Extension of the NMAP functionality

- Remove nmap session log button from settings page - Remove nmap modal box - Update language files (scan infos moved to faq/help page) - insert nmap scan results to db - changed scan results presentation - set timeout for nmap scan Regarding to #271
leiweibau · Mar 19, 2024 · ca1bff0 · ca1bff0
1 parent e63d571
commit ca1bff0
Show file tree

Hide file tree

Showing 9 changed files with 127 additions and 73 deletions.
diff --git a/front/deviceDetails.php b/front/deviceDetails.php
@@ -556,7 +556,7 @@ function speedtest_ookla(modus) {
                   <script>
                       setTimeout(function(){
                         document.getElementById('btnwakeonlan').innerHTML='<?=$pia_lang['DevDetail_Tools_WOL'];?> ' + document.getElementById('txtLastIP').value + '';
-                      }, 2000);
+                      }, 3000);
                   </script>
                   <button type="button" id="btnwakeonlan" class="btn btn-primary pa-btn" onclick="askwakeonlan()">Loading...</button>
                 </div>
@@ -570,23 +570,25 @@ function speedtest_ookla(modus) {
                         document.getElementById('manualnmap_fast').innerHTML='<?=$pia_lang['DevDetail_Tools_nmap_buttonFast'];?> (' + document.getElementById('txtLastIP').value +')';
                         document.getElementById('manualnmap_normal').innerHTML='<?=$pia_lang['DevDetail_Tools_nmap_buttonDefault'];?> (' + document.getElementById('txtLastIP').value +')';
                         document.getElementById('manualnmap_detail').innerHTML='<?=$pia_lang['DevDetail_Tools_nmap_buttonDetail'];?> (' + document.getElementById('txtLastIP').value +')';
-                      }, 2000);
+                      }, 3000);
                   </script>
 
                   <button type="button" id="manualnmap_fast" class="btn btn-primary pa-btn" onclick="manualnmapscan(document.getElementById('txtLastIP').value, 'fast')">Loading...</button>
                   <button type="button" id="manualnmap_normal" class="btn btn-primary pa-btn" onclick="manualnmapscan(document.getElementById('txtLastIP').value, 'normal')">Loading...</button>
                   <button type="button" id="manualnmap_detail" class="btn btn-primary pa-btn" onclick="manualnmapscan(document.getElementById('txtLastIP').value, 'detail')">Loading...</button>
 
-                  <div style="text-align: left;">
+<!--                   <div style="text-align: left;">
                     <ul style="padding:20px;">
                       <li><?=$pia_lang['DevDetail_Tools_nmap_buttonFast_text'];?></li>
                       <li><?=$pia_lang['DevDetail_Tools_nmap_buttonDefault_text'];?></li>
                       <li><?=$pia_lang['DevDetail_Tools_nmap_buttonDetail_text'];?></li>
                     </ul>
-                  </div>
+                  </div> -->
                 </div>
 
-                <div id="scanoutput" style="margin-top: 30px;"></div>
+                <div id="scanoutput" style="margin-top: 30px;">
+
+                </div>
                   <script>
                   function manualnmapscan(targetip, mode) {
                     $( "#scanoutput" ).empty();
@@ -1664,4 +1666,21 @@ function wakeonlan() {
   });
 }
 
