />
<label for="sNCheckbox" title="-sN">TCP Null</label>
</div>
</div>
</div>
<div class="fields">
<div class="field">
<div class="ui toggle checkbox">
<input id="sFCheckbox" type="checkbox" name="-sF" <?= $options['-sF'] ?? false ? 'checked' : ''; ?> />
<label for="sFCheckbox" title="-sF">TCP FIN</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sXCheckbox" type="checkbox" name="-sX" <?= $options['-sX'] ?? false ? 'checked' : ''; ?> />
<label for="sXCheckbox" title="-sX">Sapin de Noël</label>
</div>
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sUCheckbox" type="checkbox" name="-sU" <?= $options['-sU'] ?? false ? 'checked' : ''; ?> />
<label for="sUCheckbox" title="-sU">UDP</label>
</div>
</div>
</div>
<div class="field">
<label for="scanflagsInput" title="--scanflags">Scan TCP personnalisé</label>
<input id="scanflagsInput" type="text" name="--scanflags" placeholder="Drapeaux TCP" list="flagsList"
pattern="(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]" value="<?= $options['--scanflags'] ?? "" ?>"
title="Mélanger simplement les drapeaux URG, ACK, PSH, RST, SYN et FIN.">
</div>
<div class="field">
<label for="sIInput" title="-sI">Hôte zombie</label>
<input id="sIInput" type="text" name="-p" placeholder="zombie host[:probeport]"
pattern="[a-zA-Z0-9._\-]+(:[0-9]+)?" value="<?= $options['-sI'] ?? "" ?>"
title="zombie host[:probeport]">
</div>
<div class="field">
<label for="bInput" title="-b">Rebond FTP</label>
<input id="bInput" type="text" name="-p" placeholder="[<username>[:<password>]@]<server>[:<port>]"
pattern="([a-zA-Z0-9._\-]+(:.+)?@)?[a-zA-Z0-9._\-]+(:[0-9]+)?" value="<?= $options['-b'] ?? "" ?>"
title="[<username>[:<password>]@]<server>[:<port>]">
</div>
<div class="field">
<div class="ui toggle checkbox">
<input id="sUCheckbox" type="checkbox" name="-sU" <?= $options['-sU'] ?? false ? 'checked' : ''; ?> />
<label for="sUCheckbox" title="-sO">Scan des protocoles supportés par la couche IP</label>
</div>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Spécifications des ports et ordre du scan</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox" title="-sP">
<input id="sPCheckbox" type="checkbox" name="-sP" <?= $options['-sP'] ?? false ? 'checked' : ''; ?> />
<label for="sPCheckbox">Sauter cette étape</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox" title="-F">
<input id="FCheckbox" type="checkbox" name="-F" <?= $options['-F'] ?? false ? 'checked' : ''; ?>
onchange="pInput.disabled = FCheckbox.checked" />
<label for="FCheckbox">Scanner les ports connus</label>
</div>
</div>
<div class="field">
<label for="pInput" title="-p">Scanner les ports</label>
<input id="pInput" type="text" name="-p" placeholder="Ports" list="servicesList" <?= $options['-F'] ?? false ? 'disabled' : ''; ?>
pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="<?= $options['-p'] ?? "" ?>"
title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
</div>
<div class="inline field">
<div class="ui toggle checkbox" title="-r">
<input id="rCheckbox" type="checkbox" name="-r" <?= $options['-r'] ?? false ? 'checked' : ''; ?> />
<label for="rCheckbox">Ne pas mélanger les ports</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Détection de services et de versions</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox" title="-sV">
<input id="sVCheckbox" type="checkbox" name="-sV" <?= $options['-sV'] ?? false ? 'checked' : ''; ?> />
<label for="sVCheckbox">Détection de version</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="allportsCheckbox" type="checkbox" name="--allports" <?= $options['--allports'] ?? false ? 'checked' : ''; ?> />
<label for="allportsCheckbox" title="--allports">N'exclure aucun port de la détection de version</label>
</div>
</div>
<div class="field">
<label for="versionIntensityInput" title="--version-intensity">Intensité des tests de version</label>
<input type="number" min="0" max="9" id="versionIntensityInput" name="--version-intensity" placeholder="0-9"
value="<?= $options["--version-intensity"] ?? "" ?>" title="2: léger, 9: tous, défaut: 7">
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="sRCheckbox" type="checkbox" name="-sR" <?= $options['-sR'] ?? false ? 'checked' : ''; ?> />
<label for="sRCheckbox" title="-sR">Scan RPC</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Scripts</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox">
<input id="sCCheckbox" type="checkbox" name="-sC" <?= $options['-sC'] ?? false ? 'checked' : ''; ?> />
<label for="sCCheckbox" title="-sC">Scripts par défaut</label>
</div>
</div>
<div class="field">
<label for="scriptInput">Scripts</label>
<input id="scriptInput" type="text" name="--script" placeholder="Nom"
title="<catégories|répertoire|nom|all>" list="scripts" pattern="[a-z][a-z0-9\-\.\/]*"
value="<?= $options["--script"] ?? ""; ?>">
</div>
<div class="field">
<label for="scriptArgsInput" title="--script-args">Arguments des scripts</label>
<input id="scriptArgsInput" type="text" name="--script-args" placeholder="arg=valeur"
pattern='[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+(,[a-zA-Z][a-zA-Z0-9\-_]*=[^"]+)?' value="<?= $options['--script-args'] ?? "" ?>"
title="<n1=v1,[n2=v2,...]>">
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="scriptTraceCheckbox" type="checkbox" name="--script-trace" <?= $options['--script-trace'] ?? false ? 'checked' : ''; ?> />
<label for="scriptTraceCheckbox" title="--script-trace">Montrer toutes les données envoyées ou recues</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="scriptUpdateDBCheckbox" type="checkbox" name="--script-updatedb" <?= $options['--script-updatedb'] ?? false ? 'checked' : ''; ?> />
<label for="scriptUpdateDBCheckbox" title="--script-updatedb">Mettre à jour la base de données des scripts</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Détection du système d'exploitation</div>
<div class="content">
<div class="inline field">
<div class="ui toggle checkbox">
<input id="OCheckbox" type="checkbox" name="-O" <?= $options['-O'] ?? false ? 'checked' : ''; ?> />
<label for="OCheckbox" title="-O">Détecter le système d'exploitation</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="osscanLimitCheckbox" type="checkbox" name="--osscan-limit" <?= $options['--osscan-limit'] ?? false ? 'checked' : ''; ?> />
<label for="osscanLimitCheckbox" title="--osscan-limit">Seulement les cibles prometteuses</label>
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="osscanGuessCheckbox" type="checkbox" name="--osscan-guess" <?= $options['--osscan-guess'] ?? false ? 'checked' : ''; ?> />
<label for="osscanGuessCheckbox" title="--osscan-guess">Essayer de deviner</label>
</div>
</div>
<div class="field">
<label for="maxOSTriesInput" title="--max-os-tries">Nombre d'essais maximum</label>
<input type="number" min="0" id="maxOSTriesInput" name="--max-os-tries" placeholder="Nombre"
value="<?= $options["--max-os-tries"] ?? "" ?>">
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Temporisation et performances</div>
<div class="content">
<div class="field">
<label for="TSelect" title="--T">Intensité des tests de version</label>
<select id="TSelect" class="ui clearable dropdown" name="-T" value="<?= $options["-T"] ?? ""?>">
<option value="0"<?=($options["-T"]??"")==0?" selected":""?>>Paranoïaque</option>
<option value="1"<?=($options["-T"]??"")==1?" selected":""?>>Sournois</option>
<option value="2"<?=($options["-T"]??"")==2?" selected":""?>>Poli</option>
<option value="3"<?=($options["-T"]??"")==3?" selected":""?>>Normal</option>
<option value="4"<?=($options["-T"]??"")==4?" selected":""?>>Aggressif</option>
<option value="5"<?=($options["-T"]??"")==5?" selected":""?>>Dément</option>
</select>
</div>
<div class="field">
<label>Tailles des groupes d'hôtes à scanner en parallèle</label>
<div class="two fields">
<div class="field">
<label for="minHostgroupInput" title="--min-hostgroup">Minimum</label>
<input id="minHostgroupInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--min-hostgroup"] ?? "" ?>"
oninput="maxHostgroupInput.min = minHostgroupInput.value">
</div>
<div class="field">
<label for="maxHostgroupInput" title="--max-hostgroup">Maximum</label>
<input id="maxHostgroupInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--max-hostgroup"] ?? "" ?>"
oninput="minHostgroupInput.max = maxHostgroupInput.value">
</div>
</div>
</div>
<div class="field">
<label>Parallélisation des paquets de tests</label>
<div class="two fields">
<div class="field">
<label for="minParallelismInput" title="--min-parallelism">Minimum</label>
<input id="minParallelismInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--min-parallelism"] ?? "" ?>"
oninput="maxParallelismInput.min = minParallelismInput.value">
</div>
<div class="field">
<label for="maxParallelismInput" title="--max-parallelism">Maximum</label>
<input id="maxParallelismInput" type="number" min="0" placeholder="Nombre"
value="<?= $options["--max-parallelism"] ?? "" ?>"
oninput="minParallelismInput.max = maxParallelismInput.value">
</div>
</div>
</div>
<div class="field">
<label>Temps d'aller-retour des paquets de tests</label>
<div class="three fields">
<div class="field">
<label for="initialRTTNumber" title="--initial-rtt-timeout">Initial</label>
<div class="ui right labeled input">
<input type="number" min="0" id="initialRTTNumber" placeholder="Durée"
oninput="initialRTTHidden.value = initialRTTNumber.value? initialRTTNumber.value+initialRTTUnit.value: ''; maxRTTHidden.initial=initialRTTHidden.value"
<?= preg_match("/^\d+/", $options["--initial-rtt-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="initialRTTUnit" class="ui clearable dropdown label"
oninput="initialRTTHidden.value = initialRTTNumber.value? initialRTTNumber.value+initialRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--initial-rtt-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--initial-rtt-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--initial-rtt-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="initialRTTHidden" type="hidden" name="--initial-rtt-timeout"
value="<?= $options["--initial-rtt-timeout"] ?? "" ?>">
</div>
<div class="field">
<label for="minRTTNumber" title="--min-rtt-timeout">Minimum</label>
<div class="ui right labeled input">
<input type="number" min="0" id="minRTTNumber" placeholder="Durée"
oninput="minRTTHidden.value = minRTTNumber.value? minRTTNumber.value+minRTTUnit.value: ''; maxRTTHidden.min=minRTTHidden.value"
<?= preg_match("/^\d+/", $options["--min-rtt-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="minRTTUnit" class="ui clearable dropdown label"
