OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jeremy Sanders (jsanderspomeroy.com)
Date: Thu Jan 18 2001 - 09:20:23 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I whipped this up several months ago right after I got my Samsung 8500 w/ wireless web. It's just two files. nmap.wml and nmap.php3. Nothing fancy just redirects the output to your phone display. Can make for interesting meetings w/ customers. "Let me port scan your web server right quick :)"... Of course depending on what user you run your web server as you only have access to that level of commands, unless you run suexec which might not be a good idea since wap isn't all that secure(cookies being stored on providers wap gateways and all that). Anyway here are the two files:

    nmap.wml
    <?xml version="1.0"?>
    <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">

    <wml>
            <card id="Nmap">
                    <p>
                    Enter host:
                    <br/>
                    <input type="text" name="Host" size="30"/>
                    </p>
                    <do type="accept" label="Scan">
                            <go href="nmap.php3" method="post">
                                    <postfield name="Host" value="$Host"/>
                            </go>
                    </do>
            </card>
    </wml>

    nmap.php3
    <?
         header("Content-type: text/vnd.wap.wml"); // set the correct MIME type
         header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // expires in the past
         header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Last modified, right now
         header("Cache-Control: no-cache, must-revalidate"); // Prevent caching, HTTP/1.1
         header("Pragma: no-cache"); // Prevent caching, HTTP/1.0
         echo("<?xml version=\"1.0\"?>\n");
         echo("<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\" \"ttp://www.wapforum.org/DTD/wml_1.1.xml\">\n\n");
    ?>

    <wml>

      <head>
        <meta forua="true" http-equiv="Cache-Control" content="max-age=0"/>
      </head>
            <template>
                    <do type="options" label="Home">
                            <go href="/"/>
                    </do>
            </template>
            <card id="Result">
            <p>
            <?
                    $cmd="/usr/bin/nmap $Host";
                    exec(EscapeShellCmd($cmd),$result);
                    $cnt=0;
                    $rcnt=count($result);
                    while ($cnt<$rcnt) {
                                    print htmlspecialchars($result[$cnt]);
                                    print "<br/>";
                            $cnt++;
                    }
             ?>
            </p>
            <do type="accept">
                    <go href="/nmap.wml"/>
            </do>
            </card>
    </wml>

    --------------------------------------------------
    For help using this (nmap-hackers) mailing list, send a blank email to
    nmap-hackers-helpinsecure.org . List run by ezmlm-idx (www.ezmlm.org).