dennii/UltyScan
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/UltyScan.git synced 2026-04-17 16:16:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Complete documentation overhaul with Web UI installation

Browse Source
This commit is contained in:
DeNNiiInc
2026-01-01 18:04:03 +11:00
parent 84ac59485c
commit 04465f8d29
4 changed files with 680 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

292
README.md
View File

@@ -1,51 +1,273 @@
# UltyScan
## Professional Attack Surface Management Platform
# 🔍 UltyScan
**UltyScan** is a next-generation automated information gathering and vulnerability scanning tool. It is designed to be the ultimate "button-pushing" solution for penetration testers and security professionals, automating the execution of dozens of powerful open-source tools to discover hidden assets and vulnerabilities.
**Attack Surface Management Platform**
### 🚀 Key Features
* **Automated Recon**: Automatically gathers subdomains, IPs, and open ports.
* **Vulnerability Scanning**: Integrates with tools like Nikto, Zap, and OpenVAS to find weaknesses.
* **Multiple Modes**: From "Stealth" (low profile) to "Nuke" (full aggressive audit).
* **Visual Reports**: Generates HTML reports with all findings, including screenshots.
* **Workspace Management**: Keeps different client data separate and organized.
A comprehensive automated penetration testing and reconnaissance tool with a modern Web Interface for managing scans.
---
### 📚 Documentation
## ✨ Features
For detailed instructions, please refer to our comprehensive guides:
* **[Installation Guide](docs/installation.md)**
* Step-by-step setup for Kali Linux, Ubuntu, and Docker.
* **[Usage Guide](docs/usage.md)**
* How to run scans, understand modes, and manage workspaces.
* **[Configuration Guide](docs/configuration.md)**
* Customizing the scanner and setting up API keys (Shodan, Censys, etc.).
- **16 Scan Modes** - From stealth reconnaissance to full aggressive audits
- **Modern Web Interface** - Launch and manage scans from your browser
- **Automated Reporting** - HTML reports generated for each scan
- **Workspace Management** - Organize results by project
- **OSINT Integration** - Shodan, Censys, Hunter.io, and more
- **Vulnerability Scanning** - Nuclei, Nikto, and custom checks
- **Bruteforce Capabilities** - Password attacks on discovered services
---
### ⚡ Quick Start
## 🚀 Quick Start
1. **Install**:
```bash
git clone https://github.com/1N3/Sn1per
cd Sn1per
sudo bash install.sh
```
### One-Command Installation
2. **Run a Basic Scan**:
```bash
sudo sniper -t example.com
```
```bash
git clone https://github.com/DeNNiiInc/UltyScan /usr/share/sniper
cd /usr/share/sniper
bash install.sh force
```
3. **View Results**:
Open the generated HTML report inside the `loot/workspace/` directory.
> **Note:** The `force` flag runs the installation without prompts for fully automated deployment.
### After Installation
The installer will display your Web Interface URL:
```
============================================
ULTYSCAN WEB INTERFACE
============================================
URL: http://<YOUR_IP>/ultyscan/
Logs: /var/log/ultyscan/
Loot: /usr/share/sniper/loot/workspace/
============================================
```
---
### NOTE
This tool is for legal security auditing purposes only. Ensure you have permission to scan the target.