oninput="minRTTHidden.value = minRTTNumber.value? minRTTNumber.value+minRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--min-rtt-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--min-rtt-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--min-rtt-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="minRTTHidden" type="hidden" name="--min-rtt-timeout"
value="<?= $options["--min-rtt-timeout"] ?? "" ?>">
</div>
<div class="field">
<label for="maxRTTNumber" title="--max-rtt-timeout">Maximum</label>
<div class="ui right labeled input">
<input type="number" min="0" id="maxRTTNumber" placeholder="Durée"
oninput="maxRTTHidden.value = maxRTTNumber.value? maxRTTNumber.value+maxRTTUnit.value: ''; minRTTHidden.max=maxRTTHidden.value"
<?= preg_match("/^\d+/", $options["--max-rtt-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="maxRTTUnit" class="ui clearable dropdown label"
oninput="maxRTTHidden.value = maxRTTNumber.value? maxRTTNumber.value+maxRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--max-rtt-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--max-rtt-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--max-rtt-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="maxRTTHidden" type="hidden" name="--max-rtt-timeout"
value="<?= $options["--max-rtt-timeout"] ?? "" ?>">
</div>
</div>
</div>
<div class="field">
<label for="maxRetriesInput" title="--max-retries">Nombre de retransmissions des paquets de tests des scans de ports</label>
<input type="number" min="0" id="maxRetriesInput" name="--max-retries" placeholder="Nombre"
value="<?= $options["--max-retries"] ?? "" ?>">
</div>
<div class="field">
<label for="hostTimoutInput" title="--host-timeout">Délai d'expiration du scan d'un hôte trop lent</label>
<div class="ui right labeled input">
<input type="number" min="0" id="hostTimoutNumber" placeholder="Durée"
oninput="hostTimoutHidden.value = hostTimoutNumber.value? hostTimoutNumber.value+hostTimoutUnit.value: ''"
<?= preg_match("/^\d+/", $options["--host-timeout"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="hostTimoutUnit" class="ui clearable dropdown label"
oninput="hostTimoutHidden.value = hostTimoutNumber.value? hostTimoutNumber.value+hostTimoutUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--host-timeout"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--host-timeout"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--host-timeout"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="hostTimoutHidden" type="hidden" name="--host-timeout"
value="<?= $options["--host-timeout"] ?? "" ?>">
</div>
<div class="two fields">
<div class="field">
<label for="scanDelayNumber" title="--scan-delay">Délai entre les paquets de tests</label>
<div class="ui right labeled input">
<input type="number" min="0" id="scanDelayNumber" placeholder="Durée"
oninput="scanDelayHidden.value = scanDelayNumber.value? scanDelayNumber.value+scanDelayUnit.value: ''"
<?= preg_match("/^\d+/", $options["--scan-delay"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="scanDelayUnit" class="ui clearable dropdown label"
oninput="scanDelayHidden.value = scanDelayNumber.value? scanDelayNumber.value+scanDelayUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--scan-delay"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--scan-delay"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--scan-delay"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="scanDelayHidden" type="hidden" name="--scan-delay"
value="<?= $options["--scan-delay"] ?? "" ?>">
</div>
<div class="field">
<label for="maxScanDelay" title="--max-scan-delay">Maximum</label>
<div class="ui right labeled input">
<input type="number" min="0" id="maxScanDelay" placeholder="Durée"
oninput="maxRTTHidden.value = maxScanDelay.value? maxScanDelay.value+maxRTTUnit.value: ''"
<?= preg_match("/^\d+/", $options["--max-scan-delay"] ?? "", $matches) ? "value='{$matches[0]}'" : "" ?>>
<select id="maxRTTUnit" class="ui clearable dropdown label"
oninput="maxRTTHidden.value = maxScanDelay.value? maxScanDelay.value+maxRTTUnit.value: ''">
<option value="">ms</option>
<option value="s" <?=substr($options["--max-scan-delay"]??"", -1)=="s"?"selected":"" ?>>secondes</option>
<option value="m" <?=substr($options["--max-scan-delay"]??"", -1)=="m"?"selected":"" ?>>minutes</option>
<option value="h" <?=substr($options["--max-scan-delay"]??"", -1)=="h"?"selected":"" ?>>heures</option>
</select>
</div>
<input id="maxRTTHidden" type="hidden" name="--max-scan-delay"
value="<?= $options["--max-scan-delay"] ?? "" ?>">
</div>
</div>
<div class="inline field">
<div class="ui toggle checkbox">
<input id="defeatRSTRateLimitCheckbox" type="checkbox" name="--defeat-rst-ratelimit" <?= $options['--defeat-rst-ratelimit'] ?? false ? 'checked' : ''; ?> />
<label for="defeatRSTRateLimitCheckbox" title="--defeat-rst-ratelimit">Ignorer les limitations de paquets RST</label>
</div>
</div>
</div>
<div class="title"><i class="icon dropdown"></i>Divers</div>
<div class="content">
<div class="field">
<label for="stylesheetSelect" title="--stylesheet">Feuille de style</label>
<select id="stylesheetSelect" class="ui dropdown" name="--stylesheet" value="<?= $options["--stylesheet"] ?? ""?>">
<?php
if (!file_exists($SCANSDIR)) {
mkdir($SCANSDIR);
foreach (scandir($TEMPLATESDIR) as $filename) {
if (substr($filename, -4) === '.xsl') {
$name = substr($filename, 0, -4);
#$URL = rawurlencode($filename);
if (isset($options["--stylesheet"]) && $name == $options["--stylesheet"]) {
echo " <option value='$name' selected>$name</option>\n";
} else {
echo " <option value='$name'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="field">
<label for="originalSelect">Comparer avec un précédent scan</label>
<select id="originalSelect" class="ui clearable dropdown" name="original" value="<?= $options["original"] ?? "" ?>">
<option value="">Précédent scan</option>
<?php
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4);
#$URL = "$BASEDIR/$SCANSDIR/".rawurlencode($filename);
if (isset($options["original"]) && $name == $options["original"]) {
echo " <option value='$name' selected>$name</option>\n";
} else {
echo " <option value='$name'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="field">
<label for="refreshPeriodInput">Rafraîchir toutes les</label>
<div class="ui right labeled input">
<input id="refreshPeriodInput" type="number" min="0" name="refreshPeriod" placeholder="Période"
value="<?= $options["refreshPeriod"] ?? "" ?>">
<div class="ui label">secondes</div>
</div>
</div>
<!--
<div class="inline field">
<div class="ui toggle checkbox">
<input id="sudoCheckbox" type="checkbox" name="sudo" <?= $options["sudo"] ?? false ? 'checked' : ''; ?>/>
<label for="sudoCheckbox" title="sudo">Exécuter en tant qu'administrateur</label>
</div>
</div>
-->
</div>
</div>
<div class="field">
<label for="nameInput">Enregistrer sous le nom</label>
<input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
title="Caractères interdits : &lt;&gt;:&quot;\/|@?"
value="<?= $options["name"] ?? ""; ?>">
</div>
<button type="submit" class="ui teal submit button">Démarrer</button>
</form>
<h2 class="ui header">Scans enregistrés</h2>
<div class="ui link list">
<?php
if (file_exists($SCANSDIR)) {
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) == '.xml') {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo "<a class='item' href='".htmlentities("$SCANSDIR/$filename", ENT_QUOTES)."'>$name</a>\n";
echo "<a class='item' href='$SCANSDIR/".rawurlencode($filename)."'>$name</a>\n";
}
}
}
?>
</div>
</div>
</div>
<script>
hiddenButton.onclick = (event) => {
targetsInputDiv.classList.add('loading')
$.toast({
title: 'Scan en cours...',
message: 'Merci de patienter',
class: 'info',
showIcon: 'satellite dish',
displayTime: 0,
closeIcon: true,
position: 'bottom right',
})
}
</script>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<datalist id='targetsList'>
<option value="<?= $_SERVER['REMOTE_ADDR']; ?>/24"></option>
<option value="<?= $_SERVER['SERVER_NAME']; ?>"></option>
</datalist>
<datalist id='servicesList'>
<?php
$services = [];
foreach ([$DATADIR, $NMAPDIR] as $dir) {
echo "<!-- $nmap_services -->\n";
if (file_exists("$dir/nmap-services")) {
$nmap_services = file("$dir/nmap-services");
foreach ($nmap_services as $service) {
if (0 !== strpos($service, '#')) {
[$name, $port] = explode("\t", $service);
$services[$name] = explode("/", $port);
}
}
}
}
foreach ($services as $name => [$portid, $protocol]) {
echo " <option value='$name'></option>\n";
}
?>
</datalist>
<datalist id="flagsList">
<option value="URG"></option>
<option value="ACK"></option>
<option value="PSH"></option>
<option value="RST"></option>
<option value="SYN"></option>
<option value="FIN"></option>
</datalist>
<datalist id="scripts">
<!-- categories -->
<option value="auth"></option>
<option value="broadcast"></option>
<option value="brute"></option>
<option value="default"></option>
<option value="ddiscovery"></option>
<option value="dos"></option>
<option value="exploit"></option>
<option value="external"></option>
<option value="fuzzer"></option>
<option value="intrusive"></option>
<option value="malware"></option>
<option value="safe"></option>
<option value="version"></option>
<option value="vuln"></option>
<!-- names -->
<?php
foreach ([$DATADIR, $NMAPDIR] as $dir) {
foreach (scandir("$dir/scripts") as $filename) {
if (substr($filename, -4) === '.nse') {
$name = substr($filename, 0, -4);
echo " <option value='$name'></option>\n";
}
}
}
?>
</datalist>
<script>
class TagsInput extends Tagify {
constructor(input, options={}, delim = ",") {
if (!options.delimiters) options.delimiters = " |,"
if (!options.originalInputValueFormat) options.originalInputValueFormat = tags => tags.map(tag => tag.value).join(delim)
if (input.list) options.whitelist = Array.from(input.list.options).map(option => option.value)
super(input, options)
}
}
$(".ui.accordion").accordion()
$(".ui.clearable.dropdown").dropdown({
clearable: true
})
$(".ui:not(.clearable).dropdown").dropdown({
clearable: false
})
new TagsInput(targetsInput, {}, " ")
new TagsInput(excludeInput)
new TagsInput(PSInput)
new TagsInput(PAInput)
new TagsInput(PUInput)
new TagsInput(POInput)
var pTagsInput = new TagsInput(pInput)
FCheckbox.onchange = () => {
pInput.disabled = FCheckbox.checked
pTagsInput.setDisabled(FCheckbox.checked)
}
new TagsInput(dnsServersInput)
new TagsInput(scanflagsInput)
new TagsInput(scriptInput, {enforceWhitelist: true})
new TagsInput(scriptArgsInput, {delimiters: ','})
newScanForm.onsubmit = function(event) {
if (this.checkValidity()) {
newScanForm.classList.add("loading")
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
return true
} else {
event.preventDefault()
this.reportValidity()
}
}
</script>
</body>
</html>

