Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Feature-Web] adding skipping service discovery, exclude ports and custom HTTP headers to the web (#1113) 

* adding new features to the web UI

* minor bug fix

* ruff fixes

* removing debugging statement

* code-rabbit suggested changes

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
This commit is contained in:
Achintya Jai 2025-08-07 22:01:10 +05:30 committed by GitHub
parent 8695749cc5
commit cab9b2c2fe
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nettacker/api/engine.py
View File

@ -247,7 +247,9 @@ def new_scan():
"""
api_key_is_valid(app, flask_request)
form_values = dict(flask_request.form)
# variables for future reference
raw_report_path_filename = form_values.get("report_path_filename")
http_header = form_values.get("http_header")
report_path_filename = sanitize_report_path_filename(raw_report_path_filename)
if not report_path_filename:
return jsonify(structure(status="error", msg="Invalid report filename")), 400
@ -255,7 +257,13 @@ def new_scan():
for key in nettacker_application_config:
if key not in form_values:
form_values[key] = nettacker_application_config[key]
# Handle HTTP headers
if http_header:
form_values["http_header"] = [
line.strip() for line in http_header.split("\n") if line.strip()
]
# Handle service discovery
form_values["skip_service_discovery"] = form_values.get("skip_service_discovery", "") == "true"
nettacker_app = Nettacker(api_arguments=SimpleNamespace(**form_values))
app.config["OWASP_NETTACKER_CONFIG"]["options"] = nettacker_app.arguments
thread = Thread(target=nettacker_app.run)

26
nettacker/web/static/index.html
View File

@ -162,6 +162,12 @@
<span class="input-group-addon"><i class="fa fa-space-shuttle"></i></span>
<input id="targets" type="text" class="form-control" data-role="tagsinput" placeholder="Add new target" >
</div>
<div class="form-group" style="margin-top: 10px;">
<label>
<input id="skip_service_discovery" type="checkbox">
<a class="label label-warning">Skip service discovery</a>
</label>
</div>
<div id="scan_options_combined">
<h3>Profiles</h3>
<div class="form-group">
@ -285,6 +291,26 @@
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<h3>Exclude Ports</h3>
<div class="input-group col-xs-12">
<span class="input-group-addon">Exclude</span>
<input id="exclude_ports" type="text" class="form-control"
placeholder="e.g., 80,443,8080">
</div>
</div>
<!-- HTTP Headers -->
<div class="col-md-6">
<h3>HTTP Headers</h3>
<div class="input-group col-xs-12">
<span class="input-group-addon">Headers</span>
<textarea class="form-control" rows="3" id="http_headers"
placeholder="Header: Value&#10;Another-Header: Value"></textarea>
</div>
</div>
</div>
<br>
<div class="form-group col-md-6">

9
nettacker/web/static/js/main.js
View File

@ -341,6 +341,12 @@ $(document).ready(function () {
} else {
var p_3 = false;
}
if (document.getElementById("skip_service_discovery").checked) {
var skip_service_discovery = true;
} else {
var skip_service_discovery = false;
}
// profiles
var p = [];
var n = 0;
@ -391,6 +397,9 @@ $(document).ready(function () {
socks_proxy: $("#socks_proxy").val(),
usernames: $("#usernames").val(),
passwords: $("#passwords").val(),
skip_service_discovery: skip_service_discovery,
excluded_ports: $('#exclude_ports').val(),
http_header: $('#http_headers').val()
};
// replace "" with null