#!/bin/sh
#
#	Network Security Analysis Tool
#		v 1.07
#	    (c) 1999 by Mixter          
#
#	xnsat - X frontend to nsat
# requires X11 and Tcl/Tk with windowing shell (wish) installed
# \
exec wish "$0" "$@"

global status ping coward verbose scantype
global timeout maxproc maxlife minidle
global first last binary

# Change this to the correct path
set binary "/usr/local/bin/nsat"

set scantype 0
set status 1
set ping 0
set coward 0
set verbose 3
set timeout 0
set maxproc 0
set maxlife 0
set minidle 0
set first "127.0.0.1"
set last "0"

if {![file exists $binary]} {
wm withdraw .
toplevel .x
wm title .x "Error"
label .x.x -text "CANNOT FIND FILE: $binary - PLEASE EDIT XNSAT"
checkbutton .x.y -text "OK" -command "destroy ."
pack .x.x .x.y
} {

wm withdraw .
toplevel .nsat
wm title .nsat "Network Security Analysis Tool v1.x   (c) 1999 Mixter"
wm geometry .nsat 500x720
wm maxsize .nsat 500 720 
wm minsize .nsat 500 720

button .nsat.help -text "Help" -command "help"
pack .nsat.help -side top -anchor ne
frame .nsat.fb
button .nsat.fb.start -text "Commence scan" -command "scan"
button .nsat.fb.rec -text "Recover (needs progress file)" -command "rec"
button .nsat.fb.logs -text "View log files" -command "logs"
button .nsat.fb.finish -text "Close" -command "bye"
pack .nsat.fb.start .nsat.fb.rec -side right -anchor n
pack .nsat.fb.logs .nsat.fb.finish -side right -anchor n
pack .nsat.fb -anchor nw

label .nsat.c1 -text "Options"
frame .nsat.clt
pack .nsat.c1 .nsat.clt -fill x -anchor nw
checkbutton .nsat.clt.t1 -text "Display status" -variable status
checkbutton .nsat.clt.t2 -text "Ping dependent" -variable ping
checkbutton .nsat.clt.t3 -text "Stealth mode" -variable coward
pack .nsat.clt.t1 .nsat.clt.t2 .nsat.clt.t3 -side left -anchor nw
focus .nsat.clt

checkbutton .nsat.t4 -text "File scan (inactive: host/range scan)" -variable scantype
pack .nsat.t4 -side top -anchor nw

label .nsat.l1 -text "Connection timeout: "
entry .nsat.te1 -width 20 -relief sunken -bd 2 -textvariable timeout

label .nsat.l2 -text "Maximum processes: "
entry .nsat.te2 -width 20 -relief sunken -bd 2 -textvariable maxproc

label .nsat.l3 -text "Maximum lifetime: "
entry .nsat.te3 -width 20 -relief sunken -bd 2 -textvariable maxlife

label .nsat.l4 -text "Minimum idletime: "
entry .nsat.te4 -width 20 -relief sunken -bd 2 -textvariable minidle

label .nsat.l5 -text "Verbosity Level: "
entry .nsat.te5 -textvariable verbose

pack .nsat.l1 .nsat.te1 -side top -anchor nw
pack .nsat.l2 .nsat.te2 -side top -anchor nw
pack .nsat.l3 .nsat.te3 -side top -anchor nw
pack .nsat.l4 .nsat.te4 -side top -anchor nw
pack .nsat.l5 .nsat.te5 -side top -anchor nw

label .nsat.c3 -text "Targets"
pack .nsat.c3 -anchor n

label .nsat.bt2 -text "Start IP/Host or input filename: "
entry .nsat.be1 -width 20 -relief sunken -bd 2 -textvariable first
pack .nsat.bt2 .nsat.be1 -side top -anchor n

label .nsat.bt3 -text "End IP (or 0 for single/file scan): "
entry .nsat.be2 -width 20 -relief sunken -bd 2 -textvariable last
pack .nsat.bt3 .nsat.be2 -side top -anchor n

frame .nsat.opt
text .nsat.opt.output -height 35 -width 75 -relief sunken -yscrollcommand ".nsat.opt.scl set"
scrollbar .nsat.opt.scl -command ".nsat.opt.output yview"
pack .nsat.opt.scl -side right -fill y -anchor nw
pack .nsat.opt -side top -anchor nw
pack .nsat.opt.output -anchor nw
.nsat.opt.output insert 1.0 "Scan Status\n"
.nsat.opt.output tag add sline {1.0 linestart} {1.0 lineend}
.nsat.opt.output tag configure sline -foreground red
.nsat.opt.output tag configure sline -underline 1
.nsat.opt.output tag configure sline -justify center
.nsat.opt.output insert 2.0 "* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n"
.nsat.opt.output configure -state disabled
.nsat.opt.output configure -state normal