86
index.php.bak Executable file
View File

@ -0,0 +1,86 @@
<?php include_once "config.php"; ?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8" />
<title>lanScan</title>
<link rel="icon" href="favicon.ico" />
<script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<nav class="ui inverted teal menu">
<a class="ui teal button item" href=".">
lan<?php include 'logo.svg'; ?>can
</a>
<form id="lanScanForm" class="right menu">
<input type="hidden" name="preset" value="lan"/>
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets"
pattern="[a-zA-Z0-9._\/ \-]+" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
<i class="satellite dish icon"></i>
</div>
<button id="hiddenButton" style="display: none;" type="submit" formmethod="get" formaction="scan.php"></button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="options.php" onclick="targetsInput.required=false">
<i class="settings icon"></i>
</button>
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<main class="ui main container">
<h1 class="ui header">Scans enregistrés</h1>
<div class="ui large relaxed card">
<div class="content">
<div class="ui divided link list">
<?php
if (!file_exists($SCANSDIR)) {
mkdir($SCANSDIR);
}
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) == '.xml') {
$name = str_replace('!', '/', substr_replace($filename, '', -4));
echo "<a class='item' href='".htmlentities("$SCANSDIR/$filename", ENT_QUOTES)."'>$name</a>\n";
}
}
?>
</div>
</div>
</div>
<script>
hiddenButton.onclick = (event) => {
if (lanScanForm.checkValidity()) {
targetsInputDiv.classList.add('loading')
$.toast({
title: 'Scan en cours...',
message: 'Merci de patienter',
class: 'info',
showIcon: 'satellite dish',
displayTime: 0,
closeIcon: true,
position: 'bottom right',
})
}
}
</script>
</main>
<footer class="ui fixed footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
</body>
</html>

477
lanScan.xsl
View File

@ -1,477 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="savedAs" select=""/>
<xsl:param name="compareWith" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'),'&quot;')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/..')"/>
<xsl:variable name="init" select="document($compareWith)/nmaprun"/>
<xsl:variable name="nextCompareWith">
<xsl:choose>
<xsl:when test="$savedAs"><xsl:value-of select="$savedAs"/></xsl:when>
<xsl:when test="$compareWith"><xsl:value-of select="$compareWith"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<xsl:variable name="refreshURL">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>compareWith=</xsl:text>
<xsl:value-of select="$nextCompareWith"/>
</xsl:variable>
<html lang="fr">
<head>
<meta charset="utf-8"/>
<xsl:if test="$refreshPeriod > 0">
<meta http-equiv="refresh">
<xsl:attribute name="content">
<xsl:value-of select="$refreshPeriod"/>
<xsl:text>;URL=</xsl:text>
<xsl:value-of select="$refreshURL"/>
</xsl:attribute>
</meta>
</xsl:if>
<title>
<xsl:text>lanScan - </xsl:text>
<xsl:value-of select="$targets"/>
</title>
<link rel="icon" href="{$basedir}/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css"/>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css"/>
<link href="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/cr-2.0.4/fc-5.0.3/fh-4.0.1/r-3.0.3/datatables.min.css" rel="stylesheet"/>
<link href="{$basedir}/style.css" rel="stylesheet" type="text/css"/>
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/pdfmake.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/cr-2.0.4/fc-5.0.3/fh-4.0.1/r-3.0.3/datatables.min.js"></script>
</head>
<body>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href="{$basedir}">
<xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><defs id="defs206"/><g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)"><g id="g147"><g id="g145"><path d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z" id="path143"/></g></g><g id="g153"><g id="g151"><path d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z" id="path149"/></g></g><g id="g159"><g id="g157"><path d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z" id="path155"/></g></g><g id="g165"><g id="g163"><rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161"/></g></g><g id="g171"><g id="g169"><rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167"/></g></g><g id="g173"></g><g id="g175"></g><g id="g177"></g><g id="g179"></g><g id="g181"></g><g id="g183"></g><g id="g185"></g><g id="g187"></g><g id="g189"></g><g id="g191"></g><g id="g193"></g><g id="g195"></g><g id="g197"></g><g id="g199"></g><g id="g201"></g></g></svg>
<xsl:text>can</xsl:text>
</a>
<form id="lanScanForm" class="right menu">
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="false()"/>
</xsl:call-template>
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" oninput="hiddenInput.value=this.value" required=""
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<i class="satellite dish icon"></i>
</div>
<input type="hidden" name="compareWith" value="{$nextCompareWith}"/>
<input type="hidden" name="refreshPeriod" value="{$refreshPeriod}"/>
<button id="hiddenButton" style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php"></button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/options.php" onclick="targetsInput.required=false">
<i class="sliders horizontal icon"></i>
</button>
<button id="refreshButton" class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/scan.php">
<i class="sync icon"></i>
</button>
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<main class="ui main container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Adresse IP</th>
<th>Nom</th>
<th>Fabricant</th>
<th class="eight wide">Services</th>
<th>Scanner les services</th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</tbody>
</table>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
DataTable.ext.type.detect.unshift(function (d) {
return /[\d]+\.[\d]+\.[\d]+\.[\d]+/.test(d)
? 'ipv4-address'
: null;
});
DataTable.ext.type.order['ipv4-address-pre'] = function (ipAddress) {
[a, b, c, d] = ipAddress.split(".").map(Number)
return 16777216*a + 65536*b + 256*c + d;
};
var table = $('#scanResultsTable').DataTable({
buttons : ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu : [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
colReorder: true,
buttons : ['copy', 'excel', 'pdf']
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
<xsl:if test="runstats/finished/@summary">
$.toast({
title : '<xsl:value-of select="runstats/finished/@exit"/>',
message : '<xsl:value-of select="runstats/finished/@summary"/>',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="runstats/finished/@errormsg">
$.toast({
title : '<xsl:value-of select="runstats/finished/@exit"/>',
message : '<xsl:value-of select="runstats/finished/@errormsg"/>',
showIcon : 'exclamation triangle',
class : 'error',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="$init">
$.toast({
message : 'Comparaison avec les résultats du <xsl:value-of select="$init/runstats/finished/@timestr"/>',
class : 'info',
showIcon : 'calendar',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
hiddenButton.onclick = function(event) {
targetsInputDiv.classList.add('loading')
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
refreshButton.onclick = function(event) {
refreshButton.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
function hostScanning(link) {
link.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">positive</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<xsl:choose>
<xsl:when test="$currentHost">
<div>
<xsl:attribute name="class">
<xsl:text>ui mini circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentHost/status/@state"/>
</div>
</xsl:when>
<xsl:otherwise><div class="ui red circular label">down</div></xsl:otherwise>
</xsl:choose>
</td>
<td>
<xsl:value-of select="address/@addr"/>
</td>
<td>
<b><xsl:value-of select="hostnames/hostname/@name"/></b>
</td>
<td>
<xsl:value-of select="address[@addrtype='mac']/@vendor"/>
</td>
<td>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:sort select="@portid" order="ascending"/>
</xsl:apply-templates>
</td>
<td>
<div class="ui mini right labeled button">
<a class="ui mini icon teal button" onclick="hostScanning(this)">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?host=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
<xsl:text> Services</xsl:text>
</a>
<a class="ui mini icon teal label">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/options.php?host=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="sliders horizontal icon"></i>
</a>
</div>
</td>
</tr>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<a class="ui label" target="_blank">
<xsl:attribute name="class">
<xsl:text>ui label </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange disabled</xsl:when>
<xsl:otherwise>red disabled</xsl:otherwise>
</xsl:choose>
<xsl:choose>
<xsl:when test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> mini dropdown button share-size</xsl:when>
<xsl:otherwise> small</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href">
<xsl:value-of select="service/@name"/>
<xsl:text>://</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:value-of select="service/@name"/>
<div class="detail">
<xsl:choose>
<xsl:when test="@protocol='udp'">U:</xsl:when>
<xsl:otherwise>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</div>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
<xsl:template name="optionsList">
<xsl:param name="argList" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="nextArgs" select="substring-after($argList, ' -')"/>
<xsl:variable name="argAndValue">
<xsl:choose>
<xsl:when test="$nextArgs">
<xsl:value-of select="substring-before($argList, ' -')"/>
</xsl:when>
<xsl:otherwise><xsl:value-of select="$argList"/></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, '-')">
<xsl:choose>
<xsl:when test="contains($argAndValue, ' ')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring(substring-before($argAndValue, ' '), 2)"/>
<xsl:with-param name="value" select="substring-after($argAndValue, ' ')"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 2)"/>
<xsl:with-param name="value" select="on"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:otherwise>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, 'P') or starts-with($argAndValue, 's') or starts-with($argAndValue, 'o')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 2)"/>
<xsl:with-param name="value" select="substring($argAndValue, 3)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 1)"/>
<xsl:with-param name="value" select="substring($argAndValue, 2)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$nextArgs">
<xsl:call-template name="optionsList">
<xsl:with-param name="argList" select="$nextArgs"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:if>
</xsl:template>
<xsl:template name="input">
<xsl:param name="name"/>
<xsl:param name="value" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:choose>
<xsl:when test="$asURL">
<xsl:value-of select="$name"/>
<xsl:text>=</xsl:text>
<xsl:choose>
<xsl:when test="$value"><xsl:value-of select="$value"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
<xsl:text>&amp;</xsl:text>
</xsl:when>
<xsl:otherwise>
<input type="hidden" name="{$name}">
<xsl:attribute name="value">
<xsl:choose>
<xsl:when test="$value"><xsl:value-of select="$value"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</input>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>

