v0.5-dev

2025-05-15 19:14:32 -06:00
parent 5099bc7b18
commit 984d5df7c7
7 changed files with 32 additions and 14 deletions
@@ -1,5 +1,7 @@
 <?php
-    if(empty($_POST['nmapcmd'])) { die("nmapcmd POST var not found"); }
+    session_start();
+    if(empty($_POST['nmapcmd']) || empty($_SESSION['nonce'])) { die("POST var(s) not found"); }
+    if($_POST['nonce'] !== $_SESSION['nonce']) { die('csrf validation failed'); }
    
    $cleannmapcmd = escapeshellcmd($_POST['nmapcmd']);