## 🖥️ Web Interface
*Based on the open-source Sn1per project.*
### Accessing the UI
Open your browser and navigate to:
```
http://<SERVER_IP>/ultyscan/
```
### Features
| Tab | Description |
|-----|-------------|
| **New Scan** | Configure and launch scans with all modes and options |
| **Workspaces** | View, export, and delete scan workspaces |
| **Console** | Live output from running scans |
| **Settings** | Update scanner and stop running scans |
### Scan Configuration Options
| Option | Description |
|--------|-------------|
| **Target** | Domain name or IP address to scan |
| **Scan Mode** | Select from 16 different scan modes |
| **Workspace** | Name to organize your results |
| **Enable OSINT** | Gather intelligence from public sources |
| **Enable Recon** | Subdomain and DNS enumeration |
| **Enable Bruteforce** | Password attacks on services |
| **Full Port Scan** | Scan all 65535 ports |
---
## 📋 Scan Modes
| Mode | Description | Use Case |
|------|-------------|----------|
| `normal` | Balanced scan with enumeration | General purpose |
| `stealth` | Low-profile, minimal traffic | Avoiding detection |
| `web` | Ports 80/443 only | Web application focus |
| `webscan` | Full web application audit | Deep web analysis |
| `webporthttp` | HTTP on custom port | Non-standard web ports |
| `webporthttps` | HTTPS on custom port | Non-standard SSL ports |
| `port` | Single specific port | Targeted service testing |
| `fullportonly` | All 65535 ports | Complete port discovery |
| `discover` | Network/CIDR scanning | Infrastructure mapping |
| `flyover` | Quick multi-target | Fast initial assessment |
| `airstrike` | Fast enumeration | Speed over depth |
| `nuke` | Full aggressive audit | Maximum coverage |
| `massportscan` | Multi-target port scan | Bulk port scanning |
| `massweb` | Multi-target web scan | Multiple web targets |
| `masswebscan` | Multi-target webapp | Bulk web app testing |
| `massvulnscan` | Multi-target vulns | Bulk vulnerability scan |
---
## ⌨️ Command Line Usage
### Basic Scan
```bash
sniper -t example.com
```
### With Options
```bash
sniper -t example.com -m normal -w myproject -o -re
```
### Full Scan with All Features
```bash
sniper -t example.com -m normal -w myproject -o -re -b -fp
```
### Command Line Options
| Flag | Description |
|------|-------------|
| `-t <target>` | Target domain or IP |
| `-f <file>` | File with list of targets |
| `-m <mode>` | Scan mode |
| `-w <name>` | Workspace name |
| `-o` | Enable OSINT |
| `-re` | Enable Recon |
| `-b` | Enable Bruteforce |
| `-fp` | Full port scan |
| `-p <port>` | Specific port number |
### Workspace Management
```bash
# List all workspaces
sniper --list
# Delete a workspace
sniper -w myproject -d
# Export workspace
sniper -w myproject --export
```
---
## 📁 Directory Structure
| Path | Description |
|------|-------------|
| `/usr/share/sniper/` | Installation directory |
| `/usr/share/sniper/loot/workspace/` | Scan results and reports |
| `/var/www/html/ultyscan/` | Web interface files |
| `/var/log/ultyscan/` | Web UI scan logs |
| `/root/.sniper.conf` | Main configuration file |
---
## ⚙️ Configuration
### API Keys
Edit `/root/.sniper.conf` to add your API keys:
```bash
# Shodan API Key
SHODAN_API_KEY="your_key_here"
# Censys API
CENSYS_APP_ID="your_id"
CENSYS_API_SECRET="your_secret"
# Hunter.io
HUNTERIO_KEY="your_key"
# GitHub (for secret scanning)
GITHUB_API_KEY="your_token"
```
### Enabling/Disabling Features
In `/root/.sniper.conf`:
```bash
# Enable/Disable scanners (1=on, 0=off)
NUCLEI="1"
NIKTO="0"
WPSCAN="1"
SHODAN="1"
```
---
## 🔒 Security Notes
> ⚠️ **Important Security Considerations**
1. **Network Access**: The Web UI should only be accessible from trusted networks
2. **Root Privileges**: The scanner requires root to perform its functions
3. **Legal Authorization**: Only scan systems you have permission to test
---
## 🐳 Docker Installation
```bash
cd /usr/share/sniper
docker-compose up -d
docker exec -it kali-linux bash
./install.sh force
```
---
## 📊 Viewing Reports
### Via Web Interface
1. Go to the **Workspaces** tab
2. Click **View** on any workspace
3. Report opens in new tab
### Direct Path
```
/usr/share/sniper/loot/workspace/<NAME>/sniper-report.html
```
### Via Web Server
```
http://<SERVER_IP>/loot/workspace/<NAME>/sniper-report.html
```
---
## 🔧 Troubleshooting
### Scan Not Starting
```bash
# Check if sniper is installed correctly
which sniper
# Test manually
sniper -t example.com
```
### Web UI Shows "Idle" When Scan Running
```bash
# Check if process is running
ps aux | grep sniper
# Check sudoers
cat /etc/sudoers.d/www-data-sniper
```
### Permission Denied
```bash
# Reinstall sudoers configuration
echo 'www-data ALL=(ALL) NOPASSWD: /usr/bin/bash /usr/share/sniper/sniper *' > /etc/sudoers.d/www-data-sniper
chmod 440 /etc/sudoers.d/www-data-sniper
```
---
## 📝 License
See [LICENSE.md](LICENSE.md) for details.