2
nmap/scripts/script-args.ini
View File

@ -1,2 +0,0 @@
smbuser =
smbpassword =

455
options.php
View File

@ -1,455 +0,0 @@
<?php
include_once 'config.php';
include_once 'filter_inputs.php';
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="utf-8" />
<title>lanScan</title>
<link rel="icon" href="favicon.ico" />
<script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
<link rel="stylesheet" type="text/css"
href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href=".">
lan<?php include 'logo.svg'; ?>can
</a>
<div class="right menu">
<div class="item">
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</div>
</nav>
<main class="ui main container">
<?php if(isset($errorMessage)) { ?>
<div class="ui negative message">
<i class="close icon"></i>
<div class="header">Erreur</div>
<p><?=$errorMessage?></p>
</div>
<?php } ?>
<h1 class="header">Scanner un <?=$host? "hôte" : "réseau" ?></h1>
<form id="newScanForm" class="ui form" method="get" action="scan.php">
<div class="required field">
<label for="targetsInput" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254">Cibles</label>
<input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
</div>
<div class="ui styled fluid accordion field">
<div class="title">
<i class="icon dropdown"></i>
Spécification des cibles
</div>
<div class="content">
<div class="field" title="--exclude">
<label for="excludeInput">Exclure les hôtes ou réseaux</label>
<input type="text" id="excludeInput" name="exclude" placeholder="Hôte/réseau" list="targetsList"
pattern="[a-zA-Z0-9._\/,\-]*" value="<?= $inputs['exclude'] ?? "" ?>">
</div>
<div class="field" title="-iR">
<label for="iRInput">Nombre de cibles au hasard</label>
<input type="number" min="0" id="iRInput" name="iR" placeholder="Nombre de cibles"
value="<?= $inputs['iR'] ?? "" ?>">
</div>
</div>
<div class="title">
<i class="icon dropdown"></i>
Découverte des hôtes actifs
</div>
<div class="content">
<div class="inline field" title="-Pn">
<div class="ui toggle checkbox">
<input type="checkbox" id="PnCheckbox" name="Pn" <?= $inputs['Pn'] ?? false ? 'checked' : ''; ?> />
<label for="PnCheckbox">Sauter cette étape (considérer tous les hôtes comme actifs)</label>
</div>
</div>
<div class="field" title="-PS">
<label for="PSInput">TCP SYN</label>
<input type="text" id="PSInput" name="PS" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['PS'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field" title="-PA">
<label for="PAInput">TCP ACK</label>
<input type="text" id="PAInput" name="PA" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['PA'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field" title="-PU">
<label for="PUInput">UDP</label>
<input type="text" id="PUInput" name="PU" placeholder="Ports" list="servicesList"
pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['PU'] ?? "" ?>"
title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
</div>
<div class="field">
<label>ICMP</label>
<div class="inline fields">
<div class="field" title="-PE">
<div class="ui toggle checkbox">
<input type="checkbox" id="PECheckbox" name="PE" <?= $inputs['PE'] ?? false ? 'checked' : ''; ?> />
<label for="PECheckbox">Echo request</label>
</div>
</div>
<div class="field" title="-PP">
<div class="ui toggle checkbox">
<input type="checkbox" id="PPCheckbox" name="PP" <?= $inputs['PP'] ?? false ? 'checked' : ''; ?> />
<label for="PPCheckbox">Timestamp request</label>
</div>
</div>
<div class="field" title="-PM">
<div class="ui toggle checkbox">
<input type="checkbox" id="PMCheckbox" name="PM" <?= $inputs['PM'] ?? false ? 'checked' : ''; ?> />
<label for="PMCheckbox">Mask request</label>
</div>
</div>
</div>
</div>
<div class="field" title="-PO">
<label for="POInput" title="PO">Protocole IP (par type)</label>
<input type="text" id="POInput" name="PO" placeholder="Protocole"
pattern="[0-9,\-]+" value="<?= $inputs['PO'] ?? "" ?>"
title="[num de protocole]">
</div>
<div class="fields">
<div class="inline field" title="-PR">
<div class="ui toggle checkbox">
<input type="checkbox" id="PRCheckbox" name="PR" <?= $inputs['PR'] ?? false ? 'checked' : ''; ?> />
<label for="PRCheckbox">Ping ARP</label>
</div>
</div>
<div class="inline field" title="--send-ip">
<div class="ui toggle checkbox">
<input type="checkbox" id="sendIPCheckbox" name="send-ip" <?= $inputs['send-ip'] ?? false ? 'checked' : ''; ?> />
<label for="sendIPCheckbox">Pas de scan ARP</label>
</div>
</div>
</div>
<div class="fields">
<div class="inline field" title="-n">
<div class="ui toggle checkbox">
<input type="checkbox" id="nCheckbox" name="n" <?= $inputs['n'] ?? false ? 'checked' : ''; ?> />
<label for="nCheckbox">Ne jamais résoudre les noms DNS</label>
</div>
</div>
<div class="inline field" title="-R">
<div class="ui toggle checkbox">
<input type="checkbox" id="RCheckbox" name="R" <?= $inputs['R'] ?? false ? 'checked' : ''; ?> />
<label for="nCheckbox">Toujours résoudre les noms DNS<br />(par défault seuls les hôtes actifs sont résolus)</label>
</div>
</div>
</div>
<div class="field">
<label for="dnsServersInput" title="--dns-servers">Utiliser les serveurs DNS</label>
<input type="text" id="dnsServersInput" name="dns-servers" placeholder="serveur"
pattern="[a-zA-Z0-9._,\-]*" value="<?= $inputs['dns-servers'] ?? "" ?>"
title="serv1[,serv2],...">
</div>
</div>
<div class="title">
<i class="icon dropdown"></i>
Techniques de scan de ports
</div>
<div class="content">
<div class="field">
<div class="fields">
<div class="field" title="-sS">
<div class="ui toggle checkbox">
<input type="checkbox" id="sSCheckbox" name="sS" <?= $inputs['sS'] ?? false ? 'checked' : ''; ?> />
<label for="sSCheckbox">TCP SYN</label>
</div>
</div>
<div class="field" title="-sT">
<div class="ui toggle checkbox">
<input type="checkbox" id="sTCheckbox" name="sT" <?= $inputs['sT'] ?? false ? 'checked' : ''; ?> />
<label for="sTCheckbox">TCP Connect()</label>
</div>
</div>
<div class="field" title="-sA">
<div class="ui toggle checkbox">
<input type="checkbox" id="sACheckbox" name="sA" <?= $inputs['sA'] ?? false ? 'checked' : ''; ?> />
<label for="sACheckbox">TCP ACK</label>
</div>
</div>
</div>
<div class="fields">
<div class="field" title="-sW">
<div class="ui toggle checkbox">
<input type="checkbox" id="sWCheckbox" name="sW" <?= $inputs['sW'] ?? false ? 'checked' : ''; ?> />
<label for="sWCheckbox">Fenêtre TCP</label>
</div>
</div>
<div class="field" title="-sM">
<div class="ui toggle checkbox">
<input type="checkbox" id="sMCheckbox" name="sM" <?= $inputs['sM'] ?? false ? 'checked' : ''; ?> />
<label for="sMCheckbox">Maimon</label>
</div>
</div>
<div class="field" title="-sN">
<div class="ui toggle checkbox">
<input type="checkbox" id="sNCheckbox" name="sN" <?= $inputs['sN'] ?? false ? 'checked' : ''; ?> />
<label for="sNCheckbox">TCP Null</label>
</div>
</div>
</div>
<div class="fields">
<div class="field" title="-sF">
<div class="ui toggle checkbox">
<input type="checkbox" id="sFCheckbox" name="sF" <?= $inputs['sF'] ?? false ? 'checked' : ''; ?> />
<label for="sFCheckbox">TCP FIN</label>
</div>
</div>
<div class="field" title="-sX">
<div class="ui toggle checkbox">
<input type="checkbox" id="sXCheckbox" name="sX" <?= $inputs['sX'] ?? false ? 'checked' : ''; ?> />
<label for="sXCheckbox">Sapin de Noël</label>
</div>
</div>
<div class="field" title="-sU">
<div class="ui toggle checkbox">
<input type="checkbox" id="sUCheckbox" name="sU" <?= $inputs['sU'] ?? false ? 'checked' : ''; ?> />
<label for="sUCheckbox">UDP</label>
</div>
</div>
</div>
<div class="field" title="-scanflags">
<label for="scanflagsInput">Scan TCP personnalisé</label>
<input type="text" id="scanflagsInput" name="scanflags" placeholder="Drapeaux TCP" list="flagsList"
pattern="(URG|ACK|PSH|RST|SYN|FIN|,)+|[1-9]?[0-9]|[1-2][0-9][0-9]" value="<?= $inputs['scanflags'] ?? "" ?>"
title="Mélanger simplement les drapeaux URG, ACK, PSH, RST, SYN et FIN.">
</div>
<div class="field" title="-sI">
<label for="sIInput">Hôte zombie</label>
<input type="text" id="sIInput" name="p" placeholder="zombie host[:probeport]"
pattern="[a-zA-Z0-9._\-]+(:[0-9]+)?" value="<?= $inputs['sI'] ?? "" ?>"
title="zombie host[:probeport]">
</div>
<div class="field" title="-b">
<label for="bInput">Rebond FTP</label>
<input type="text" id="bInput" name="p" placeholder="[<username>[:<password>]@]<server>[:<port>]"
pattern="([a-zA-Z0-9._\-]+(:.+)?@)?[a-zA-Z0-9._\-]+(:[0-9]+)?" value="<?= $inputs['b'] ?? "" ?>"
title="[<username>[:<password>]@]<server>[:<port>]">
</div>
<div class="field" title="-sO">
<div class="ui toggle checkbox">
<input type="checkbox" id="sUCheckbox" name="sU" <?= $inputs['sU'] ?? false ? 'checked' : ''; ?> />
<label for="sUCheckbox">Scan des protocoles supportés par la couche IP</label>
</div>
</div>
</div>
</div>
<div class="title">
<i class="icon dropdown"></i>
Spécifications des ports et ordre du scan
</div>
<div class="content">
<div class="inline field" title="-sP">
<div class="ui toggle checkbox">
<input type="checkbox" id="sPCheckbox" name="sP" <?= $inputs['sP'] ?? false ? 'checked' : ''; ?> />
<label for="sPCheckbox">Sauter cette étape</label>
</div>
</div>
<div class="inline field" title="-F">
<div class="ui toggle checkbox">
<input type="checkbox" id="FCheckbox" name="F" <?= $inputs['F'] ?? false ? 'checked' : ''; ?>
onchange="pInput.disabled = FCheckbox.checked" />
<label for="FCheckbox">Scanner les ports connus</label>
</div>
</div>
<div class="field" title="-p">
<label for="pInput">Scanner les ports</label>
<input type="text" id="pInput" name="p" placeholder="Ports" list="servicesList" <?= $inputs['F'] ?? false ? 'disabled' : ''; ?>
pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['p'] ?? "" ?>"
title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
</div>
<div class="inline field" title="-r">
<div class="ui toggle checkbox">
<input type="checkbox" id="rCheckbox" name="r" <?= $inputs['r'] ?? false ? 'checked' : ''; ?> />
<label for="rCheckbox">Ne pas mélanger les ports</label>
</div>
</div>
</div>
<div class="title">
<i class="icon dropdown"></i>
Divers
</div>
<div class="content">
<div class="field" title="--stylesheet">
<label for="stylesheetSelect">Feuille de style</label>
<select class="ui dropdown" id="stylesheetSelect" name="stylesheet" value="<?= $inputs["stylesheet"] ?? ""?>">
<?php
foreach (scandir('.') as $filename) {
if (substr($filename, -4) === '.xsl') {
$name = substr($filename, 0, -4);
$URL = htmlentities("$BASEDIR/$filename", ENT_QUOTES);
if (isset($inputs["stylesheet"]) && $URL == $inputs["stylesheet"]) {
echo " <option value='$URL' selected>$name</option>\n";
} else {
echo " <option value='$URL'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="field">
<label for="compareWithSelect">Comparer avec un précédent scan</label>
<select class="ui dropdown" id="compareWithSelect" name="compareWith" value="<?= $compareWith ?>">
<option value="">Précédent scan</option>
<?php
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
foreach (scandir($SCANSDIR) as $filename) {
if (substr($filename, -4) === '.xml') {
$name = substr($filename, 0, -4);
$URL = htmlentities("$BASEDIR/$SCANSDIR/$filename", ENT_QUOTES);
if ($URL == $compareWith) {
echo " <option value='$URL' selected>$name</option>\n";
} else {
echo " <option value='$URL'>$name</option>\n";
}
}
}
?>
</select>
</div>
<div class="field">
<label for="refreshPeriodInput">Rafraîchir toutes les</label>
<div class="ui right labeled input">
<input type="number" min="0" id="refreshPeriodInput" name="refreshPeriod" placeholder="Période"
value="<?= $refreshPeriod ?? "" ?>">
<div class="ui label">secondes</div>
</div>
</div>
</div>
</div>
<div class="field">
<label for="saveAsInput">Enregistrer sous le nom</label>
<input id="saveAsInput" type="text" name="saveAs" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
title="Caractères interdits : &lt;&gt;:&quot;\/|@?"
value="<?= htmlentities($saveAs, ENT_QUOTES); ?>">
</div>
<button type="submit" class="ui teal submit button">Démarrer</button>
</form>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<datalist id='targetsList'>
<option value="<?= $_SERVER['REMOTE_ADDR']; ?>/24"></option>
<option value="<?= $_SERVER['SERVER_NAME']; ?>"></option>
</datalist>
<datalist id='servicesList'>
<?php
$nmap_services = file("$DATADIR/nmap-services");
$services = [];
foreach ($nmap_services as $service) {
if (0 !== strpos($service, '#')) {
[$name, $port] = explode("\t", $service);
$services[$name] = explode("/", $port);
}
}
foreach ($services as $name => [$portid, $protocol]) {
echo " <option value='$name'>$portid</option>\n";
}
?>
</datalist>
<datalist id="flagsList">
<option value="URG"></option>
<option value="ACK"></option>
<option value="PSH"></option>
<option value="RST"></option>
<option value="SYN"></option>
<option value="FIN"></option>
</datalist>
<script>
class TagsInput extends Tagify {
constructor(input, delim = ",") {
super(input, {
delimiters: " |,",
originalInputValueFormat: tags => tags.map(tag => tag.value).join(delim),
})
if (input.list) this.whitelist = Array.from(input.list.options).map(option => option.value)
}
}
$(".ui.accordion").accordion()
$("#stylesheetSelect").dropdown()
$("#compareWithSelect").dropdown({
clearable: true
})
new TagsInput(targetsInput, " ")
new TagsInput(excludeInput)
new TagsInput(PSInput)
new TagsInput(PAInput)
new TagsInput(PUInput)
new TagsInput(POInput)
var pTagsInput = new TagsInput(pInput)
new TagsInput(dnsServersInput)
FCheckbox.onchange = () => {
pInput.disabled = FCheckbox.checked
pTagsInput.setDisabled(FCheckbox.checked)
}
new TagsInput(scanflagsInput)
newScanForm.onsubmit = function(event) {
if (this.checkValidity()) {
newScanForm.classList.add("loading")
return true
} else {
event.preventDefault()
this.reportValidity()
}
}
</script>
</body>
</html>

