use sudo at will

include error message
2024-10-16 11:04:12 +02:00 · 2024-10-16 10:43:11 +02:00
4 changed files with 25 additions and 11 deletions
--- a/README.md
+++ b/README.md
@ -10,3 +10,7 @@ Pour donner les droits à lanScan sous Linux, installer `sudo` au besoin, puis c
 ```
 www-data ALL = NOPASSWD: /usr/bin/nmap
 ````
+et modifier le fichier `config.php` avec :
+```php
+$use_sudo = true;
+```
--- a/config.php
+++ b/config.php
@ -17,6 +17,7 @@ $HOSTSCAN_OPTIONS = [
 ];

 $refreshPeriod = 60;
+$use_sudo = false;

 $SCANSDIR = 'scans';
 $DATADIR  = '/usr/share/nmap';
--- a/options.php
+++ b/options.php
@ -34,6 +34,15 @@ include_once 'filter_inputs.php';
  </nav>

  <main class="ui main container">
+
+<?php if(isset($errorMessage)) { ?>
+    <div class="ui negative message">
+      <i class="close icon"></i>
+      <div class="header">Erreur</div>
+      <p><?=$errorMessage?></p>
+    </div>
+<?php } ?>
+
    <h1 class="header">Scanner un <?=$host? "hôte" : "réseau" ?></h1>

    <form id="newScanForm" class="ui form" method="get" action="scan.php">
--- a/scan.php
+++ b/scan.php
@ -5,7 +5,9 @@ include_once 'filter_inputs.php';

 if (!$targets) {
    http_response_code(400);
-    die('Paramètre manquant : targets, lan ou host');
+    $errorMessage = 'Paramètre manquant : targets, lan ou host';
+    include_once "options.php";
+    die();
 }

 if (!file_exists($SCANSDIR)) mkdir($SCANSDIR);
@ -14,7 +16,9 @@ $args = '';
 foreach ($inputs as $arg => $value) {
    if (is_null($value)) {
        http_response_code(400);
-        die("Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS));
+        $errorMessage = "Valeur incorecte pour le paramètre $arg : " . filter_input(INPUT_GET, $arg, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+        include_once "options.php";
+        die();
    } else if ($value) {
        if ($value === true) {
            if (strlen($arg) <= 2) $args .= " -$arg";
@ -28,19 +32,15 @@ foreach ($inputs as $arg => $value) {

 $tempPath = tempnam(sys_get_temp_dir(), 'scan_').".xml";

-$command = "nmap$args -oX '$tempPath' $targets 2>&1";
+$command = ($use_sudo? "sudo " : "") . "nmap$args -oX '$tempPath' $targets 2>&1";

 exec($command, $stderr, $retcode);

-if ($retcode && strpos(implode($stderr), " root ") !== false) {
-    // Retry with sudo
-    $recode = 0;
-    exec("sudo $command", $stderr, $retcode);
-}
-
 if ($retcode) {
    http_response_code(500);
-    die(implode("<br/>\n", $stderr));
+    $errorMessage = implode("<br/>\n", $stderr);
+    include_once "options.php";
+    die();
 }

 $xml = new DOMDocument();
Author	SHA1	Message	Date
adrien	570e8f2252	use sudo at will	2024-10-16 11:04:12 +02:00
adrien	cd6f64679b	include error message	2024-10-16 10:43:11 +02:00