---
## 🤝 Contributing
Contributions are welcome! Please submit pull requests to improve the tool.

238
docs/installation.md
View File

@@ -1,127 +1,203 @@
# Installation Guide
Welcome to the **UltyScan** installation guide. This document provides step-by-step instructions to get **UltyScan** up and running on your system.
## Table of Contents
1. [Prerequisites](#prerequisites)
2. [Native Installation (Kali Linux / Ubuntu / Debian)](#native-installation)
3. [Docker Installation (Recommended for others)](#docker-installation)
4. [Troubleshooting](#troubleshooting)
---
## Prerequisites
Before installing, ensure you have:
- **Operating System**: Kali Linux (preferred), Ubuntu, Debian, or Parrot OS.
- **Permissions**: Root (administrator) access is required. Use `sudo` if you are not logged in as root.
- **Internet Connection**: Required to download dependencies.
- **Operating System**: Ubuntu 22.04/24.04, Debian 11/12, or Kali Linux
- **RAM**: Minimum 4GB (8GB recommended)
- **Disk Space**: At least 10GB free
- **Network**: Internet access for package downloads
- **Permissions**: Root access required
---
## Native Installation
## Quick Installation
This is the standard installation method for Kali Linux, Ubuntu, and Debian systems.
### Step 1: Clone the Repository
Open your terminal (command prompt) and run the following command to download the **UltyScan** code to your computer.
### One-Command Install
```bash
git clone https://github.com/1N3/Sn1per
git clone https://github.com/DeNNiiInc/UltyScan /usr/share/sniper
cd /usr/share/sniper
bash install.sh force
```
*Note: This creates a folder named `Sn1per`. You can rename it to `UltyScan` if you wish, but the internal scripts expect standard paths.*
### Step 2: Navigate to the Directory
Move into the downloaded folder:
The `force` flag runs the entire installation without prompts.
### What Gets Installed
The installer automatically sets up:
| Component | Description |
|-----------|-------------|
| **Core Scanner** | Main sniper script and modes |
| **Dependencies** | Nmap, Metasploit, Python tools |
| **Web Interface** | Apache + PHP dashboard |
| **Sudoers Config** | Web UI permissions |
| **Symlinks** | Easy command access |
---
## Step-by-Step Installation
### 1. Update System
```bash
cd Sn1per
apt update && apt upgrade -y
```
### Step 3: Run the Installer
Run the installation script. This script will automatically download and install all necessary tools and dependencies.
**Warning**: This process can take a while (10-30 minutes) depending on your internet speed, as it installs many security tools.
### 2. Install Git
```bash
sudo bash install.sh
apt install -y git
```
### Step 4: Verification
Once the script finishes, verify the installation by running the scanner's help command:
### 3. Clone Repository
```bash
sudo sniper --help
git clone https://github.com/DeNNiiInc/UltyScan /usr/share/sniper
```
If you see the help menu with the logo, the installation was successful!
### 4. Run Installer
```bash
cd /usr/share/sniper
bash install.sh force
```
### 5. Verify Installation
```bash
sniper --help
```
You should see the help menu with all available options.
---
## Docker Installation
If you are not using Kali/Debian, or prefer a containerized environment, use Docker. This keeps your host system clean.
### Prerequisites
- Ensure **Docker** and **Docker Compose** are installed on your system.
