v0.1-dev

CHANGELOG.txt

@@ -0,0 +1,2 @@
+v0.1-dev
+    initial working state

VERSION.txt

@@ -0,0 +1 @@
+v0.1-dev

fix_perms.sh

@@ -1,2 +0,0 @@
-#!/bin/bash
-sudo chown -R www-data:www-data . 2>>error.log

run_clear.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-rm -f error.log 2>>./error.log
-rm -f scans/* 2>>./error.log

run_scan.php

@@ -7,8 +7,8 @@
         $post_cmd = substr($_POST['nmapcmd'], 5);
     }
 
-    $file_name = date("Ymd-Hi-s") . ".xml";
+    $file_name = date("Ymd-Hi-s") . "-" . rand(1000000,9999999) . ".xml";
-    $run_cmd = "bash ./run_scan.sh nmap -oX scans/$file_name --stylesheet /nmaprincesspi/xsl/princesspi-nmap.xsl $post_cmd";
+    $run_cmd = "bash ./scripts/run_scan.sh nmap -oX scans/$file_name --stylesheet /nmaprincesspi/xsl/princesspi-nmap.xsl $post_cmd";
     $web_name = "/nmaprincesspi/scans/$file_name";
 
     echo $web_name;

run_scan.sh

@@ -1,2 +0,0 @@
-#!/bin/bash
-eval "$* 2>>./error.log 1>/dev/null&"

scripts/fix_perms.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+sudo chown -R www-data:www-data .. 2>>../error.log

scripts/run_clear.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+rm -f ../error.log 2>>./error.log
+rm -f ../scans/* 2>>./error.log

scripts/run_scan.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+eval "$* 2>>../error.log 1>/dev/null&"

todo.txt

@@ -1,8 +1,15 @@
 x xhr->run_scan.php
-move and edit scripts
+x add random number to file to prevent enumeration
+x move and edit scripts
 status/notify when done
-    polling?
+    polling xml file?
+error handling
+    nmap fail
+    php script fail
+    input validation fail
+containerize
 scans listing
-work on scans filename?
+c work on scans filename?
 fix perms
 auth system
+input/output validation