+function showmanualnmapscan(targetip) {
+  $( "#scanoutput" ).empty();
+  $.ajax({
+    method: "POST",
+    url: "./php/server/nmap_scan.php",
+    timeout: 60000,
+    data: { scan: targetip, mode: "view" },
+    success: function(data, textStatus) {
+        $("#scanoutput").html(data);
+    }
+  })
+}
+
+setTimeout(function(){
+  showmanualnmapscan(document.getElementById('txtLastIP').value);
+}, 3000);
+
 </script>
diff --git a/front/maintenance.php b/front/maintenance.php
@@ -317,7 +317,6 @@ function print_logviewer_modal_foot() {
             <button type="button" id="wefwfwefewdf" class="btn btn-primary main_logviwer_button_m" data-toggle="modal" data-target="#modal-logviewer-iplog"><?=$pia_lang['Maintenance_Tools_Logviewer_IPLog'];?></button>
             <button type="button" id="tzhrsreawefw" class="btn btn-primary main_logviwer_button_m" data-toggle="modal" data-target="#modal-logviewer-vendor"><?=$pia_lang['Maintenance_Tools_Logviewer_Vendor'];?></button>
             <button type="button" id="arzuozhrsfga" class="btn btn-primary main_logviwer_button_m" data-toggle="modal" data-target="#modal-logviewer-cleanup"><?=$pia_lang['Maintenance_Tools_Logviewer_Cleanup'];?></button>
-            <button type="button" id="ufiienfflgze" class="btn btn-primary main_logviwer_button_m" data-toggle="modal" data-target="#modal-logviewer-nmap"><?=$pia_lang['Maintenance_Tools_Logviewer_Nmap'];?></button>
 <?php
 if ($_SESSION['Scan_WebServices'] == True) {
 	echo '<button type="button" id="erftttwrdwqqq" class="btn btn-primary main_logviwer_button_m" data-toggle="modal" data-target="#modal-logviewer-webservices">' . $pia_lang['Maintenance_Tools_Logviewer_WebServices'] . '</button>';
@@ -340,10 +339,6 @@ function print_logviewer_modal_foot() {
 // // Cleanup
 print_logviewer_modal_head('cleanup', 'pialert.cleanup.log (File)');
 print_logviewer_modal_foot();
-// // Nmap
-print_logviewer_modal_head('nmap', 'last Nmap Scan (Memory)');
-if (!isset($_SESSION['ScanShortMem_NMAP'])) {echo $pia_lang['Maintenance_Tools_Logviewer_Nmap_empty'];} else {echo $_SESSION['ScanShortMem_NMAP'];}
-print_logviewer_modal_foot();
 // // WebServices
 if ($_SESSION['Scan_WebServices'] == True) {
  	print_logviewer_modal_head('webservices', 'pialert.webservices.log (File)');

diff --git a/front/php/server/nmap_scan.php b/front/php/server/nmap_scan.php
@@ -1,6 +1,6 @@
 <?php
-ini_set('max_execution_time', '60');
-set_time_limit(60);
+ini_set('max_execution_time', '80');
+set_time_limit(80);
 session_start();
 
 if ($_SESSION["login"] != 1) {
@@ -24,6 +24,7 @@
 // Open DB
 OpenDB();
 
+// functions -------------------------------------------------------
 // Check given host/mac
 function crosscheckIP($query_ip) {
 	global $db;
@@ -66,57 +67,104 @@ function nmap_trim_portlist($P_start, $P_end, $array) {
 	}
 	return $final_portlist;
 }
+// Format portlist output
+function create_portlist_table($portliststring) {
+	$temp_array = explode("\n", $portliststring);
+	for ($i=0;$i<sizeof($temp_array);$i++) {
+		$temp_ports = explode("###", $temp_array[$i]);
+		echo '<div class="row">
+		          <div class="col-xs-2">'.$temp_ports[0] .'</div>
+		          <div class="col-xs-2">'. $temp_ports[1] .'</div>
+		          <div class="col-xs-2">'. $temp_ports[2] . '</div>
+		          <div class="col-xs-6">'. $temp_ports[3] . '</div>
+		      </div>';
+	}
+}
 
