astatin3/Auto-Shodanner
1
0
Fork 0
mirror of https://github.com/Astatin3/Auto-Shodanner.git synced 2026-06-09 00:28:00 -06:00
Code Issues Packages Projects Releases Wiki Activity

Very WIP

Browse Source
This commit is contained in:
Astatin3
2024-04-15 22:28:20 -06:00
parent 19547efcd3
commit 65807d0f38
36 changed files with 5219 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/main/Dashboard.html
Executable
+19
View File
@@ -0,0 +1,19 @@
<main class="container">
</main>
<script>
window.main = () => {
window.addListener('Scanner-Metrics', (data)=>{
document.getElementsByClassName("container")[0].innerHTML = `
<h1>Auto-Shodanner</h1>
<h3>Addresses Scanned: ${data.data.scanCount} (${data.data.scanCount/42949672.96}% Of the internet.)</h3>
`
})
}
</script>
modules/main/adminSettings.html
Executable
+248
View File
@@ -0,0 +1,248 @@
<main class="container">
<h3>User Settings</h3>
<h4>Users</h4>
<table role="grid">
<thead>
<tr>
<th scope="col">Username</th>
<th scope="col">Created</th>
<th scope="col">Pass Updated</th>
<th scope="col">Groups</th>
<th scope="col">Manage</th>
</tr>
</thead>
<tbody id="userTable"></tbody>
</table>
<h4>Sessions</h4>
<table role="grid">
<thead>
<tr>
<th scope="col">Username</th>
<th scope="col">Address</th>
<th scope="col">Path</th>
<th scope="col">Expires</th>
<th scope="col">Manage</th>
</tr>
</thead>
<tbody id="sessionTable"></tbody>
</table>
<button onclick="addUser()">Add New User</button>
</main>
<script>
let userData = {}
function promptUnauth(clientid) {
utils.confirmBox('var(--card-sectionning-background-color)', true, 'Are you sure you want to log this session out?', `unauthSession('${clientid}')`, '')
}
function unauthSession(id) {
window.send('unauth', id)
}
function addUser() {
const elem = document.body
const bgcolor = 'var(--card-sectionning-background-color)'
const header = 'rgba(255,255,255,0.05)'
const textColor = 'text-white'
const title = "Add user"
utils.modal(elem, bgcolor, header, textColor, title, `
<input autocomplete="new-password" id="username" placeholder="Username"></input>
<input autocomplete="new-password" id="groups" placeholder="User groups (Users, Admins, ...)"></input>
<input autocomplete="new-password" id="password1" type="password" placeholder="New Password"></input>
<input autocomplete="new-password" id="password2" type="password" placeholder="Retype new Password"></input>
<button class="outline half-left" onclick="this.parentElement.parentElement.remove()">Cancel</button>
<button class="half-right" onclick="addUserPrompt()">Submit</button>`)
// For some reason, after opening a second modal, the first one is not deleted.
// So I have to maually delete it using document.body.children[5].remove()
}
function addUserPrompt() {
const username = utils.getel("username").value
const groups = utils.getel("groups").value
const password1 = utils.getel("password1").value
const password2 = utils.getel("password2").value
document.body.children[5].remove()
if(username == "" || password1 == "" || password2 == ""){
utils.popupError("Error", "Please fill out all areas of form")
return
}else if(password1 != password2){
utils.popupError("Error", "Passwords don't match")
return
}
const elem = document.body
const bgcolor = 'var(--card-sectionning-background-color)'
const header = 'rgba(255,255,255,0.05)'
const textColor = 'text-white'
const title = "Add user"
utils.modal(elem, bgcolor, header, textColor, title, `
<p>Are you sure you want to add this user?</p>
<p>Username: ${username}</p>
<p>Groups: ${groups}</p>
<p>Password: (hidden)</p>
<br>
<button class="outline half-left" onclick="addUserSubmit('${username}','${groups}','${password1}');this.parentElement.parentElement.remove()">Yes</button>
<button class="half-right" onclick="this.parentElement.parentElement.remove()">No</button>`)
return
}
function addUserSubmit(username, groups, password) {
client.send("addUserRequest", {
username: username,
groups: groups.split(", "),
password: utils.sha256(password)
})
}
function manageUser(id) {
const elem = document.body
const bgcolor = 'var(--card-sectionning-background-color)'
const header = 'rgba(255,255,255,0.05)'
const textColor = 'text-white'
const title = "Manage user"
