-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathbackend.php
91 lines (87 loc) · 2.27 KB
/
backend.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
// Using F3 Framework as middleware
$f3 = require(__DIR__ . '/fatfree-master/lib/base.php');
// CORS
$f3->set('CORS.origin', '*');
$f3->set('CORS.headers', '*');
/* if ($f3->get('HEADERS.Origin') !== '') {
$f3->copy('HEADERS.Origin','CORS.origin');
}
else {
$f3->set('CORS.origin', '*');
} */
// Defining authorized routes
$f3->route('GET /',
function() {
echo 'Hello, world!';
}
);
$f3->route('GET /debug',
function($f3) {
echo '<pre>' . PHP_EOL;
print_r($f3);
echo '</pre>' . PHP_EOL;
}
);
$f3->route('GET /info',
function() {
phpinfo();
}
);
$f3->route('GET /queue',
function() {
echo '<pre>' . PHP_EOL;
echo 'Showing nmap process queue:' . PHP_EOL . PHP_EOL;
passthru('ps -efH | grep -v grep | grep nmap');
echo '</pre>' . PHP_EOL;
}
);
$f3->route('GET /report',
function($f3) {
header('Content-Type: text/xml');
$report = $f3->read(sys_get_temp_dir() . '/report.xml');
echo $report;
}
);
$f3->route('GET /report/@format',
function($f3, $params) {
switch ($params['format']) {
case 'html':
echo '<pre>' . PHP_EOL;
echo 'Reading XML report: ' . sys_get_temp_dir() . '/report.xml' . PHP_EOL;
passthru('file ' . sys_get_temp_dir() . '/report.xml');
echo PHP_EOL . htmlentities($f3->read(sys_get_temp_dir() . '/report.xml'));
echo '</pre>' . PHP_EOL;
break;
case 'raw':
echo 'Reading XML report: ' . sys_get_temp_dir() . '/report.xml' . PHP_EOL;
passthru('file ' . sys_get_temp_dir() . '/report.xml');
echo PHP_EOL . $f3->read(sys_get_temp_dir() . '/report.xml') . PHP_EOL;
break;
default:
echo 'Unsupported format.' . PHP_EOL;
break;
}
}
);
$f3->route('GET /help',
function() {
echo '<pre>' . PHP_EOL;
echo 'Running cmd: /usr/bin/nmap --help' . PHP_EOL . PHP_EOL;
passthru('/usr/bin/nmap --help');
echo '</pre>' . PHP_EOL;
}
);
$f3->route('POST /scan/@target',
function($f3, $params) {
// passthru('sudo /usr/bin/nmap -A -sS -vv -Pn localhost -oX /tmp/report.xml 2>&1 &');
// passthru('sudo /usr/bin/nmap -A -sS -vv -Pn localhost -oX /tmp/report.xml 2>&1');
if (!empty($params['target'])) {
passthru('sudo /usr/bin/nmap -A -sS -vv -Pn ' . escapeshellarg(base64_decode($params['target'])) . ' -oX /tmp/report.xml 2>&1');
}
else {
echo 'Host not defined.' . PHP_EOL;
}
}
);
$f3->run();