68
scan.php
View File

@ -3,62 +3,46 @@
include_once 'config.php';
include_once 'filter_inputs.php';
if (!$targets) {
http_response_code(400);
$errorMessage = 'Paramètre manquant : targets, lan ou host';
include_once "options.php";
die();
$options["--stylesheet"] = "$BASEDIR/$TEMPLATESDIR/${options["--stylesheet"]}.xsl#";
if (isset($options["name"])) {
$options["--stylesheet"] .= "name=" . rawurlencode($options["name"]) . "&";
}
if (isset($options["original"])) {
$options["--stylesheet"] .= "original=" . rawurlencode($options["original"]) . "&";
}
if (isset($options["refreshPeriod"])) {
$options["--stylesheet"] .= "refreshPeriod={$options["refreshPeriod"]}&";
}
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$args = '';
foreach ($inputs as $arg => $value) {
$args = "";
foreach ($options as $option => $value) {
if (substr($option, 0, 1) == '-') {
if (is_null($value)) {
http_response_code(400);
$errorMessage = "Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once "options.php";
$errorMessage = "Valeur incorrecte pour le paramètre <var>$option</var> : " . filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
include_once ".";
die();
} else if ($value) {
if ($value === true) {
if (strlen($arg) <= 2) $args .= " -$arg";
else $args .= " --$arg";
$args .= " $option";
} else {
if (strlen($arg) <= 2) $args .= " -$arg$value";
else $args .= " --$arg $value";
if (substr($option, 0, 2) == '--') $args .= " $option " . escapeshellarg($value);
else $args .= " $option" . escapeshellarg($value);
}
}
}
}
$tempPath = tempnam(sys_get_temp_dir(), 'scan_').".xml";
$command = ($use_sudo? "sudo " : "") . "nmap$args -oX '$tempPath' $targets 2>&1";
$command = "$NMAP $args -oX - $targets";
exec($command, $stderr, $retcode);
if ($retcode) {
http_response_code(500);
$errorMessage = implode("<br/>\n", $stderr);
include_once "options.php";
die();
if (isset($options["name"])) {
if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
$path = "$SCANSDIR/{$options["name"]}.xml";
$command .= " | tee '$path'";
}
$xml = new DOMDocument();
$xml->load($tempPath);
`rm "$tempPath"`;
header('Content-type: text/xml');
system($command, $retcode);
$saveAsURL = $saveAs? "$BASEDIR/$SCANSDIR/$saveAs.xml" : "";
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='savedAs' value='".htmlentities($saveAsURL, ENT_QUOTES)."'"), $xml->documentElement);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value='".htmlentities($compareWith, ENT_QUOTES)."'"), $xml->documentElement);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='refreshPeriod' value='".htmlentities($refreshPeriod, ENT_QUOTES)."'"), $xml->documentElement);
if ($saveAs) {
$path = "$SCANSDIR/$saveAs.xml";
$xml->save($path);
header("Location: $path");
exit();
} else {
header('Content-type: text/xml');
exit($xml->saveXML());
}
exit();

0
script-args.ini Normal file
View File

34
scripts/README.md Normal file
View File

@ -0,0 +1,34 @@
# nmap-scripts
## http-info.nse
Return status, title and favicon URL of a webpage
```lua
@args http-get.path Path to get. Default /.
@usage nmap -phttp,https --script http-info.nse --script-args http-info.path=/ <host>
@output
80/tcp open http
| http-info:
| status-line: HTTP/1.1 200 OK\x0D
|
| title: Go ahead and ScanMe!
| favicon: http://scanme.nmap.org:80/shared/images/tiny-eyeicon.png
|_ status: 200
```
## smb-shares-size.nse
Return free and total size in octets of each SMB shares
```lua
@args See the documentation for the smbauth library.
@usage nmap -p137-139,445 --script smb-shares-size.nse --script-args-file smb-shares-size.ini <host>
@output
Host script results:
| smb-shares-size:
| data:
| FreeSize: 38495883264
| TotalSize: 500961574912
|_ IPC$: NT_STATUS_ACCESS_DENIED
```

