Skip to content

Commit

Permalink
⚡ Added latest improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
@Jiab77
Jiab77 committed Apr 5, 2021
1 parent 0675e6c commit 1249d17
Show file tree
Hide file tree
Showing 4 changed files with 208 additions and 112 deletions.
17 changes: 10 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,21 @@ echo "$USER ALL = NOPASSWD: $(which nmap)" | sudo tee -a /etc/sudoers.d/nmap

## Usage

1. Start minimal web server
1. Start backend web server

```bash
node server.js
# For PHP
php -S localhost:8000 backend.php
```

2. Start API web server
> The NodeJS version of the backend is not ready yet.
2. Start frontend web server

```bash
# For PHP:
php -S localhost:8000 server.php
# For PHP
php -S localhost:8001 server.php

# For NodeJS:
# TODO
# For NodeJS
node server.js
```
91 changes: 91 additions & 0 deletions backend.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
<?php
// Using F3 Framework as middleware
$f3 = require(__DIR__ . '/fatfree-master/lib/base.php');

// CORS
$f3->set('CORS.origin', '*');
$f3->set('CORS.headers', '*');
/* if ($f3->get('HEADERS.Origin') !== '') {
$f3->copy('HEADERS.Origin','CORS.origin');
}
else {
$f3->set('CORS.origin', '*');
} */

// Defining authorized routes
$f3->route('GET /',
function() {
echo 'Hello, world!';
}
);
$f3->route('GET /debug',
function($f3) {
echo '<pre>' . PHP_EOL;
print_r($f3);
echo '</pre>' . PHP_EOL;
}
);
$f3->route('GET /info',
function() {
phpinfo();
}
);
$f3->route('GET /queue',
function() {
echo '<pre>' . PHP_EOL;
echo 'Showing nmap process queue:' . PHP_EOL . PHP_EOL;
passthru('ps -efH | grep -v grep | grep nmap');
echo '</pre>' . PHP_EOL;
}
);
$f3->route('GET /report',
function($f3) {
header('Content-Type: text/xml');
$report = $f3->read(sys_get_temp_dir() . '/report.xml');
echo $report;
}
);
$f3->route('GET /report/@format',
function($f3, $params) {
switch ($params['format']) {
case 'html':
echo '<pre>' . PHP_EOL;
echo 'Reading XML report: ' . sys_get_temp_dir() . '/report.xml' . PHP_EOL;
passthru('file ' . sys_get_temp_dir() . '/report.xml');
echo PHP_EOL . htmlentities($f3->read(sys_get_temp_dir() . '/report.xml'));
echo '</pre>' . PHP_EOL;
break;

case 'raw':
echo 'Reading XML report: ' . sys_get_temp_dir() . '/report.xml' . PHP_EOL;
passthru('file ' . sys_get_temp_dir() . '/report.xml');
echo PHP_EOL . $f3->read(sys_get_temp_dir() . '/report.xml') . PHP_EOL;
break;

default:
echo 'Unsupported format.' . PHP_EOL;
break;
}
}
);
$f3->route('GET /help',
function() {
echo '<pre>' . PHP_EOL;
echo 'Running cmd: /usr/bin/nmap --help' . PHP_EOL . PHP_EOL;
passthru('/usr/bin/nmap --help');
echo '</pre>' . PHP_EOL;
}
);
$f3->route('POST /scan/@target',
function($f3, $params) {
// passthru('sudo /usr/bin/nmap -A -sS -vv -Pn localhost -oX /tmp/report.xml 2>&1 &');
// passthru('sudo /usr/bin/nmap -A -sS -vv -Pn localhost -oX /tmp/report.xml 2>&1');
if (!empty($params['target'])) {
passthru('sudo /usr/bin/nmap -A -sS -vv -Pn ' . escapeshellarg(base64_decode($params['target'])) . ' -oX /tmp/report.xml 2>&1');
}
else {
echo 'Host not defined.' . PHP_EOL;
}
}
);
$f3->run();
150 changes: 105 additions & 45 deletions parser.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -317,48 +317,106 @@ $(function () {
html += '</tr>';
html += '</thead>';
html += '<tbody>';
html += '<tr>';

