adrien/lanScan3
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: adrien:d5dd51921c7ceaaa12947371538c4e7ba08e42b3
Branches Tags
adrien:master
..
compare: adrien:6319d411c5baa7e5458874833295fa5356d32c53
Branches Tags
adrien:master

No commits in common. "d5dd51921c7ceaaa12947371538c4e7ba08e42b3" and "6319d411c5baa7e5458874833295fa5356d32c53" have entirely different histories.
d5dd51921c ... 6319d411c5

7 changed files with 74 additions and 89 deletions
Show Stats Expand all files Collapse all files

9
scan-options.php → advanced-scan.php
View File

@ -1,6 +1,13 @@
<?php <?php
include_once 'common.php'; $name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[^<>:"\/|?]+$/'],
]);
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'],
]);
if (!$targets) { if (!$targets) {
$targets = $_SERVER['SERVER_NAME'].' '.$_SERVER['REMOTE_ADDR']; $targets = $_SERVER['SERVER_NAME'].' '.$_SERVER['REMOTE_ADDR'];
} }

13
common.php
View File

@ -1,13 +0,0 @@
<?php
include_once 'config.php';
$name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[^<>:"\/|?]+$/'],
]);
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'],
]);

4
config.php
View File

@ -1,4 +1,4 @@
<?php <?php
$SCANS_DIR = 'scans';
$NMAP_OPTIONS = '-PSssh,http,https,msrpc,microsoft-ds -F -T5'; $NMAP_OPTIONS = '-PSssh,http,https,msrpc,microsoft-ds -F -T5';
$SCANS_DIR = 'scans';
?>

36
index.php
View File

@ -1,4 +1,11 @@
<?php include_once 'common.php'; ?> <?php
include_once 'config.php';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => '/^[\da-zA-Z.:\/_ -]+$/'],
]);
?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fr"> <html lang="fr">
@ -20,21 +27,18 @@
<a class="header item" href="."> <a class="header item" href=".">
lan<?php include 'logo.svg'; ?>can lan<?php include 'logo.svg'; ?>can
</a> </a>
<form class="right menu"> <div class="right menu">
<div class="ui category search item"> <iconsearch class="ui right aligned search category item">
<div class="ui icon input"> <div class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" required="" <form id="newScanForm" class="ui form" method="get" action="scan.php">
pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" placeholder="Scanner un réseau..." <input class="prompt" type="text" name="targets" placeholder="Scanner un réseau..." required="" autocomplete="off" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. Exemple: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>" pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" />
Exemple: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?>"/> </form>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
<button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button> </div>
</div> <div class="results"></div>
</div> </iconsearch>
<div class="item" > </div>
<button class="ui teal button" type="submit" formaction="scan-options.php" formmethod="get">Options</button>
</div>
</form>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">

15
rdp.php
View File

@ -1,15 +1,6 @@
<?php <?php
$host = filter_input(INPUT_GET, 'v', FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) ?: filter_input(INPUT_GET, 'v', FILTER_VALIDATE_IP); header('Content-Disposition: attachment; filename='.str_replace(':', '_', $_GET['v']).'.rdp');
if (!$host) {
exit();
}
$port = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT);
if ($port) {
$host = "$host:$port";
}
header("Content-Disposition: attachment; filename=$host.rdp");
header('Content-Type: application/rdp'); header('Content-Type: application/rdp');
echo "full address:s:$host\n"; echo "full address:s:${_GET['v']}\n";
exit();