utils.modal(elem, bgcolor, textColor, header, title, `
<button onclick="promptDisconnectSessions('${id}')">Disconnect all sessions</button>
<button onclick="promptChangePassword('${id}');this.parentElement.parentElement.remove()">Edit Password</button>
<button onclick="promptChangeGroups('${id}');this.parentElement.parentElement.remove()">Edit Groups</button>
<button onclick="promptRemoveUser('${id}');this.parentElement.parentElement.remove()">Delete</button>
<button class="outline" onclick="this.parentElement.parentElement.remove()">Cancel</button>
`)
}
function promptDisconnectSessions(id) {
document.body.children[5].remove()
utils.confirmBox('var(--card-sectionning-background-color)', true, 'Are you sure you want to disconnect all sessions for this user?', `disconnectSessions('${id}')`, '')
}
function disconnectSessions(id) {
client.send("disconnectAllSessions", {
id: id
})
}
function promptChangePassword(id) {
document.body.children[5].remove()
const elem = document.body
const bgcolor = 'var(--card-sectionning-background-color)'
const header = 'rgba(255,255,255,0.05)'
const textColor = 'text-white'
const title = "Manage user"
utils.modal(elem, bgcolor, textColor, header, title, `
<input autocomplete="new-password" id="password1" type="password" placeholder="New Password"></input>
<input autocomplete="new-password" id="password2" type="password" placeholder="Retype new Password"></input>
<button class="outline half-left" onclick="this.parentElement.parentElement.remove()">Cancel</button>
<button class="half-right" onclick="changePassword('${id}')">Submit</button>
`)
}
function changePassword(id) {
const password1 = utils.getel("password1").value
const password2 = utils.getel("password2").value
document.body.children[5].remove()
if(password1 == "" || password2 == ""){
utils.popupError("Error", "Please fill out all areas of form")
return
}else if(password1 != password2){
utils.popupError("Error", "Passwords don't match")
return
}
client.send("passwordChangeRequest", {
id: id,
new: utils.sha256(password1)
})
}
function promptChangeGroups(id) {
document.body.children[5].remove()
const user = utils.getatribinarr(userData, 'id', id)
const elem = document.body
const bgcolor = 'var(--card-sectionning-background-color)'
const header = 'rgba(255,255,255,0.05)'
const textColor = 'text-white'
const title = "Edit groups"
utils.modal(elem, bgcolor, textColor, header, title, `
<input autocomplete="new-password" id="groups" placeholder="User groups (Users, Admins, ...)" value="${user.permGroups.join(", ")}"></input>
<button class="half-left" onclick="this.parentElement.parentElement.remove()">Cancel</button>
<button class="outline half-right" onclick="changeGroups('${id}')">Submit</button>
`)
}
function changeGroups(id) {
const groups = utils.getel("groups").value
document.body.children[5].remove()
if(groups == ""){
utils.popupError("Error", "Please fill out all areas of form")
return
}
client.send("changeGroupsRequest", {
id: id,
groups: groups.split(", ")
})
}
function promptRemoveUser(id) {
document.body.children[5].remove()
utils.confirmBox('var(--card-sectionning-background-color)', true, 'Are you sure you want to remove this user?', `removeUser('${id}')`, '')
}
function removeUser(id) {
client.send("deleteUserRequest", {
id: id
})
}
window.main = ()=>{
window.addListener("sessions", (data)=>{
users = data.data.users
html = ""
userData = users
for(let i=0;i<users.length;i++){
html += `
<tr>
<td>${users[i].username}</td>
<td>${utils.formatTime(users[i].created)}</td>
<td>${utils.formatTime(users[i].passwordUpdated)}</td>
<td>${users[i].permGroups.join(", ")}</td>
<td><a href="#" onclick="manageUser('${users[i].id}')">Manage</a></td>
</tr>
`
}
utils.getel('userTable').innerHTML = html
sessions = data.data.sessions
html = ""
for(let i=0;i<sessions.length;i++){
html += `
<tr>
<td>${sessions[i].username}</td>
<td>${sessions[i].address}</td>
<td>${sessions[i].currentPage}</td>
<td>${utils.formatTime(sessions[i].timeout)}</td>
<td><a href="#" onclick="promptUnauth('${sessions[i].clientid}')">Logout</a></td>
</tr>
`
}
utils.getel('sessionTable').innerHTML = html
})
}
</script>
modules/main/main.py
Executable
+206
View File
@@ -0,0 +1,206 @@