+
+// Main action (Scan Mode)-------------------------------------------------------
 // Check if IP is valid
-if (filter_var($PIA_HOST_IP, FILTER_VALIDATE_IP)) {
-
-	// Check if IP is already known and in DB
-	$db_crosscheck = crosscheckIP($PIA_HOST_IP);
-	if (isset($db_crosscheck)) {
-		if ($PIA_SCAN_MODE == 'fast') {
-			exec('nmap -F ' . $PIA_HOST_IP, $nmap_scan_results);
-		} elseif ($PIA_SCAN_MODE == 'normal') {
-			exec('nmap ' . $PIA_HOST_IP, $nmap_scan_results);
-		} elseif ($PIA_SCAN_MODE == 'detail') {
-			exec('sudo nmap -sU -sT -p U:53,67-69,111,137,512,514,525,1701,1719,T:1-65535 --max-retries 0 ' . $PIA_HOST_IP, $nmap_scan_results);
+if ($_REQUEST['mode'] != "view") {
+	if (filter_var($PIA_HOST_IP, FILTER_VALIDATE_IP)) {
+
+		// Check if IP is already known and in DB
+		$db_crosscheck = crosscheckIP($PIA_HOST_IP);
+		if (isset($db_crosscheck)) {
+			if ($PIA_SCAN_MODE == 'fast') {
+				exec('nmap -F ' . $PIA_HOST_IP, $nmap_scan_results);
+			} elseif ($PIA_SCAN_MODE == 'normal') {
+				exec('nmap ' . $PIA_HOST_IP, $nmap_scan_results);
+			} elseif ($PIA_SCAN_MODE == 'detail') {
+				exec('timeout 60 sudo nmap -sU -sT -p U:53,67-69,111,137,512,514,525,1701,1719,T:1-65535 --max-retries 0 ' . $PIA_HOST_IP, $nmap_scan_results);
+			}
+			// Logging
+			pialert_logging('a_002', $_SERVER['REMOTE_ADDR'], 'LogStr_0210', '', $PIA_SCAN_MODE . ' Scan: ' . $PIA_HOST_IP);
+		} else {echo "Unknown IP";exit;}
+	} else {echo "Wrong parameter";exit;}
+
+	// Get start and end of the nmap portlist
+	$array_pointer = nmap_search_portlist($nmap_scan_results);
+	if (sizeof($array_pointer) == 2) {
+		// if start and end pointer
+	 	$nmap_scan_portlist = nmap_trim_portlist($array_pointer['start'], $array_pointer['end'], $nmap_scan_results);	
+	} else {
+		// empty array if no start and end pointer
+	    $nmap_scan_portlist = array();
+	}
+
+	echo '<h4>Scan (' . $PIA_SCAN_MODE . ') Results of: ' . $PIA_HOST_IP . '</h4>';
+	echo '<pre style="border: none;">';
+	// Prepare short term memory
+	$PIA_SCAN_TIME = date('Y-m-d H:i:s');
+	// Output formated nmap report
+	if (sizeof($nmap_scan_portlist) > 0) {
+		// <pre>-Output header
+		echo "Port\tProtocol\tStatus\tService\n";
+		// DB-String header
+		//$PIA_SCAN_RESULT = "Port###Protocol###Status###Service\n";
+		foreach ($nmap_scan_portlist as $line) {
+			// Add line break
+			if (isset($PIA_SCAN_RESULT)) {$PIA_SCAN_RESULT = $PIA_SCAN_RESULT."\n";}
+			if ($line['status'] != "open|filtered") {
+				// <pre>-Output
+				echo $line['port'] . "\t" . $line['protocol'] . "\t\t" . $line['status'] . "\t". $line['service'] . "\n";
+				// DB-String
+				$PIA_SCAN_RESULT = $PIA_SCAN_RESULT . $line['port'] . "###" . $line['protocol'] . "###" . $line['status'] . "###". $line['service'];
+			}
 		}
-		// Logging
-		pialert_logging('a_002', $_SERVER['REMOTE_ADDR'], 'LogStr_0210', '', $PIA_SCAN_MODE . ' Scan: ' . $PIA_HOST_IP);
-	} else {echo "Unknown IP";exit;}
-} else {echo "Wrong parameter";exit;}
-echo '<h4>Scan (' . $PIA_SCAN_MODE . ') Results of: ' . $PIA_HOST_IP . '</h4>';
-echo '<pre style="border: none;">';
-
-// Prepare short term memory
-$PIA_SCAN_TIME = date('Y-m-d H:i:s');
-
-unset($_SESSION['ScanShortMem_NMAP']);
-$_SESSION['ScanShortMem_NMAP'] = 'Last Nmap Scan<br><br><span style="display:inline-block; width: 100px;">Scan Target:</span> ' . $PIA_HOST_IP . '<br><span style="display:inline-block; width: 100px;">Scan Mode:</span> ' . $PIA_SCAN_MODE . '<br><span style="display:inline-block; width: 100px;">Scan Time:</span> ' . $PIA_SCAN_TIME . '<br><br>Result:<br>';
-
-// Get start and end of the nmap portlist
-$array_pointer = nmap_search_portlist($nmap_scan_results);
-if (sizeof($array_pointer) == 2) {
-	// if start and end pointer
- 	$nmap_scan_portlist = nmap_trim_portlist($array_pointer['start'], $array_pointer['end'], $nmap_scan_results);	
-} else {
-	// empty array if no start and end pointer
-    $nmap_scan_portlist = array();
-}
+		// Save to db
+		$sql = 'INSERT INTO "Tools_Nmap_ManScan" ("scan_date", "scan_target", "scan_type", "scan_result", "reserve_a", "reserve_b", "reserve_c", "reserve_d") VALUES("' . $PIA_SCAN_TIME . '", "' . $PIA_HOST_IP . '", "' . $PIA_SCAN_MODE . '", "' . $PIA_SCAN_RESULT . '", "", "", "", "")';
+		$result = $db->exec($sql);
+	} else {
+		echo $pia_lang['nmap_no_scan_results'];
+	}
+	echo '</pre>';
+} elseif ($_REQUEST['mode'] == "view") {
+// Main action (View Mode)-------------------------------------------------------
+	if (filter_var($PIA_HOST_IP, FILTER_VALIDATE_IP)) {
+		$res = $db->query('SELECT * FROM Tools_Nmap_ManScan WHERE scan_target="' . $PIA_HOST_IP . '" ORDER BY scan_date DESC LIMIT 1');
+		$row = $res->fetchArray();
 