44
nmap/scripts/http-info.nse → scripts/http-info.nse
View File

@ -1,24 +1,29 @@
local shortport = require "shortport"
description = [[
Get and return a page info
Return status, title and favicon URL of a webpage
]]
---
-- @args http-get.path Path to get. Default /.
--
-- @usage nmap -p80 --script http-info.nse --script-args http-info.path=/ <host>
-- @usage nmap -phttp,https --script http-info.nse --script-args http-info.path=/ <host>
--
-- @output
-- status: 200
-- status-line: HTTP/1.1 200 OK\x0D
-- 80/tcp open http
-- | http-info:
-- | status-line: HTTP/1.1 200 OK\x0D
-- |
-- | title: Go ahead and ScanMe!
-- | favicon: http://scanme.nmap.org:80/shared/images/tiny-eyeicon.png
-- |_ status: 200
---
categories = {"discovery", "intrusive"}
author = "Adrien Malingrey"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
portrule = shortport.service({"http", "https", "ssl"})
portrule = shortport.http
local http = require "http"
local stdnse = require "stdnse"
@ -27,50 +32,49 @@ action = function(host, port)
local scheme = ""
local hostaddress = (host.name ~= '' and host.name) or host.ip
local path = "/"
local uri
local favicon_relative_uri = "/favicon.ico"
local favicon
stdnse.debug1("port", port.service)
if (port.service == "ssl") then
scheme = "https"
else
scheme = port.service
end
stdnse.debug1("scheme", scheme)
if(stdnse.get_script_args('http-get.path')) then
path = stdnse.get_script_args('http-info.path')
end
uri = scheme.."://"..hostaddress..":"..port.number..path
stdnse.debug1("Try to download %s", uri)
local answer = http.get_url(uri, {})
stdnse.debug1("Try to download %s", path)
local answer = http.get(hostaddress, port, path)
local info = {status=answer.status, ["status-line"]=answer["status-line"]}
local output = {status=answer.status, ["status-line"]=answer["status-line"]}
if (answer and answer.status == 200) then
stdnse.debug1("[SUCCESS] Load page %s", uri)
stdnse.debug1("[SUCCESS] Load page %s", path)
-- Taken from http-title.nse by Diman Todorov
local title = string.match(answer.body, "<[Tt][Ii][Tt][Ll][Ee][^>]*>([^<]*)</[Tt][Ii][Tt][Ll][Ee]>")
if (title) then
info.title = title
output.title = title
end
stdnse.debug1("[INFO] Try favicon %s", favicon_relative_uri)
favicon_relative_uri = parseIcon(answer.body) or "favicon.ico"
favicon_relative_uri = parseIcon(answer.body) or favicon_relative_uri
else
stdnse.debug1("[ERROR] Can't load page %s", uri)
stdnse.debug1("[ERROR] Can't load page %s", path)
end
favicon_absolute_uri = scheme.."://"..hostaddress..":"..port.number..favicon_relative_uri
favicon = http.get_url(favicon_absolute_uri, {})
favicon = http.get(hostaddress, port, favicon_relative_uri)
if (favicon and favicon.status == 200) then
stdnse.debug1("[SUCCESS] Load favicon %s", favicon_absolute_uri)
info.favicon = favicon_absolute_uri
stdnse.debug1("[SUCCESS] Load favicon %s", favicon_relative_uri)
output.favicon = favicon_relative_uri
else
stdnse.debug1("[ERROR] Can't load favicon %s", favicon_absolute_uri)
stdnse.debug1("[ERROR] Can't load favicon %s", favicon_relative_uri)
end
return info
return output
end
--- function taken from http_favicon.nse by Vlatko Kosturjak

12
nmap/scripts/smb-shares-size.nse → scripts/smb-shares-size.nse
View File

@ -1,8 +1,3 @@
local stdnse = require "stdnse"
local smb = require "smb"
local smb2 = require "smb2"
local msrpc = require "msrpc"
local bin = require "bin"
local shortport = require "shortport"
description = [[
@ -12,7 +7,7 @@ Return free and total size in octets of each SMB shares
---
-- @args See the documentation for the smbauth library.
--
-- @usage nmap -p445 --script smb-shares-size.nse <host>
-- @usage nmap -p137-139,445 --script smb-shares-size.nse --script-args-file smb-authentication.ini <host>
--
-- @output
-- Host script results:
@ -29,6 +24,11 @@ license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
portrule = shortport.service({"microsoft-ds", "netbios-ssn", "smb"})
local stdnse = require "stdnse"
local smb = require "smb"
local smb2 = require "smb2"
local msrpc = require "msrpc"
local bin = require "bin"
action = function(host)
local status, shares, extra

3
server.php Normal file
View File

@ -0,0 +1,3 @@
<?php
print_r($_SERVER);

86
style.css
View File

@ -1,11 +1,24 @@
svg {
margin: -.3em -.5em -.5em -.4em;
fill: currentColor;
:root{
--nav-height: 3.6rem;
--footer-height: 3.6rem;
}
.main.container {
padding-top: 7em;
min-height: calc(100vh - 4.4285em - 2px);
nav {
height: var(--nav-height);
}
main {
padding-top: var(--nav-height);
min-height: calc(100vh - var(--footer-height) - 1rem)
}
h1:first-child, h2:first-child, h3:first-child, h4:first-child, h5:first-child, .ui.header:first-child {
margin-top: 1rem;
}
svg {
margin: -0.3em -0.5em -0.5em -0.4em;
fill: currentColor;
}
.ui.footer.segment {
@ -14,10 +27,10 @@ svg {
.tagify {
width: 100%;
border-radius: .28571429rem;
border-radius: 0.28571429rem;
--tags-focus-border-color: #85b7d9;
--placeholder-color: rgba(191,191,191,.87);
--placeholder-color-focus: rgba(115,115,115,.87);
--placeholder-color: rgba(191, 191, 191, 0.87);
--placeholder-color-focus: rgba(115, 115, 115, 0.87);
}
.ui.table {
@ -25,11 +38,12 @@ svg {
}
.ui.label {
margin: .14285714em;
margin: 0.14285714em;
}
.ui.label > .detail {
margin-left: .3em;
margin-left: 0.3em;
text-transform: capitalize;
}
.ui.form .fields > .field {
@ -40,9 +54,53 @@ svg {
margin-top: 0;
}
.ui.dropdown.label {
min-width: auto;
}
.ui.dropdown.label > .remove.icon {
right: 2.3em;
}
.toast-container .ui.header {
text-transform: capitalize;
}
.share-size {
--free-ratio: calc(var(--free) / var(--total));
--used-percent: calc(100% - 100%*var(--free-ratio));
--color: hsl(calc(120*var(--free-ratio)) 100% 50%);
background-image: linear-gradient(to right, var(--color) var(--used-percent), transparent var(--used-percent), transparent) !important;
--used-percent: calc(100% - 100% * var(--free-ratio));
--color: hsl(calc(120 * var(--free-ratio)) 100% 50%);
background-image: linear-gradient(
to right,
var(--color) var(--used-percent),
transparent var(--used-percent),
transparent
) !important;
text-align: center !important;
}
.compact {
position: static !important;
overflow-x: auto;
}
.compact > input {
min-width: 10em;
padding-right: 0.1em;
}
.compact .ui.buttons .mini.button {
padding: 0.5em;
position: static;
}
.compact .ui.dropdown.button:not(.pointing):not(.floating).active {
border-radius: 0;
}
.compact .ui.dropdown .menu {
left: 0;
right: 0;
margin: -.7em .7em;
min-width: auto;
}

186
templates/cards.xsl Executable file
View File

@ -0,0 +1,186 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui wide container">
<div class="ui header container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
</div>
<div class="ui doubling stackable five column compact grid">
<div class="ui centered link cards">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</div>
</div>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
$('.ui.dropdown').dropdown()
function hostScanning(link) {
link.parentElement.parentElement.classList.add("loading")
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<div>
<xsl:attribute name="class">
<xsl:text>ui card </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<div class="content">
<div class="header">
<xsl:choose>
<xsl:when test="$currentHost">
<div>
<xsl:attribute name="class">
<xsl:text>ui empty circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</div>
</xsl:when>
<xsl:otherwise><div class="ui empty circular label red"></div></xsl:otherwise>
</xsl:choose>
<xsl:text> </xsl:text>
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="substring-before(hostnames/hostname/@name, '.')"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</div>
<div class="meta">
<xsl:if test="substring-after(hostnames/hostname/@name, '.')">
<div>
<xsl:text>.</xsl:text>
<xsl:value-of select="substring-after(hostnames/hostname/@name, '.')"/>
</div>
</xsl:if>
<div><xsl:value-of select="address/@addr"/></div>
<xsl:if test="address[@addrtype='mac']/@vendor">
<div><xsl:value-of select="address[@addrtype='mac']/@vendor"/></div>
</xsl:if>
</div>
<div class="description">
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]" mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui label'"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</div>
</div>
<div class="ui buttons">
<a class="ui icon labeled teal button" onclick="hostScanning(this)">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
<xsl:text> Services</xsl:text>
</a>
<a class="ui icon teal button ">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="$hostAddress"/>
</xsl:attribute>
<i class="settings icon"></i>
</a>
</div>
</div>
</xsl:template>
</xsl:stylesheet>

200
templates/compact.xsl Executable file
View File

@ -0,0 +1,200 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui wide container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<div class="form">
<div class="ui doubling stackable four column compact grid">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</div>
</div>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
$('.ui.dropdown').dropdown()
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<div class="column">
<div>
<xsl:attribute name="class">
<xsl:text>ui fluid mini compact input </xsl:text>
<xsl:if test="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:text>action buttons </xsl:text>
</xsl:if>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">success</xsl:when>
<xsl:otherwise>error</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<input type="text" readonly="" value="{substring-before(hostnames/hostname/@name, '.')}" placeholder="{address/@addr}"
title="{$currentHost/hostnames/hostname/@name} ({address/@addr})"
onfocus="this.value='{hostnames/hostname/@name}'; this.select()" onblur="this.value='{substring-before(hostnames/hostname/@name, '.')}'"
/>
<xsl:apply-templates select="$initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')] | $currentHost/ports/port" mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui mini button'"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</div>
</div>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<xsl:variable name="state">
<xsl:choose>
<xsl:when test="$currentHost/state/@state='open'">green</xsl:when>
<xsl:when test="$currentHost/state/@state='filtered'">yellow</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<a target="_blank">
<xsl:attribute name="class">
<xsl:text>ui mini button </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> dropdown share-size</xsl:if>
</xsl:attribute>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:attribute name="title">
<xsl:value-of select="@portid"/>/<xsl:value-of select="@protocol"/>
</xsl:attribute>
<xsl:choose>
<xsl:when test="service/@name='unknown'">
<xsl:choose>
<xsl:when test="@protocol='tcp'">:</xsl:when>
<xsl:otherwise><xsl:value-of select="substring(@protocol, 1, 1)"/>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentHost/hostscript/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>

203
templates/hostScan.xsl Executable file
View File

@ -0,0 +1,203 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '.xml ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui main container">
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
var table = $('#scanResultsTable').DataTable({
buttons : ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu : [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
colReorder: true,
buttons : ['copy', 'excel', 'pdf']
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<h1 class="ui header">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
<div class="sub header"><xsl:value-of select="address/@addr"/></div>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Protocole</th>
<th>Port</th>
<th>Service</th>
<th>Produit</th>
<th>Version</th>
<th>Infos</th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="$currentHost/ports/port | $initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')]">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</tbody>
</table>
</xsl:template>
<xsl:template match="port">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">negative</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">warning</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">positive</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">positive</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">warning</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<div>
<xsl:attribute name="class">
<xsl:text>ui mini circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentPort/state/@state"/>
</div>
</td>
<td style="text-transform: uppercase">
<xsl:value-of select="@protocol"/>
</td>
<td>
<xsl:value-of select="@portid"/>
</td>
<td>
<xsl:apply-templates select="." mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui mini fluid button'"/>
</xsl:apply-templates>
</td>
<td>
<xsl:value-of select="service/@product"/>
</td>
<td>
<xsl:value-of select="service/@version"/>
</td>
<td>
<xsl:value-of select="service/@extrainfo"/>
</td>
</tr>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>