import libs.scanutils as scanutils
mm = None
def dashboardMetrics(ac):
ac.send('Scanner-Metrics', {
"scanCount": scanutils.countScannedIps()
})
def init(moduleMaster):
global mm
mm = moduleMaster
mm.addPageEventListener('/main/dashboard', dashboardMetrics)
# User settings
mm.addAuthEventListener('logout', logout)
mm.addAuthEventListener('unauth', unauth)
mm.addAuthEventListener('passwordChangeRequest', changePassword)
# Admin settings
mm.addAuthEventListener('addUserRequest', addUser)
mm.addAuthEventListener('disconnectAllSessions', disconnectAllSessions)
mm.addAuthEventListener('changeGroupsRequest', changeGroups)
mm.addAuthEventListener('deleteUserRequest', deleteUser)
# mm.addAuthEventListener('login', disconnectAllSessions)
mm.addPageEventListener('/main/User', loadSessions)
mm.addPageEventListener('/main/Admin', loadSessionsAdmin)
def main():
pass
def logout(ac, data):
mm.unauth(ac)
def unauth(ac, data):
removeClient = mm.getAuthClientByID(data['data'])
if removeClient == None:
return
if removeClient.user != ac.user and not mm.userInGroup(ac, "Admins"):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.unauth(removeClient)
mm.sendPopupSuccess(ac.rawClient, "Success", "Client removed!")
if(ac.currentPage == "/main/Admin" and mm.userInGroup(ac, "Admins")):
loadSessionsAdmin(ac)
else:
loadSessions(ac)
def loadSessions(ac):
obj = []
for client in mm.authServer.clients:
if client.user != ac.user:
continue
obj.append({
'username': client.username,
'address': client.rawClient.address,
'currentPage': client.currentPage,
'clientid': client.rawClient.clientid,
'timeout': client.timeout
})
# obj.append(client.session)
ac.send('sessions', obj)
def changePassword(ac, data):
# If the account is not an admin, and the username is the same, and the password is correct => Change password
# If the account is not an admin, and the username is the same, and the password not correct and => Incorrect Password
# If the account is not an admin, and the username is not the same => Access denied
# If the account is an admin, and the username is the same, and the password is correct => Change password
# If the account is an admin, and the username is the same, and the password is not correct => Incorrect Password
# If the account is an admin, and the username is not the same => Change password
isAdmin = mm.userInGroup(ac, 'Admins')
correctName = ac.user.id == data['data']['id']
if isAdmin and correctName and not 'old' in data['data']:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
if isAdmin or correctName:
if not isAdmin and ac.user.sha256passwordhash != data['data']['old']:
mm.sendPopupError(ac.rawClient, "Error", "Incorrect Password")
return
elif isAdmin and correctName and ac.user.sha256passwordhash != data['data']['old']:
mm.sendPopupError(ac.rawClient, "Error", "Incorrect Password")
return
else:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
mm.setUserPassword(user, data['data']['new'])
mm.sendPopupSuccess(ac.rawClient, "Success", "Password updated!")
if isAdmin:
loadSessionsAdmin(ac)
def loadSessionsAdmin(ac):
if not mm.userInGroup(ac, 'Admins'):
return
obj = {
'users': [],
'sessions': []
}
for client in mm.authServer.clients:
obj['sessions'].append({
'username': client.username,
'address': client.rawClient.address,
'currentPage': client.currentPage,
'clientid': client.rawClient.clientid,
'timeout': client.timeout
})
for user in mm.authServer.users:
obj['users'].append({
'username': user.username,
'permGroups': user.permGroups,
'id': user.id,
'created': user.created,
'passwordUpdated': user.passwordUpdated
})
ac.send('sessions', obj)
def addUser(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.addUser(
data['data']['username'],
data['data']['groups'],
data['data']['password'])
loadSessionsAdmin(ac)
def disconnectAllSessions(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
for client in mm.authServer.clients:
if client.user == user:
mm.unauth(client)
loadSessionsAdmin(ac)
def changeGroups(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
if user == ac.user:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.setUserGroups(user, data['data']['groups'])
mm.sendPopupSuccess(ac.rawClient, "Success", "Groups updated!")