-// Output formated nmap report
-if (sizeof($nmap_scan_portlist) > 0) {
-	echo "Port\tProtocol\tStatus\tService\n";
-	foreach ($nmap_scan_portlist as $line) {
-		if ($line['status'] != "open|filtered") {
-			echo $line['port'] . "\t" . $line['protocol'] . "\t\t" . $line['status'] . "\t". $line['service'] . "\n";
-			// Safe last Scan result in Session (Short term memory)
-			$_SESSION['ScanShortMem_NMAP'] = $_SESSION['ScanShortMem_NMAP'] . $line['port'] . " - " . $line['protocol'] . " - " . $line['status'] . " - ". $line['service'] . '<br>';
+		if ($row != "") {
+			echo '<h4>Last scan Results of ' . $row['scan_target'] . '</h4>';
+			echo '<div class="row">
+      				<div class="col-md-6">
+      					<div class="row">
+      					   <div class="col-xs-3"><b>Scan Date:</b></div>
+      					   <div class="col-xs-6"> '.$row['scan_date'].'</div>
+      					</div>
+      					<div class="row">
+      					   <div class="col-xs-3"><b>Scan Mode:</b></div>
+      					   <div class="col-xs-6"> '.$row['scan_type'].'</div>
+      					</div>';
+			create_portlist_table($row['scan_result']);
+			echo '  </div>
+			      </div>';
 		}
+
 	}
-} else {
-	echo $pia_lang['nmap_no_scan_results'];
-}
 
-echo '</pre>';
+
+}
 
 ?>
diff --git a/front/php/templates/language/de_de.php b/front/php/templates/language/de_de.php
@@ -268,9 +268,6 @@
 $pia_lang['DevDetail_Tools_nmap_buttonFast'] = 'Schneller Scan';
 $pia_lang['DevDetail_Tools_nmap_buttonDefault'] = 'Standard Scan';
 $pia_lang['DevDetail_Tools_nmap_buttonDetail'] = 'Detailierter Scan';
-$pia_lang['DevDetail_Tools_nmap_buttonFast_text'] = 'Schneller Scan: Überprüft nur die wichtigsten 100 Ports (wenige Sekunden)';
-$pia_lang['DevDetail_Tools_nmap_buttonDefault_text'] = 'Standard Scan: Nmap scannt die ersten 1.000 Ports für jedes angeforderte Scan-Protokoll. (ca. 5-10 Sekunden)';
-$pia_lang['DevDetail_Tools_nmap_buttonDetail_text'] = 'Detailierter Scan: Der Scan wurde um einige UDP Ports erweitert. Ebenfalls wurde die Range der TCP Ports vergrößert.';
 $pia_lang['DevDetail_Tools_WOL'] = 'Sende Wol Befehl an ';
 $pia_lang['DevDetail_Tools_WOL_noti'] = 'Wake-on-LAN';
 $pia_lang['DevDetail_Tools_WOL_noti_text'] = 'Das Wake-on-LAN Kommando wird an die Broadcast Adresse gesendet. Wenn das Ziel nicht in dem Subnet/vlan von Pi.Alert ist, wird das Ziel-Gerät nicht reagieren.';