198
templates/lanScan.xsl Executable file
View File

@ -0,0 +1,198 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="lib/head.xsl"/>
<xsl:import href="lib/nav.xsl"/>
<xsl:import href="lib/service.xsl"/>
<xsl:import href="lib/toast.xsl"/>
<xsl:output method="html" encoding="UTF-8"/>
<xsl:output indent="yes"/>
<xsl:strip-space elements='*'/>
<xsl:param name="thisURL" select=""/>
<xsl:param name="originalURL" select=""/>
<xsl:param name="refreshPeriod" select="0"/>
<xsl:param name="sudo" select="false()"/>
<xsl:variable name="current" select="./nmaprun"/>
<xsl:variable name="stylesheetURL" select="substring-before(substring-after(processing-instruction('xml-stylesheet'),'href=&quot;'), '?')"/>
<xsl:variable name="basedir" select="concat($stylesheetURL, '/../..')"/>
<xsl:variable name="init" select="document($originalURL)/nmaprun"/>
<xsl:variable name="nextComparison">
<xsl:choose>
<xsl:when test="$thisURL"><xsl:value-of select="$thisURL"/></xsl:when>
<xsl:when test="$originalURL"><xsl:value-of select="$originalURL"/></xsl:when>
<xsl:otherwise></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:template match="nmaprun">
<xsl:variable name="targets" select="substring-after(@args, '-oX - ')"/>
<html lang="fr">
<xsl:apply-templates select="." mode="head">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<body>
<xsl:apply-templates select="." mode="nav">
<xsl:with-param name="basedir" select="$basedir"/>
<xsl:with-param name="targets" select="$targets"/>
<xsl:with-param name="nextComparison" select="$nextComparison"/>
<xsl:with-param name="refreshPeriod" select="$refreshPeriod"/>
<xsl:with-param name="sudo" select="$sudo"/>
</xsl:apply-templates>
<main class="ui main container">
<h1 class="ui header"><xsl:value-of select="$targets"/></h1>
<table id="scanResultsTable" style="width:100%" role="grid" class="ui sortable small table">
<thead>
<tr>
<th>Etat</th>
<th>Adresse IP</th>
<th>Nom</th>
<th>Fabricant</th>
<th class="six wide">Services</th>
<th>Scanner les services</th>
</tr>
</thead>
<tbody>
<xsl:apply-templates select="host | $init/host[not(address/@addr=$current/host/address/@addr)][not(status/@state='down')]"/>
</tbody>
</table>
</main>
<footer class="ui footer segment">
lanScan est basé sur <a href="https://nmap.org/" target="_blank">Nmap</a>
</footer>
<script>
var table = $('#scanResultsTable').DataTable({
buttons : ['copy', 'excel', 'pdf'],
fixedHeader: true,
lengthMenu : [
[256, 512, 1024, 2048, -1],
[256, 512, 1024, 2048, "All"]
],
responsive: true,
colReorder: true,
buttons : ['copy', 'excel', 'pdf']
})
table.order([1, 'asc']).draw()
$('.ui.dropdown').dropdown()
function hostScanning(link) {
link.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
<xsl:apply-templates select="runstats">
<xsl:with-param name="init" select="$init"/>
</xsl:apply-templates>
</body>
</html>
</xsl:template>
<xsl:template match="host">
<xsl:variable name="addr" select="address/@addr"/>
<xsl:variable name="initHost" select="$init/host[address/@addr=$addr]"/>
<xsl:variable name="currentHost" select="$current/host[address/@addr=$addr]"/>
<xsl:variable name="hostAddress">
<xsl:choose>
<xsl:when test="hostnames/hostname/@name">
<xsl:value-of select="hostnames/hostname/@name"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="address/@addr"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<tr>
<xsl:attribute name="class">
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">positive</xsl:when>
<xsl:otherwise>negative</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<td>
<xsl:choose>
<xsl:when test="$currentHost">
<div>
<xsl:attribute name="class">
<xsl:text>ui mini circular label </xsl:text>
<xsl:choose>
<xsl:when test="$currentHost/status/@state='up'">green</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:value-of select="$currentHost/status/@state"/>
</div>
</xsl:when>
<xsl:otherwise><div class="ui red circular label">down</div></xsl:otherwise>
</xsl:choose>
</td>
<td>
<xsl:value-of select="address/@addr"/>
</td>
<td>
<div><b><xsl:value-of select="substring-before(hostnames/hostname/@name, '.')"/></b></div>
<xsl:if test="substring-after(hostnames/hostname/@name, '.')">
<div>.<xsl:value-of select="substring-after(hostnames/hostname/@name, '.')"/></div>
</xsl:if>
</td>
<td>
<xsl:value-of select="address[@addrtype='mac']/@vendor"/>
</td>
<td>
<xsl:apply-templates select="$initHost/ports/port[not(@portid=$currentHost/ports/port/@portid)][not(state/@state='closed')] | $currentHost/ports/port" mode="service">
<xsl:with-param name="initHost" select="$initHost"/>
<xsl:with-param name="currentHost" select="$currentHost"/>
<xsl:with-param name="hostAddress" select="$hostAddress"/>
<xsl:with-param name="class" select="'ui label'"/>
<xsl:sort select="number(@portid)" order="ascending"/>
</xsl:apply-templates>
</td>
<td>
<div class="ui mini right labeled button">
<a class="ui mini icon teal button" onclick="hostScanning(this)">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="address/@addr"/>
</xsl:attribute>
<i class="satellite dish icon"></i>
<xsl:text> Services</xsl:text>
</a>
<a class="ui mini icon teal label">
<xsl:attribute name="href">
<xsl:value-of select="$basedir"/>
<xsl:text>/?preset=host&amp;targets=</xsl:text>
<xsl:value-of select="address/@addr"/>
</xsl:attribute>
<i class="settings icon"></i>
</a>
</div>
</td>
</tr>
</xsl:template>
</xsl:stylesheet>

70
templates/lib/head.xsl Normal file
View File

@ -0,0 +1,70 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="parseCommand.xsl"/>
<xsl:template match="nmaprun" mode="head">
<xsl:param name="basedir"/>
<xsl:param name="targets"/>
<xsl:param name="nextComparison"/>
<xsl:param name="refreshPeriod"/>
<xsl:param name="sudo"/>
<head>
<meta charset="utf-8"/>
<xsl:if test="$refreshPeriod > 0">
<meta http-equiv="refresh">
<xsl:attribute name="content">
<xsl:value-of select="$refreshPeriod"/>
<xsl:text>;URL=</xsl:text>
<xsl:value-of select="$basedir"/>
<xsl:text>/scan.php?targets=</xsl:text>
<xsl:value-of select="$targets"/>
<xsl:text>&amp;</xsl:text>
<xsl:call-template name="parseCommand">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="true()"/>
</xsl:call-template>
<xsl:text>originalURL=</xsl:text>
<xsl:value-of select="$nextComparison"/>
<xsl:text>&amp;refreshPeriod=</xsl:text>
<xsl:value-of select="$refreshPeriod"/>
<xsl:text>&amp;sudo=</xsl:text>
<xsl:value-of select="$sudo"/>
</xsl:attribute>
</meta>
</xsl:if>
<title>
<xsl:text>lanScan - </xsl:text>
<xsl:value-of select="$targets"/>
</title>
<link rel="icon" href="{$basedir}/favicon.ico"/>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css"/>
<link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css"/>
<link href="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/cr-2.0.4/fc-5.0.3/fh-4.0.1/r-3.0.3/datatables.min.css" rel="stylesheet"/>
<link href="{$basedir}/style.css" rel="stylesheet" type="text/css"/>
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/pdfmake.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.1.8/b-3.1.2/b-html5-3.1.2/b-print-3.1.2/cr-2.0.4/fc-5.0.3/fh-4.0.1/r-3.0.3/datatables.min.js"></script>
<script>
DataTable.ext.type.detect.unshift(function (d) {
return /[\d]+\.[\d]+\.[\d]+\.[\d]+/.test(d)
? 'ipv4-address'
: null;
});
DataTable.ext.type.order['ipv4-address-pre'] = function (ipAddress) {
[a, b, c, d] = ipAddress.split(".").map(Number)
return 16777216*a + 65536*b + 256*c + d;
};
</script>
</head>
</xsl:template>
</xsl:stylesheet>