loadSessionsAdmin(ac)
def deleteUser(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
if user == ac.user:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.deleteUser(user)
mm.sendPopupSuccess(ac.rawClient, "Success", "User deleted!")
loadSessionsAdmin(ac)
modules/main/module.json
Executable
+38
View File
@@ -0,0 +1,38 @@
{
"name": "main",
"creators": ["ASTATIN3"],
"version": "1.0",
"entrypoint": "modules/main/main.py",
"tabs": [
{
"name": "main",
"defaultPage": "dashboard",
"pages": [
{
"type": "page",
"name": "dashboard",
"requiredPermGroup": "",
"location": "modules/main/Dashboard.html"
},
{
"type": "folder",
"name": "Settings",
"pages": [
{
"type": "page",
"name": "User",
"requiredPermGroup": "",
"location": "modules/main/userSettings.html"
},
{
"type": "page",
"name": "Admin",
"requiredPermGroup": "Admins",
"location": "modules/main/adminSettings.html"
}
]
}
]
}
]
}
modules/main/userSettings.html
Executable
+105
View File
@@ -0,0 +1,105 @@
<main class="container">
<h3>User Settings</h3>
<div id="details"></div>
<h4>Sessions</h4>
<table role="grid">
<thead>
<tr>
<th scope="col">Username</th>
<th scope="col">Address</th>
<th scope="col">Path</th>
<th scope="col">Expires</th>
<th scope="col">Manage</th>
</tr>
</thead>
<tbody id="sessionTable"></tbody>
</table>
<button id="changePassword" onclick="changePassword()">Change Password</button>
<button id="logoutButton" onclick="promptLogout()">Logout</button>
</main>
<script>
function promptLogout() {
utils.confirmBox('var(--card-sectionning-background-color)', true, 'Are you sure you want to log out?', 'logout()', '')
}
function promptUnauth(clientid) {
utils.confirmBox('var(--card-sectionning-background-color)', true, 'Are you sure you want to log this session out?', `unauthClient('${clientid}')`, '')
}
function logout() {
window.send('logout', {})
utils.setCookie('session', '')
}
function unauthSession(id) {
window.send('unauth', id)
}
function changePassword() {
const elem = document.body
const bgcolor = 'var(--card-sectionning-background-color)'
const header = 'rgba(255,255,255,0.05)'
const textColor = 'text-white'
const title = "Change password"
utils.modal(elem, bgcolor, header, textColor, title, `
<input id="oldPassword" type="password" placeholder="Old Password"></input>
<input autocomplete="new-password" id="password1" type="password" placeholder="New Password"></input>
<input autocomplete="new-password" id="password2" type="password" placeholder="Retype new Password"></input>
<button onclick="passwordSubmit();document.body.removeChild(this.parentElement.parentElement)">Submit</button>`)
}
function passwordSubmit() {
const oldPassword = utils.getel("oldPassword").value
const password1 = utils.getel("password1").value
const password2 = utils.getel("password2").value
if(oldPassword == "" || password1 == "" || password2 == ""){
utils.popupError("Error", "Please fill out all areas of form")
return
}else if(password1 != password2){
utils.popupError("Error", "Passwords don't match")
return
}
client.send("passwordChangeRequest", {
id: authClient.id,
old: utils.sha256(oldPassword),
new: utils.sha256(password1)
})
}
window.main = ()=>{
window.addListener("reauth", (data)=>{
let details = utils.getel('details')
details.innerHTML += "<p>Username: " + authClient.username + "</p>"
details.innerHTML += "<p>Groups: " + authClient.permGroups.join(", ") + "</p>"
details.innerHTML += "<p>Created: " + utils.formatTime(authClient.accountCreated) + "</p>"
details.innerHTML += "<p>Password Updated: " + utils.formatTime(authClient.passwordUpdated) + "</p>"
})
window.addListener("sessions", (data)=>{
sessions = data.data
let html = ""
for(let i=0;i<sessions.length;i++){
html += `
<tr>
<td>${sessions[i].username}</td>
<td>${sessions[i].address}</td>
<td>${sessions[i].currentPage}</td>
<td>${utils.formatTime(sessions[i].timeout)}</td>
<td><a href="#" onclick="unauthSession('${sessions[i].clientid}')">Logout</a></td>
</tr>
`
}
utils.getel('sessionTable').innerHTML = html
})
}
</script>