dennii/UltyScan
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/UltyScan.git synced 2026-04-17 18:26:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c9cfb19174b9082ac12f658e57f5171ef4a6aeca
UltyScan/webui/execute.php

152 lines
3.7 KiB
PHP
Raw Blame History

<?php
/**
* UltyScan Web Interface - Execute Scan
* Handles form submissions and runs the sniper command
*/
header('Content-Type: application/json');
// Security: Only allow POST requests
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Method not allowed']);
exit;
}
// Configuration
define('SNIPER_PATH', 'sudo /usr/share/sniper/sniper');
define('LOG_DIR', '/var/log/ultyscan');
// Ensure log directory exists
if (!is_dir(LOG_DIR)) {
mkdir(LOG_DIR, 0755, true);
}
// Handle special actions
$action = $_POST['action'] ?? '';
if ($action === 'update') {
$cmd = SNIPER_PATH . ' -u 2>&1';
$logFile = LOG_DIR . '/update_' . date('Ymd_His') . '.log';
exec("nohup $cmd > $logFile 2>&1 &");
echo json_encode(['success' => true, 'message' => 'Update started', 'log' => $logFile]);
exit;
}
if ($action === 'stop') {
exec('pkill -f "sniper"');
echo json_encode(['success' => true, 'message' => 'Stop signal sent']);
exit;
}
// Build the sniper command
$command = SNIPER_PATH;
$errors = [];
// Target (required unless using file)
$target = trim($_POST['target'] ?? '');
$targetFile = trim($_POST['target_file'] ?? '');
$mode = trim($_POST['mode'] ?? 'normal');
// Validate mode against allowed list
$allowedModes = [
'normal',
'stealth',
'web',
'webscan',
'webporthttp',
'webporthttps',
'port',
'fullportonly',
'discover',
'flyover',
'airstrike',
'nuke',
'massportscan',
'massweb',
'masswebscan',
'massvulnscan'
];
if (!in_array($mode, $allowedModes)) {
echo json_encode(['success' => false, 'error' => 'Invalid scan mode']);
exit;
}
// Modes that require a file instead of single target
$fileModes = ['airstrike', 'nuke', 'massportscan', 'massweb', 'masswebscan', 'massvulnscan', 'flyover'];
if (in_array($mode, $fileModes)) {
if (empty($targetFile)) {
echo json_encode(['success' => false, 'error' => 'This mode requires a target file']);
exit;
}
// Write targets to temp file
$tmpFile = '/tmp/ultyscan_targets_' . uniqid() . '.txt';
file_put_contents($tmpFile, $targetFile);
$command .= ' -f ' . escapeshellarg($tmpFile);
} else {
if (empty($target)) {
echo json_encode(['success' => false, 'error' => 'Target is required']);
exit;
}
// Sanitize target
$target = preg_replace('/[^a-zA-Z0-9\.\-\_\/\:]/', '', $target);
$command .= ' -t ' . escapeshellarg($target);
}
// Mode
$command .= ' -m ' . escapeshellarg($mode);
// Workspace
$workspace = trim($_POST['workspace'] ?? '');
if (!empty($workspace)) {
$workspace = preg_replace('/[^a-zA-Z0-9\-\_]/', '', $workspace);
$command .= ' -w ' . escapeshellarg($workspace);
}
// Port (for port modes)
$port = intval($_POST['port'] ?? 0);
if ($port > 0 && $port <= 65535) {
$command .= ' -p ' . $port;
}
// Options
if (!empty($_POST['osint'])) {
$command .= ' -o';
}
if (!empty($_POST['recon'])) {
$command .= ' -re';
}
if (!empty($_POST['bruteforce'])) {
$command .= ' -b';
}
if (!empty($_POST['fullportscan'])) {
$command .= ' -fp';
}
// Create log file for this scan
$scanId = date('Ymd_His') . '_' . substr(md5(uniqid()), 0, 6);
$logFile = LOG_DIR . '/scan_' . $scanId . '.log';
// Run the command in background
$fullCommand = "nohup $command > $logFile 2>&1 &";
// Log the command (for debugging)
file_put_contents(LOG_DIR . '/commands.log', date('Y-m-d H:i:s') . " - $command\n", FILE_APPEND);
// Execute
exec($fullCommand);
echo json_encode([
'success' => true,
'scanId' => $scanId,
'command' => $command,
'logFile' => $logFile,
'message' => 'Scan started'
]);
Reference in New Issue View Git Blame Copy Permalink