- [Install Docker Engine](https://docs.docker.com/engine/install/)
- [Install Docker Compose](https://docs.docker.com/compose/install/)
### Option A: Kali Linux Container (Recommended)
- Docker installed
- Docker Compose installed
1. **Start the container**:
From within the `Sn1per` directory, run:
```bash
sudo docker compose up -d
```
*The `-d` flag runs it in the background.*
### Steps
2. **Access the container**:
To start using the scanner, enter the interactive shell:
```bash
sudo docker run --privileged -it sn1per-kali-linux /bin/bash
```
```bash
# Clone the repository
git clone https://github.com/DeNNiiInc/UltyScan /opt/ultyscan
cd /opt/ultyscan
3. **Run the tool**:
Inside the container, you can run:
```bash
sniper --help
```
# Build and start container
docker-compose up -d
### Option B: BlackArch Container
# Enter the container
docker exec -it kali-linux bash
If you prefer BlackArch Linux:
# Run installer inside container
./install.sh force
```
1. **Start the container**:
```bash
sudo docker compose -f docker-compose-blackarch.yml up -d
```
---
2. **Access the container**:
```bash
sudo docker run --privileged -it sn1per-blackarch /bin/bash
```
## Post-Installation
### Access the Web Interface
After installation, you'll see:
```
============================================
ULTYSCAN WEB INTERFACE
============================================
URL: http://YOUR_IP/ultyscan/
Logs: /var/log/ultyscan/
Loot: /usr/share/sniper/loot/workspace/
============================================
```
Open the URL in your browser to access the dashboard.
### Configure API Keys
Edit the configuration file to add your API keys:
```bash
nano /root/.sniper.conf
```
Add your keys:
```bash
SHODAN_API_KEY="your_shodan_key"
CENSYS_APP_ID="your_censys_id"
CENSYS_API_SECRET="your_censys_secret"
HUNTERIO_KEY="your_hunter_key"
GITHUB_API_KEY="your_github_token"
```
---
## Troubleshooting
### "Command not found"
If running `sniper` says command not found:
- Ensure you ran the install script as root (`sudo bash install.sh`).
- Try running it directly from the installation directory:
```bash
cd /usr/share/sniper
./sniper --help
```
### Issue: Command Not Found
### Dependency Errors
If the installer fails on a specific package:
1. Run `sudo apt update --fix-missing`
2. Run `sudo apt upgrade`
3. Re-run `./install.sh`
```bash
# Check if symlink exists
ls -la /usr/bin/sniper
### Docker "Permission Denied"
If you get permission errors with Docker, ensure your user is in the `docker` group or use `sudo` before docker commands.
# Recreate if missing
ln -s /usr/share/sniper/sniper /usr/bin/sniper
```
### Issue: Web UI Not Loading
```bash
# Check Apache status
systemctl status apache2
# Restart Apache
systemctl restart apache2
# Check if files exist
ls -la /var/www/html/ultyscan/
```
### Issue: Scans Not Starting from Web UI
```bash
# Check sudoers configuration
cat /etc/sudoers.d/www-data-sniper
# Should contain:
# www-data ALL=(ALL) NOPASSWD: /usr/bin/bash /usr/share/sniper/sniper *
# Fix if missing:
echo 'www-data ALL=(ALL) NOPASSWD: /usr/bin/bash /usr/share/sniper/sniper *' > /etc/sudoers.d/www-data-sniper
chmod 440 /etc/sudoers.d/www-data-sniper
```
### Issue: Permission Denied Errors
```bash
# Fix ownership
chown -R root:root /usr/share/sniper
chmod +x /usr/share/sniper/sniper
# Fix web UI permissions
chown -R www-data:www-data /var/www/html/ultyscan
chown www-data:www-data /var/log/ultyscan
```
---
[Return to README](../README.md)
## Updating
To update to the latest version:
```bash
cd /usr/share/sniper
git pull origin main
bash install.sh force
```
Or from the Web UI: Go to **Settings****Update UltyScan**

297
docs/usage.md
View File

@@ -1,130 +1,259 @@
# Usage Guide
This guide covers how to use **UltyScan** effectively. The tool works by running the `sniper` command followed by a target and a mode.
## Overview
## Basic Syntax
```bash
sudo sniper -t <TARGET> -m <MODE> [OPTIONS]
```
- `-t <TARGET>`: The domain (e.g., `example.com`) or IP address (e.g., `192.168.1.1`) you want to scan.