proc help { } {
toplevel .help
wm title .help "xnsat help"
wm geometry .help 500x300
label .help.1 -text "This is the X frontend to NSAT, the"
label .help.2 -text "Network Security Analysis Tool."
label .help.3 -text "The purpose of this application is to audit services"
label .help.4 -text "of any amount of hosts remotely and reliably. You can"
label .help.5 -text "learn about NSATs capabilities and usage by reading the"
label .help.6 -text "nsat(8) manpage."
label .help.7 -text "Please be aware that a couple of log files will be created"
label .help.8 -text "in the current directory, so consider running xnsat from"
label .help.10 -text "a separate path. xnsat will either parse IP addresses from"
label .help.11 -text "a filename, or scan a range of IPs incrementally."
label .help.12 -text "In case the last IP is zero, xnsat will perform a"
label .help.13 -text "single-host-scan."
pack .help.1 .help.2 .help.3 .help.4 .help.5 .help.6 .help.7 .help.8 .help.10 .help.11 .help.12 .help.13
button .help.ok -text "OK" -command "destroy .help"
pack .help.ok -side bottom
}

proc rec { } {
global binary
if {[catch "exec $binary" x]} {
 .nsat.opt.output insert 2.0 "ERROR: $x\n"
 } {
 .nsat.opt.output insert 2.0 "Succeeded:\n$x\n"
 }
.nsat.opt.output insert 2.0 "* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n"
return;
}

proc scan { } {
global status ping coward verbose scantype
global timeout maxproc maxlife minidle
global first last binary

catch "exec rm -f .nsrc .nspid"
set optstring ""
if {$status} {append optstring " -n"}
append optstring " -p " $ping
append optstring " -c " $coward
append optstring " -v " $verbose
if {$timeout} {append optstring " -t " $timeout}
if {$maxproc} {append optstring " -m " $maxproc}
if {$maxlife} {append optstring " -l " $maxlife}
if {$minidle} {append optstring " -i " $minidle}

if {$scantype} {
  if {![file exists $first]} { .nsat.opt.output insert 2.0 "* File not found: $first\n" ; return }
  set arg "$binary $optstring -f $first"
 } {
  if {$last != "0"} {
  set arg "$binary $optstring -s $first -e $last"
  } {
  set arg "$binary $optstring -h $first"
  }
 }
set i [catch "exec /bin/sh -c \"${arg} >status.log\" &" xxx]
if {$i} {
.nsat.opt.output insert 2.0 "ERROR: $xxx\n"
return;
} {
.nsat.opt.output insert 2.0 "Launched, pid $xxx.\n"
}
after 5000 actualize
.nsat.opt.output insert 2.0 "* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n"
return;
}

proc actualize { } {
global status updtime
.nsat.opt.output insert 2.0 "[exec cat status.log]\n"
.nsat.opt.output insert 2.0 "* * * * * * * * * * * * S T A T U S * * * * * * * * * * * * * *\n"
if {$status} {after 5000 act_2}
}

proc act_2 { } {
.nsat.opt.output insert 2.0 "[exec tail -n 1 status.log]\n"
.nsat.opt.output insert 2.0 "* * * * * * * * * * * * U P D A T E * * * * * * * * * * * * * * *\n"
after 5000 act_2
}

proc bye { } {
catch "exec killall -9 nsat"
destroy .
}

proc logs { } {
toplevel .log
wm title .log "View NSAT Log Files"
#wm geometry .log 500x300
set filez { ports ftp ssh telnet sendmail dns httpd pop2 pop3 imap os
            unknown-os finger snmp smb }
set filez2 { nntp exports netstat backdoor
            ircd xwindows netbios icmp rpc cgi bo nlps debug }

button .log.close -text Close -command "destroy .log"
pack .log.close

frame  .log.a
foreach bt $filez {
 if { [file readable ${bt}.log] } {
   button .log.a.${bt} -text $bt -command ".log.opt.output insert 2.0 \"\n[exec cat ${bt}.log]\"\n"
   pack .log.a.${bt} -anchor n -side right
  }
 }
frame  .log.b
foreach bt $filez2 {
 if { [file readable ${bt}.log] } {
   button .log.b.${bt} -text $bt -command ".log.opt.output insert 2.0 \"\n[exec cat ${bt}.log]\"\n"
   pack .log.b.${bt} -anchor n -side right
  }
 }
pack .log.a -anchor nw
pack .log.b -anchor sw
frame .log.opt
text .log.opt.output -height 35 -width 75 -relief sunken -yscrollcommand ".log.opt.scl set"
scrollbar .log.opt.scl -command ".log.opt.output yview"
pack .log.opt.scl -side right -fill y -anchor nw
pack .log.opt -side top -anchor nw
pack .log.opt.output -anchor nw
.log.opt.output configure -state disabled
.log.opt.output configure -state normal
}

}