diff --git a/front/php/templates/language/en_us.php b/front/php/templates/language/en_us.php
@@ -268,9 +268,6 @@
 $pia_lang['DevDetail_Tools_nmap_buttonFast'] = 'Fast Scan';
 $pia_lang['DevDetail_Tools_nmap_buttonDefault'] = 'Default Scan';
 $pia_lang['DevDetail_Tools_nmap_buttonDetail'] = 'Detailed Scan';
-$pia_lang['DevDetail_Tools_nmap_buttonFast_text'] = 'Fast Scan: Scan fewer ports (100) than the default scan (a few seconds)';
-$pia_lang['DevDetail_Tools_nmap_buttonDefault_text'] = 'Default Scan: Nmap scans the top 1,000 ports for each scan protocol requested. (about 5 seconds)';
-$pia_lang['DevDetail_Tools_nmap_buttonDetail_text'] = 'Detailed Scan: The scan has been expanded to include some UDP ports. Also, the range of TCP ports has been increased.';
 $pia_lang['DevDetail_Tools_WOL'] = 'Send Wol command to ';
 $pia_lang['DevDetail_Tools_WOL_noti'] = 'Wake-on-LAN';
 $pia_lang['DevDetail_Tools_WOL_noti_text'] = 'The Wake-on-LAN command is sent to the broadcast address. If the target is not in the subnet/vlan of Pi.Alert, the target device will not respond.';

diff --git a/front/php/templates/language/es_es.php b/front/php/templates/language/es_es.php
@@ -268,9 +268,6 @@
 $pia_lang['DevDetail_Tools_nmap_buttonFast'] = 'Exploración rápida';
 $pia_lang['DevDetail_Tools_nmap_buttonDefault'] = 'Escaneado predeterminado';
 $pia_lang['DevDetail_Tools_nmap_buttonDetail'] = 'Escaneo detallado';
-$pia_lang['DevDetail_Tools_nmap_buttonFast_text'] = 'Escaneo rápido: escanee menos puertos (100) que el escaneo predeterminado (unos pocos segundos)';
-$pia_lang['DevDetail_Tools_nmap_buttonDefault_text'] = 'Escaneo predeterminado: NMAP escanea los 1,000 puertos principales para cada protocolo de escaneo solicitado. (aproximadamente 5 segundos)';
-$pia_lang['DevDetail_Tools_nmap_buttonDetail_text'] = 'Escaneo detallado: El escaneo se ha ampliado para incluir algunos puertos UDP. Además, se ha aumentado el rango de puertos TCP.';
 $pia_lang['DevDetail_Tools_WOL'] = 'Send Wol command to ';
 $pia_lang['DevDetail_Tools_WOL_noti'] = 'Wake-on-LAN';
 $pia_lang['DevDetail_Tools_WOL_noti_text'] = 'The Wake-on-LAN command is sent to the broadcast address. If the target is not in the subnet/vlan of Pi.Alert, the target device will not respond.';

diff --git a/front/php/templates/language/fr_fr.php b/front/php/templates/language/fr_fr.php
@@ -268,9 +268,6 @@
 $pia_lang['DevDetail_Tools_nmap_buttonFast'] = 'Scan rapide';
 $pia_lang['DevDetail_Tools_nmap_buttonDefault'] = 'Scan par défaut';
 $pia_lang['DevDetail_Tools_nmap_buttonDetail'] = 'Scan détaillé';
-$pia_lang['DevDetail_Tools_nmap_buttonFast_text'] = 'Scan rapide: Scanner moins de ports (100) que le scan par défaut (quelques secondes)';
-$pia_lang['DevDetail_Tools_nmap_buttonDefault_text'] = 'Scan par défaut: Nmap scanne les 1000 premiers ports pour chaque protocole de scan demandé. (environ 5 secondes)';
-$pia_lang['DevDetail_Tools_nmap_buttonDetail_text'] = 'Scan détaillé : Le scan a été étendu pour inclure certains ports UDP. De plus, la plage de ports TCP a été augmentée.';
 $pia_lang['DevDetail_Tools_WOL'] = 'Send Wol command to ';
 $pia_lang['DevDetail_Tools_WOL_noti'] = 'Wake-on-LAN';
 $pia_lang['DevDetail_Tools_WOL_noti_text'] = 'The Wake-on-LAN command is sent to the broadcast address. If the target is not in the subnet/vlan of Pi.Alert, the target device will not respond.';