- `-m <MODE>`: The scanning mode (e.g., `normal`, `stealth`, `nuke`). if omitted, defaults to normal.
- `-w <WORKSPACE>`: (Optional) Save results to a specific workspace name.
UltyScan can be used via the **Web Interface** or **Command Line**. Both methods provide access to all scan modes and options.
---
## Scanning Modes
## Web Interface
### 1. Normal Mode
**Best for:** General purpose scanning.
Performs a basic scan of targets and open ports using both active and passive checks. It balances speed and depth.
### Accessing the Dashboard
**Command:**
```bash
sudo sniper -t example.com
Open your browser and navigate to:
```
*Note: If no mode is specified, Normal mode is used.*
### 2. Stealth Mode
**Best for:** Avoiding detection.
Quickly enumerates targets using mostly non-intrusive scans to avoid WAF (Web Application Firewall) or IPS (Intrusion Prevention System) blocking.
**Command:**
```bash
sudo sniper -t example.com -m stealth
http://<SERVER_IP>/ultyscan/
```
### 3. Flyover Mode
**Best for:** High-level overview of multiple targets.
Fast, multi-threaded scans of multiple targets. Great for collecting high-level data (like taking screenshots of web pages) on many hosts quickly.
### Starting a Scan
1. Go to the **New Scan** tab
2. Enter your **Target** (domain or IP)
3. Select a **Scan Mode** from the dropdown
4. Enter a **Workspace Name** to organize results
5. Enable any **Additional Options** as needed
6. Click **Start Scan**
### Monitoring Progress
- The status badge in the header shows: **Idle** or **Scan Running**
- When running, a **Stop Scan** button appears
- Go to the **Console** tab to see live output
### Viewing Results
1. Go to the **Workspaces** tab
2. Click **View** on any workspace
3. The HTML report opens in a new tab
### Managing Workspaces
| Action | Description |
|--------|-------------|
| **Refresh** | Reload the workspace list |
| **View** | Open the scan report |
| **Export** | Create a tar archive |
| **Delete** | Remove the workspace |
---
## Command Line
### Basic Syntax
**Command:**
```bash
sudo sniper -f targets.txt -m flyover -w my-flyover-scan
sniper -t <TARGET> [options]
```
### 4. Airstrike Mode
**Best for:** Quick enumeration of a list of targets.
Quickly enumerates open ports and services on multiple hosts and performs basic fingerprinting.
### Examples
**Command:**
#### Simple Scan
```bash
sudo sniper -f targets.txt -m airstrike
```
*Note: `targets.txt` should contain a list of IPs or domains, one per line.*
### 5. Nuke Mode
**Best for:** COMPLETE DESTRUCTION (Deep Audit).
Launches a full audit of multiple hosts. This enables Brute-force, Full Port Scan, OSINT, Recon, Workspace, and Loot collection. **This is very loud and will likely lock accounts or trigger alarms.**
**Command:**
```bash
sudo sniper -f targets.txt -m nuke -w my-nuke-scan
sniper -t example.com
```
### 6. Discover Mode
**Best for:** Internal Networks.
Parses all hosts on a subnet (CIDR) and initiates a scan against each active host.
**Command:**
#### Scan with Workspace
```bash
sudo sniper -t 192.168.1.0/24 -m discover -w internal-scan
sniper -t example.com -w myproject
```
### 7. Web Mode
**Best for:** Web Application focus.
Adds full automatic web application scans to the results. Scans ports 80 (HTTP) and 443 (HTTPS) only.