// IP
html += '<td>' + (
Array.isArray(data.host.address)
? data.host.address[0]._addr
: data.host.address._addr
) + '</td>';

// MAC
html += '<td>' + (
Array.isArray(data.host.address) && data.host.address.length > 1
? data.host.address[1]._addr
: 'N/A'
) + '</td>';

// Hostname
html += '<td><a href="#!" onclick="$(\'.ui.modal\').modal(\'show\');">' + (
Array.isArray(data.host.hostnames.hostname)
? data.host.hostnames.hostname[0]._name
: data.host.hostnames.hostname._name
) + '</a></td>';

// Port(s)
html += '<td class="center aligned"><a href="#!" onclick="$(\'.ui.modal\').modal(\'show\');">' + (
Array.isArray(data.host.ports.port)
? data.host.ports.port.length
: data.host.ports.port._portid + '/' + data.host.ports.port._protocol + ' (' + data.host.ports.port.service._name + ')'
) + '</a></td>';

// Date start
html += '<td>' + data._startstr + '</td>';

// Date end
html += '<td>' + data.runstats.finished._timestr + '</td>';

// Time elapsed
html += '<td class="center aligned">' + data.runstats.finished._elapsed + '</td>';

// Exit status
html += '<td>' + data.runstats.finished._exit + '</td>';
html += '</tr>';
if (Array.isArray(data.host)) {
for (let index = 0; index < data.host.length; index++) {
const scannedHost = data.host[index];

console.log(scannedHost);

html += '<tr>';

// IP
html += '<td>' + (
Array.isArray(scannedHost.address)
? scannedHost.address[0]._addr
: scannedHost.address._addr
) + '</td>';

// MAC
html += '<td>' + (
Array.isArray(scannedHost.address) && scannedHost.address.length > 1
? scannedHost.address[1]._addr
: 'N/A'
) + '</td>';

// Hostname
html += '<td><a href="#!" onclick="$(\'.ui.modal\').modal(\'show\');">' + (
Array.isArray(scannedHost.hostnames.hostname)
? scannedHost.hostnames.hostname[0]._name
: scannedHost.hostnames.hostname._name
) + '</a></td>';

// Port(s)
html += '<td class="center aligned"><a href="#!" onclick="$(\'.ui.modal\').modal(\'show\');">' + (
Array.isArray(scannedHost.ports.port)
? scannedHost.ports.port.length
: scannedHost.ports.port._portid + '/' + scannedHost.ports.port._protocol + ' (' + scannedHost.ports.port.service._name + ')'
) + '</a></td>';

// Date start
html += '<td>' + data._startstr + '</td>';

// Date end
html += '<td>' + data.runstats.finished._timestr + '</td>';

// Time elapsed
html += '<td class="center aligned">' + data.runstats.finished._elapsed + '</td>';

// Exit status
html += '<td>' + data.runstats.finished._exit + '</td>';
html += '</tr>';
}
}
else {
const scannedHost = data.host;

console.log(scannedHost);

html += '<tr>';

// IP
html += '<td>' + (
Array.isArray(scannedHost.address)
? scannedHost.address[0]._addr
: scannedHost.address._addr
) + '</td>';

// MAC
html += '<td>' + (
Array.isArray(scannedHost.address) && scannedHost.address.length > 1
? scannedHost.address[1]._addr
: 'N/A'
) + '</td>';

// Hostname
html += '<td><a href="#!" onclick="$(\'.ui.modal\').modal(\'show\');">' + (
Array.isArray(scannedHost.hostnames.hostname)
? scannedHost.hostnames.hostname[0]._name
: scannedHost.hostnames.hostname._name
) + '</a></td>';

// Port(s)
html += '<td class="center aligned"><a href="#!" onclick="$(\'.ui.modal\').modal(\'show\');">' + (
Array.isArray(scannedHost.ports.port)
? scannedHost.ports.port.length
: scannedHost.ports.port._portid + '/' + scannedHost.ports.port._protocol + ' (' + scannedHost.ports.port.service._name + ')'
) + '</a></td>';