55
scan.php
View File

@ -1,16 +1,14 @@
<?php <?php
include_once 'config.php'; include_once 'config.php';
$targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [ $targets = filter_input(INPUT_GET, 'targets', FILTER_VALIDATE_REGEXP, [
'flags' => FILTER_NULL_ON_FAILURE, 'flags' => FILTER_NULL_ON_FAILURE,
'options' => ['regexp' => "/^[\da-zA-Z.:\/_ -]+$/"], 'options' => ['regexp' => "/^[\da-zA-Z.:\/_ -]+$/"],
]); ]);
if (!$targets) {
$name = filter_input(INPUT_GET, 'name', FILTER_VALIDATE_REGEXP, [ http_response_code(400);
'flags' => FILTER_NULL_ON_FAILURE, exit('Paramètre targets manquant.');
'options' => ['regexp' => '/^[^@<>:"\/|!?]+$/'], }
]);
$dir = $SCANS_DIR; $dir = $SCANS_DIR;
if (!file_exists($SCANS_DIR)) { if (!file_exists($SCANS_DIR)) {
@ -28,27 +26,28 @@ if (file_exists($initPath)) {
$basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}".dirname($_SERVER['REQUEST_URI']); $basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}".dirname($_SERVER['REQUEST_URI']);
$result = `nmap $NMAP_OPTIONS --stylesheet $basedir/stylesheet.xsl -oX - $targets`; $result = `nmap $NMAP_OPTIONS --stylesheet $basedir/stylesheet.xsl -oX - $targets`;
if (!$result) {
if ($result) {
$xml = new DOMDocument();
$xml->loadXML($result);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='targets' value='$targets'"), $xml->documentElement);
$dir = $SCANS_DIR;
if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR);
}
$path = "$SCANS_DIR/".str_replace('/', '!', $targets).'.xml';
if (!file_exists($path)) {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value=''"), $xml->documentElement);
$xml->save($path);
} else {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value='$path'"), $xml->documentElement);
}
header('Content-type: text/xml');
exit($xml->saveXML());
} else {
http_response_code(500); http_response_code(500);
exit(); exit();
} }
$xml = new DOMDocument();
$xml->loadXML($result);
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='targets' value='$targets'"), $xml->documentElement);
$dir = $SCANS_DIR;
if (!file_exists($SCANS_DIR)) {
mkdir($SCANS_DIR);
}
$path = "$SCANS_DIR/".str_replace('/', '!', $targets).'.xml';
if (!file_exists($path)) {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value=''"), $xml->documentElement);
$xml->save($path);
} else {
$xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value='$path'"), $xml->documentElement);
}
header('Content-type: text/xml');
exit($xml->saveXML());

31
stylesheet.xsl
View File

@ -31,7 +31,7 @@
<body> <body>
<nav class="ui inverted teal fixed menu"> <nav class="ui inverted teal fixed menu">
<a class="header item" href="./?targets={$targets}"> <a class="header item" href=".">
<xsl:text>lan</xsl:text> <xsl:text>lan</xsl:text>
<svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40" <svg class="logo" version="1.1" id="Layer_1" x="0px" y="0px" viewBox="0 0 24 24" xml:space="preserve" width="40" height="40"
xmlns="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg"
@ -83,21 +83,18 @@
<xsl:text>can</xsl:text> <xsl:text>can</xsl:text>
</a> </a>
<form class="right menu"> <div class="right menu">
<div class="ui category search item"> <iconsearch class="ui right aligned search category item">
<div class="ui icon input"> <div class="ui icon input">
<input class="prompt" type="text" id="targetsInput" name="targets" required="" <form id="newScanForm" class="ui form" method="get" action="scan.php">
pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" placeholder="Scanner un réseau..." <input class="prompt" type="text" name="targets" placeholder="Scanner un réseau..." required="" autocomplete="off" title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc. Exemple: scanme.nmap.org microsoft.com/24 192.168.0.1 10.0-255.0-255.1-254" pattern="[a-zA-Z0-9._\/ \-]+" value="{$targets}" />
Exemple: 192.168.1.0/24 scanme.nmap.org"/> </form>
<i class="satellite dish icon"></i> <i class="satellite dish icon"></i>
<button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button> </div>
</div> <div class="results"></div>
</div> </iconsearch>
<div class="item" > </div>
<button class="ui teal button" type="submit" formaction="scan-options.php" formmethod="get">Options</button>
</div>
</form>
</nav> </nav>
<main class="ui main container"> <main class="ui main container">
@ -249,7 +246,7 @@ Exemple: 192.168.1.0/24 scanme.nmap.org"/>
</xsl:attribute> </xsl:attribute>
</xsl:if> </xsl:if>
<xsl:if test="service/@name='ms-wbt-server'"> <xsl:if test="service/@name='ms-wbt-server'">
<xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress" />&amp;p=<xsl:value-of select="@portid" /> <xsl:attribute name="href">rdp.php?v=<xsl:value-of select="$hostAddress" />:<xsl:value-of select="@portid" />
</xsl:attribute> </xsl:attribute>
</xsl:if> </xsl:if>
<xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table"> <xsl:if test="(service/@name='microsoft-ds' or service/@name='netbios-ssn') and ../../hostscript/script[@id='smb-shares-size']/table">