80
templates/lib/nav.xsl Normal file
View File

@ -0,0 +1,80 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:import href="parseCommand.xsl"/>
<xsl:template match="nmaprun" mode="nav">
<xsl:param name="basedir"/>
<xsl:param name="targets"/>
<xsl:param name="nextComparison"/>
<xsl:param name="refreshPeriod"/>
<xsl:param name="sudo"/>
<nav class="ui inverted teal fixed menu">
<a class="ui teal button item" href="{$basedir}">
<xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg"><defs id="defs206"/><g id="g998" transform="matrix(0,0.04687491,-0.04687491,0,24,2.2682373e-5)"><g id="g147"><g id="g145"><path d="m 322.065,92.046 c -46.24,0 -83.851,37.619 -83.851,83.857 v 168.712 c 0,25.224 -21.148,45.745 -46.372,45.745 -25.224,0 -46.372,-20.521 -46.372,-45.745 V 199.464 h -38.114 v 145.151 c 0,46.24 38.246,83.859 84.486,83.859 46.24,0 84.486,-37.619 84.486,-83.859 V 175.903 c 0,-25.223 20.514,-45.743 45.737,-45.743 25.223,0 45.737,20.521 45.737,45.743 v 134.092 h 38.114 V 175.903 c 0,-46.239 -37.611,-83.857 -83.851,-83.857 z" id="path143"/></g></g><g id="g153"><g id="g151"><path d="M 144.198,0 H 108.625 C 98.101,0 89.568,8.746 89.568,19.271 c 0,1.157 0.121,2.328 0.318,3.598 h 73.052 c 0.197,-1.27 0.318,-2.441 0.318,-3.598 C 163.256,8.746 154.723,0 144.198,0 Z" id="path149"/></g></g><g id="g159"><g id="g157"><path d="m 420.183,486.591 h -71.731 c -0.626,2.541 -0.978,4.077 -0.978,6.176 0,10.525 8.532,19.234 19.057,19.234 h 35.573 c 10.525,0 19.057,-8.709 19.057,-19.234 0,-2.098 -0.352,-3.635 -0.978,-6.176 z" id="path155"/></g></g><g id="g165"><g id="g163"><rect x="87.027" y="41.925999" width="80.040001" height="138.481" id="rect161"/></g></g><g id="g171"><g id="g169"><rect x="344.93301" y="329.052" width="80.040001" height="138.481" id="rect167"/></g></g><g id="g173"></g><g id="g175"></g><g id="g177"></g><g id="g179"></g><g id="g181"></g><g id="g183"></g><g id="g185"></g><g id="g187"></g><g id="g189"></g><g id="g191"></g><g id="g193"></g><g id="g195"></g><g id="g197"></g><g id="g199"></g><g id="g201"></g></g></svg>
<xsl:text>can</xsl:text>
</a>
<form id="lanScanForm" class="right menu">
<xsl:call-template name="parseCommand">
<xsl:with-param name="argList" select="substring-before(substring-after(@args, ' -'), ' -oX')"/>
<xsl:with-param name="asURL" select="false()"/>
</xsl:call-template>
<div class="ui category search item">
<div id="targetsInputDiv" class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" oninput="hiddenInput.value=this.value"
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..."
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
Exemples: 192.168.1.0/24 scanme.nmap.org 10.0-255.0-255.1-254"/>
<i class="satellite dish icon"></i>
</div>
<input type="hidden" name="originalURL" value="{$nextComparison}"/>
<input type="hidden" name="refreshPeriod" value="{$refreshPeriod}"/>
<input type="hidden" name="sudo" value="{$sudo}"/>
<button id="hiddenButton" style="display: none;" type="submit" formmethod="get" formaction="{$basedir}/scan.php"></button>
<button id="refreshButton" class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/scan.php">
<i class="sync icon"></i>
</button>
<button class="ui teal icon submit button" type="submit" formmethod="get" formaction="{$basedir}/">
<i class="settings icon"></i>
</button>
<a class="ui teal icon button" href="https://nmap.org/man/fr/index.html" target="_blank">
<i class="question circle icon"></i>
</a>
</div>
</form>
</nav>
<script>
hiddenButton.onclick = function(event) {
if (lanScanForm.checkValidity()) {
targetsInputDiv.classList.add('loading')
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
}
refreshButton.onclick = function(event) {
refreshButton.getElementsByTagName('i')[0].className = 'loading spinner icon'
$.toast({
title : 'Scan en cours...',
message : 'Merci de patienter',
class : 'info',
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
}
</script>
</xsl:template>
</xsl:stylesheet>

105
templates/lib/parseCommand.xsl Normal file
View File

@ -0,0 +1,105 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:template name="parseCommand">
<xsl:param name="argList" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="nextArgs" select="substring-after($argList, ' -')"/>
<xsl:variable name="argAndValue">
<xsl:choose>
<xsl:when test="$nextArgs">
<xsl:value-of select="substring-before($argList, ' -')"/>
</xsl:when>
<xsl:otherwise><xsl:value-of select="$argList"/></xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, '-')">
<xsl:choose>
<xsl:when test="contains($argAndValue, ' ')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring-before($argAndValue, ' ')"/>
<xsl:with-param name="value" select="substring-after($argAndValue, ' ')"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="$argAndValue"/>
<xsl:with-param name="value" select="on"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:when>
<xsl:otherwise>
<xsl:choose>
<xsl:when test="starts-with($argAndValue, 'P') or starts-with($argAndValue, 's') or starts-with($argAndValue, 'o')">
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 2)"/>
<xsl:with-param name="value" select="substring($argAndValue, 3)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:when>
<xsl:otherwise>
<xsl:call-template name="input">
<xsl:with-param name="name" select="substring($argAndValue, 1, 1)"/>
<xsl:with-param name="value" select="substring($argAndValue, 2)"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:otherwise>
</xsl:choose>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$nextArgs">
<xsl:call-template name="parseCommand">
<xsl:with-param name="argList" select="$nextArgs"/>
<xsl:with-param name="asURL" select="$asURL"/>
</xsl:call-template>
</xsl:if>
</xsl:template>
<xsl:template name="input">
<xsl:param name="name"/>
<xsl:param name="value" select=""/>
<xsl:param name="asURL" select="false()"/>
<xsl:variable name="valueWithoutQuotes">
<xsl:choose>
<xsl:when test="substring-after($value, '&quot;')">
<xsl:value-of select="substring-before(substring-after($value, '&quot;'), '&quot;')"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="$value"/>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:choose>
<xsl:when test="$asURL">
<xsl:text>-</xsl:text>
<xsl:value-of select="$name"/>
<xsl:text>=</xsl:text>
<xsl:choose>
<xsl:when test="$valueWithoutQuotes"><xsl:value-of select="$valueWithoutQuotes"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
<xsl:text>&amp;</xsl:text>
</xsl:when>
<xsl:otherwise>
<input type="hidden" name="-{$name}">
<xsl:attribute name="value">
<xsl:choose>
<xsl:when test="$valueWithoutQuotes"><xsl:value-of select="$valueWithoutQuotes"/></xsl:when>
<xsl:otherwise>on</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
</input>
</xsl:otherwise>
</xsl:choose>
</xsl:template>
</xsl:stylesheet>

102
templates/lib/service.xsl Normal file
View File

@ -0,0 +1,102 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:template match="port" mode="service">
<xsl:param name="hostAddress"/>
<xsl:param name="initHost"/>
<xsl:param name="currentHost"/>
<xsl:param name="class"/>
<xsl:variable name="portid" select="@portid"/>
<xsl:variable name="initPort" select="$initHost/ports/port[@portid=$portid]"/>
<xsl:variable name="currentPort" select="$currentHost/ports/port[@portid=$portid]"/>
<a target="_blank">
<xsl:attribute name="class">
<xsl:value-of select="$class"/>
<xsl:text> </xsl:text>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=500">red</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=400">orange</xsl:when>
<xsl:when test="$currentPort/script[@id='http-info']/elem[@key='status']>=200">green</xsl:when>
<xsl:when test="$currentPort/state/@state='open'">green</xsl:when>
<xsl:when test="$currentPort/state/@state='filtered'">orange</xsl:when>
<xsl:otherwise>red</xsl:otherwise>
</xsl:choose>
<xsl:choose>
<xsl:when test="$currentPort/script[@id='smb-shares-size']/table"> mini dropdown button share-size</xsl:when>
<xsl:otherwise> small</xsl:otherwise>
</xsl:choose>
</xsl:attribute>
<xsl:if test="$currentPort/script[@id='smb-shares-size']/table">
<xsl:attribute name="style">
<xsl:for-each select="$currentPort/script[@id='smb-shares-size']/table">
<xsl:sort select="elem[@key='FreeSize'] div elem[@key='TotalSize']" order="ascending"/>
<xsl:if test="position()=1">
<xsl:text>--free: </xsl:text>
<xsl:value-of select="elem[@key='FreeSize']"/>
<xsl:text>; --total: </xsl:text>
<xsl:value-of select="elem[@key='TotalSize']"/>
</xsl:if>
</xsl:for-each>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ftp' or service/@name='ssh' or service/@name='http' or service/@name='https'">
<xsl:attribute name="href">
<xsl:choose>
<xsl:when test="service/@name='http' and service/@tunnel='ssl'">
<xsl:text>https</xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:text>://</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>:</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">
<xsl:text>rdp.php?v=</xsl:text>
<xsl:value-of select="$hostAddress"/>
<xsl:text>&amp;p=</xsl:text>
<xsl:value-of select="@portid"/>
</xsl:attribute>
</xsl:if>
<xsl:attribute name="title">
<xsl:value-of select="@portid"/>/<xsl:value-of select="@protocol"/>
</xsl:attribute>
<xsl:choose>
<xsl:when test="service/@name='unknown'">
<xsl:choose>
<xsl:when test="@protocol='tcp'">:</xsl:when>
<xsl:otherwise><xsl:value-of select="substring(@protocol, 1, 1)"/>:</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="@portid"/>
</xsl:when>
<xsl:otherwise>
<xsl:value-of select="service/@name"/>
</xsl:otherwise>
</xsl:choose>
<xsl:if test="$currentPort/script[@id='smb-shares-size']/table">
<i class="dropdown icon"></i>
<div class="menu">
<xsl:apply-templates select="$currentPort/script[@id='smb-shares-size']/table">
<xsl:with-param name="hostAddress" select="$hostAddress"/>
</xsl:apply-templates>
</div>
</xsl:if>
</a>
</xsl:template>
<xsl:template match="table">
<xsl:param name="hostAddress"/>
<a class="item share-size" href="file://///{$hostAddress}/{@key}" target="_blank" rel="noopener noreferrer" style="--free: {elem[@key='FreeSize']}; --total: {elem[@key='TotalSize']}">
<xsl:value-of select="@key"/>
</a>
</xsl:template>
</xsl:stylesheet>

44
templates/lib/toast.xsl Normal file
View File

@ -0,0 +1,44 @@
<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
version="1.1">
<xsl:template match="runstats">
<xsl:param name="init"/>
<script>
<xsl:if test="finished/@summary">
$.toast({
title : '<xsl:value-of select="finished/@exit"/>',
message : `<xsl:value-of select="finished/@summary"/>`,
showIcon : 'satellite dish',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="finished/@errormsg">
$.toast({
title : '<xsl:value-of select="finished/@exit"/>',
message : `<xsl:value-of select="finished/@errormsg"/>`,
showIcon : 'exclamation triangle',
class : 'error',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
<xsl:if test="$init/runstats/finished">
$.toast({
message : 'Comparaison avec les résultats du <xsl:value-of select="$init/runstats/finished/@timestr"/>',
class : 'info',
showIcon : 'calendar',
displayTime: 0,
closeIcon : true,
position : 'bottom right',
})
</xsl:if>
</script>
</xsl:template>
</xsl:stylesheet>