**Command:**
#### Stealth Mode with OSINT
```bash
sudo sniper -t example.com -m web
sniper -t example.com -m stealth -o
```
#### Full Aggressive Scan
```bash
sniper -t example.com -m nuke -w fullaudit -o -re -b -fp
```
#### Scan Multiple Targets
```bash
# Create target file
echo "target1.com" > targets.txt
echo "target2.com" >> targets.txt
echo "192.168.1.0/24" >> targets.txt
# Run mass scan
sniper -f targets.txt -m airstrike -w multiscan
```
---
## Scan Modes Explained
### Single Target Modes
| Mode | Best For | Speed | Depth |
|------|----------|-------|-------|
| `normal` | General testing | Medium | Medium |
| `stealth` | Avoiding detection | Slow | Low |
| `web` | Web applications | Fast | Medium |
| `webscan` | Deep web analysis | Slow | High |
| `fullportonly` | Port discovery | Slow | Complete |
| `port` | Single service | Fast | Targeted |
### Multi-Target Modes
| Mode | Description |
|------|-------------|
| `flyover` | Quick reconnaissance of many targets |
| `airstrike` | Fast enumeration across targets |
| `nuke` | Comprehensive audit of all targets |
| `massportscan` | Port scan multiple targets |
| `massweb` | Web scan multiple targets |
| `masswebscan` | Deep web scan multiple targets |
| `massvulnscan` | Vulnerability scan multiple targets |
### Network Modes
| Mode | Description |
|------|-------------|
| `discover` | Network/CIDR range scanning |
---
## Options Reference
### Target Options
| Flag | Description | Example |
|------|-------------|---------|
| `-t` | Single target | `-t example.com` |
| `-f` | Target file | `-f targets.txt` |
### Mode Options
| Flag | Description | Example |
|------|-------------|---------|
| `-m` | Scan mode | `-m stealth` |
| `-p` | Specific port | `-p 8080` |
### Feature Flags
| Flag | Description |
|------|-------------|
| `-o` | Enable OSINT gathering |
| `-re` | Enable subdomain recon |
| `-b` | Enable bruteforce attacks |
| `-fp` | Full port scan (1-65535) |
### Workspace Options
| Flag | Description | Example |
|------|-------------|---------|
| `-w` | Workspace name | `-w project-alpha` |
| `-d` | Delete workspace | `-w project-alpha -d` |
| `--list` | List workspaces | `sniper --list` |
| `--export` | Export workspace | `-w project-alpha --export` |
---
## Workspace Management
UltyScan saves all data into "Workspaces" to keep your scans organized.
### Creating/Using a Workspace
Simply add `-w <NAME>` to any command.
### List All Workspaces
```bash
sudo sniper -t example.com -w project-alpha
sniper --list
```
### Listing Workspaces
See all your current workspaces.
### Delete a Workspace
```bash
sudo sniper --list
sniper -w myproject -d
```
### Deleting a Workspace
Remove a workspace and all its data.
### Export a Workspace
```bash
sudo sniper -w project-alpha -d
sniper -w myproject --export
# Creates: /usr/share/sniper/loot/myproject.tar
```
### Reimport Results
```bash
sniper -w myproject --reimport
```
---
## Output and Reports
### Report Locations
| Type | Path |
|------|------|
| HTML Report | `/usr/share/sniper/loot/workspace/<NAME>/sniper-report.html` |
| Nmap Results | `/usr/share/sniper/loot/workspace/<NAME>/nmap/` |
| Screenshots | `/usr/share/sniper/loot/workspace/<NAME>/screenshots/` |
| Raw Output | `/usr/share/sniper/loot/workspace/<NAME>/output/` |
### Viewing Reports
To open the HTML report for a workspace:
```bash
sudo sniper --list
#### Via Web Browser
```
http://<SERVER_IP>/loot/workspace/<NAME>/sniper-report.html
```
#### Via Command Line
```bash
firefox /usr/share/sniper/loot/workspace/<NAME>/sniper-report.html
```
Then select the report HTML file from the output or navigate to:
`/usr/share/sniper/loot/workspace/<YOUR_WORKSPACE>/sniper-report.html`
---
## Advanced Options
## Scheduled Scans
| Flag | Description |
| :--- | :--- |