diff --git a/front/php/templates/language/help_de_de.php b/front/php/templates/language/help_de_de.php
@@ -361,7 +361,14 @@
 									MAC-Adressen-Generierung deaktivierst.';
 $help_lang['Cat_Detail_303_head'] = 'Was ist Nmap und wozu dient es?';
 $help_lang['Cat_Detail_303_text'] = 'Nmap ist ein Netzwerkscanner mit vielfältigen Möglichkeiten.<br>
-									Wenn ein neues Gerät in deiner Liste auftaucht, hast du die Möglichkeit über den Nmap-Scan genauere Informationen über das Gerät zu erhalten.';
+									Wenn ein neues Gerät in deiner Liste auftaucht, hast du die Möglichkeit über den Nmap-Scan genauere Informationen über das Gerät zu erhalten. 
+									<br>Pi.Alert bietet 3 verschiedene voreingestellte Scans an:
+									<br>
+									<ul>
+									<li>Schneller Scan: Überprüft nur die wichtigsten 100 Ports (wenige Sekunden)</li>
+									<li>Standard Scan: Nmap scannt die ersten 1.000 Ports für jedes angeforderte Scan-Protokoll. (ca. 5-10 Sekunden)</li>
+									<li>Detailierter Scan (Timeout 60s): Der Scan ist um einige UDP Ports erweitert. Ebenfalls ist die Range der TCP Ports vergrößert.</li>
+									</ul>';
 $help_lang['Cat_Presence_400_head'] = 'Geräte werden mit einer gelben Markierung und dem Hinweis "missing Event" angezeigt.';
 $help_lang['Cat_Presence_400_text'] = 'Wenn dies geschieht hast du die Möglickeit, bei dem betreffenden Gerät (Detailsansicht) die Events zu löschen. Eine andere Möglichkeit wäre, das Gerät einzuschalten und zu warten, bis Pi.Alert mit dem nächsten
 									  Scan das Gerät als "Online" erkennt und anschließend das Gerät einfach wieder ausschalten. Nun sollte Pi.Alert mit dem nächsten Scan den Zustand des Gerätes ordentlich in der Datenbank vermerken.';

diff --git a/front/php/templates/language/it_it.php b/front/php/templates/language/it_it.php
@@ -268,9 +268,6 @@
 $pia_lang['DevDetail_Tools_nmap_buttonFast'] = 'Scansione rapida';
 $pia_lang['DevDetail_Tools_nmap_buttonDefault'] = 'Scansione predefinita';
 $pia_lang['DevDetail_Tools_nmap_buttonDetail'] = 'Scansione dettagliata';
-$pia_lang['DevDetail_Tools_nmap_buttonFast_text'] = 'Scansione rapida: controlla solo le prime 100 porte più importanti (alcuni secondi)';
-$pia_lang['DevDetail_Tools_nmap_buttonDefault_text'] = 'Scansione predefinita: Nmap esegue una scansione delle prime 1.000 porte per ogni protocollo richiesto. (circa 5-10 secondi)';
-$pia_lang['DevDetail_Tools_nmap_buttonDetail_text'] = 'Scansione dettagliata: La scansione è stata estesa per includere alcune porte UDP. Inoltre, è stata aumentata la gamma di porte TCP.';
 $pia_lang['DevDetail_Tools_WOL'] = 'Invia comando Wake-on-LAN a ';
 $pia_lang['DevDetail_Tools_WOL_noti'] = 'Wake-on-LAN';
 $pia_lang['DevDetail_Tools_WOL_noti_text'] = 'Il comando Wake-on-LAN viene inviato all&apos;indirizzo di broadcast. Se la destinazione non è nella stessa subnet/VLAN di Pi.Alert, il dispositivo di destinazione potrebbe non rispondere.';