// Date start
html += '<td>' + data._startstr + '</td>';

// Date end
html += '<td>' + data.runstats.finished._timestr + '</td>';

// Time elapsed
html += '<td class="center aligned">' + data.runstats.finished._elapsed + '</td>';

// Exit status
html += '<td>' + data.runstats.finished._exit + '</td>';
html += '</tr>';
}

html += '</tbody>';
html += '</table>';

Expand All @@ -382,8 +440,10 @@ $(function () {
html += '</thead>';
html += '<tbody>';

for (let index = 0; index < Report.converted.nmaprun.host.ports.port.length; index++) {
const port = Report.converted.nmaprun.host.ports.port[index];
for (let index = 0; index < data.host.ports.port.length; index++) {
const port = data.host.ports.port[index];

console.log(port);

html += '<tr>';
html += '<td>' + port._portid + '/' + port._protocol + '</td>';
Expand All @@ -409,8 +469,8 @@ $(function () {
html += '</table>';
html += '</div>';
html += '<div class="actions">';
html += '<div class="ui ok green inverted button">Ok</div>';
html += '<div class="ui cancel button">Cancel</div>';
html += '<div class="ui ok green inverted button">Close</div>';
// html += '<div class="ui cancel button">Cancel</div>';
html += '</div>';
html += '</div>';

Expand Down
62 changes: 2 additions & 60 deletions server.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
// Defining authorized routes
$f3->route('GET /',
function() {
echo 'Hello, world!';
readfile(__DIR__ . '/index.html');
}
);
$f3->route('GET /debug',
Expand All @@ -30,62 +30,4 @@ function() {
phpinfo();
}
);
$f3->route('GET /queue',
function() {
echo '<pre>' . PHP_EOL;
echo 'Showing nmap process queue:' . PHP_EOL . PHP_EOL;
passthru('ps -efH | grep -v grep | grep nmap');
echo '</pre>' . PHP_EOL;
}
);
$f3->route('GET /report',
function($f3) {
header('Content-Type: text/xml');
$report = $f3->read(sys_get_temp_dir() . '/report.xml');
echo $report;
}
);
$f3->route('GET /report/@format',
function($f3, $params) {
switch ($params['format']) {
case 'html':
echo '<pre>' . PHP_EOL;
echo 'Reading XML report: ' . sys_get_temp_dir() . '/report.xml' . PHP_EOL;
passthru('file ' . sys_get_temp_dir() . '/report.xml');
echo PHP_EOL . htmlentities($f3->read(sys_get_temp_dir() . '/report.xml'));
echo '</pre>' . PHP_EOL;
break;

case 'raw':
echo 'Reading XML report: ' . sys_get_temp_dir() . '/report.xml' . PHP_EOL;
passthru('file ' . sys_get_temp_dir() . '/report.xml');
echo PHP_EOL . $f3->read(sys_get_temp_dir() . '/report.xml') . PHP_EOL;
break;

default:
echo 'Unsupported format.' . PHP_EOL;
break;
}
}
);
$f3->route('GET /help',
function() {
echo '<pre>' . PHP_EOL;
echo 'Running cmd: /usr/bin/nmap --help' . PHP_EOL . PHP_EOL;
passthru('/usr/bin/nmap --help');
echo '</pre>' . PHP_EOL;
}
);
$f3->route('POST /scan/@target',
function($f3, $params) {
// passthru('sudo /usr/bin/nmap -A -sS -vv -Pn localhost -oX /tmp/report.xml 2>&1 &');
// passthru('sudo /usr/bin/nmap -A -sS -vv -Pn localhost -oX /tmp/report.xml 2>&1');
if (!empty($params['target'])) {
passthru('sudo /usr/bin/nmap -A -sS -vv -Pn ' . escapeshellarg(base64_decode($params['target'])) . ' -oX /tmp/report.xml 2>&1');
}
else {
echo 'Host not defined.' . PHP_EOL;
}
}
);
$f3->run();
$f3->run();

0 comments on commit 1249d17

Please sign in to comment.