| `-o` / `--osint` | Enable OSINT (Open Source Intelligence) gathering. |
| `-re` / `--recon` | Enable Reconnaissance gathering. |
| `-b` | Enable Brute-force attacks (automatically tries passwords). |
| `-fp` | Full Port Only scan (scans all 65535 ports). |
| `--status` | Check the status of running scans. |
| `-u` / `--update` | Update **UltyScan** to the latest version. |
Set up recurring scans:
```bash
# Daily scan
sniper -w myproject -s daily
# Weekly scan
sniper -w myproject -s weekly
# Monthly scan
sniper -w myproject -s monthly
```
---
[Return to README](../README.md)
## Tips and Best Practices
### 1. Always Use Workspaces
Organize your results by project or engagement:
```bash
sniper -t client.com -w client-pentest-2024
```
### 2. Start with Stealth
For initial reconnaissance, use stealth mode:
```bash
sniper -t target.com -m stealth -o
```
### 3. Enable OSINT for External Targets
Get maximum intelligence on internet-facing targets:
```bash
sniper -t target.com -o -re
```
### 4. Use Web Mode for Web Apps
Focus on web vulnerabilities:
```bash
sniper -t webapp.com -m webscan
```
### 5. Check Console Output
Monitor the Console tab or log files for detailed progress:
```bash
tail -f /var/log/ultyscan/scan_*.log
```

54
install.sh
View File

@@ -463,5 +463,57 @@ ln -fs /usr/share/sniper/loot/workspaces/ /root/Desktop/workspaces 2> /dev/null
echo -e "$OKBLUE[*]$RESET Cleaning up installation files... $RESET"
rm -Rf /tmp/arachni* /tmp/gobuster* /tmp/msfinstall /tmp/openssl.cnf 2> /dev/null
# ============================================================================
# ULTYSCAN WEB UI INSTALLATION
# ============================================================================
echo -e "$OKBLUE[*]$RESET Installing UltyScan Web Interface... $RESET"
# Install Apache and PHP
echo -e "$OKBLUE[*]$RESET Installing Apache and PHP... $RESET"
export DEBIAN_FRONTEND=noninteractive
apt install -y apache2 libapache2-mod-php php 2> /dev/null
# Enable PHP module
a2enmod php8.3 2>/dev/null || a2enmod php8.2 2>/dev/null || a2enmod php 2>/dev/null
# Create web UI directory
echo -e "$OKBLUE[*]$RESET Deploying Web UI files... $RESET"
mkdir -p /var/www/html/ultyscan
cp -r $INSTALL_DIR/webui/* /var/www/html/ultyscan/ 2>/dev/null
# Set permissions
chown -R www-data:www-data /var/www/html/ultyscan
chmod 755 /var/www/html/ultyscan/*.php
# Create log directory for web UI
mkdir -p /var/log/ultyscan
chown www-data:www-data /var/log/ultyscan
# Create symlink for loot access from web
ln -sf $LOOT_DIR /var/www/html/loot 2>/dev/null
# Configure sudoers for www-data to run sniper
echo -e "$OKBLUE[*]$RESET Configuring permissions for Web UI... $RESET"
echo 'www-data ALL=(ALL) NOPASSWD: /usr/bin/bash /usr/share/sniper/sniper *' > /etc/sudoers.d/www-data-sniper
echo 'www-data ALL=(ALL) NOPASSWD: /usr/bin/pkill *' >> /etc/sudoers.d/www-data-sniper
chmod 440 /etc/sudoers.d/www-data-sniper
# Restart Apache
systemctl restart apache2 2>/dev/null || service apache2 restart 2>/dev/null
# Get server IP for display
SERVER_IP=$(hostname -I 2>/dev/null | awk '{print $1}')
echo -e "$OKGREEN[OK]$RESET Web UI installed successfully! $RESET"
echo ""
echo -e "$OKRED[>]$RESET Done! $RESET"
echo -e "$OKRED[>]$RESET To run, type 'sniper'! $RESET"
echo -e "$OKRED[>]$RESET To run from command line, type 'sniper'! $RESET"
echo ""
echo -e "$OKBLUE============================================$RESET"
echo -e "$OKGREEN ULTYSCAN WEB INTERFACE$RESET"
echo -e "$OKBLUE============================================$RESET"
echo -e "$OKBLUE URL:$RESET http://$SERVER_IP/ultyscan/"
echo -e "$OKBLUE Logs:$RESET /var/log/ultyscan/"
echo -e "$OKBLUE Loot:$RESET /usr/share/sniper/loot/workspace/"
echo -e "$OKBLUE============================================$RESET"
echo ""