..or more modules you must have seen the iframes used for realtime result display. In this tutorial I'm going to show you how to insert them into your module and how they function. what..
Creates a blueprint/map of a server folder
<?php
/*
The file index.php handles all communication between the frontend and the request handlers
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 08-03-2015
*/
if(!defined("IN_SCRIPT")){
exit;
}
echo"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
echo"<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
echo"<head>\n";
echo"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
echo"<title>THC Medusa Black</title>\n";
echo"<link rel=\"stylesheet\" type=\"text/css\" href=\"../css/style.css\" />\n";
echo"<script type=\"text/javascript\" src=\"../../../JS/jquery-1.9.1.min.js\"></script>\n";
echo"<script type=\"text/javascript\" src=\"../../../JS/jquery.easing.js\"></script>\n";
echo"</head>\n";
echo"<body>\n";
// create the setup form
echo"<center><img src=\"../images/medusa2.png\" border=\"0\" /></center>\n";
echo"<form target=\"screen\" action=\"cracker.php\" method=\"post\">\n";
echo"<div class=\"formwrap\">\n";
echo" <div class=\"form\">\n";
echo" <div class=\"row\" id=\"defi\">\n";
echo" <div class=\"iframe\"><iframe src=\"cracker.php\" width=\"0\" height=\"0\" name=\"screen\"></iframe></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\">\n";
echo" <div class=\"progress\"><div class=\"nojs red\">please enable javascript in your browser</div></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
// get products
$sSelect = "\n<select name=\"sProduct\" class=\"product\">\n";
$bProduct = false;
for($x=0;$x<count($aFiles);$x++){
if(filesize($aFiles[$x])>0){
$bProduct = true;
include_once($aFiles[$x]);
$sSelect .= "<option value=\"".$_PROPERTIES['filename']."\">".$_PROPERTIES['name']." ".$_PROPERTIES['version']."</option>\n";
}
}
$sSelect .= "</select>\n";
echo" <div class=\"row\" id=\"def\">\n";
echo" <div class=\"text\">choose your product</div>\n";
echo" <div class=\"input\">".($bProduct ? $sSelect : "<b class=\"red\">no or invalid product definitions found!</b>")."</div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"def\">\n";
echo" <div class=\"text\">wordlists</div>\n";
echo" <div class=\"input\">".(!empty($sSelectWord) ? $sSelectWord : "<b class=\"red\">no or empty wordlists found!</b>")."</div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
if($bRecords){
echo" <div class=\"row\" id=\"connect\">\n";
echo" <div class=\"text\">connect with profile</div>\n";
echo" <div class=\"input\"><input type=\"checkbox\" class=\"profileopt\" name=\"iProfile\" value=\"1\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
}
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"db\">\n";
echo" <div class=\"text\">database user</div>\n";
echo" <div class=\"input\"><input type=\"text\" name=\"sUserDB\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"db\">\n";
echo" <div class=\"text\">database pass</div>\n";
echo" <div class=\"input\"><input type=\"password\" name=\"sPassDB\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"db\">\n";
echo" <div class=\"text\">database host</div>\n";
echo" <div class=\"input\"><input type=\"text\" name=\"sHostDB\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"db\">\n";
echo" <div class=\"text\">database name</div>\n";
echo" <div class=\"input\"><input type=\"text\" name=\"sNameDB\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"cprofile\">\n";
echo" <div class=\"text\">connections</div>\n";
echo" <div class=\"input\">".($bRecords ? $sSelectProfiles : "<b class=\"red\">no profiles found!</b>")."</div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"def2\">\n";
echo" <div class=\"text\">use default settings</div>\n";
echo" <div class=\"input\"><input type=\"checkbox\" class=\"hideoptions\" name=\"iUseDefault\" value=\"1\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"options\">\n";
echo" <div class=\"text\">username field</div>\n";
echo" <div class=\"input\"><input type=\"text\" class=\"usernamefield\" name=\"sUserNameField\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"options\">\n";
echo" <div class=\"text\">email field</div>\n";
echo" <div class=\"input\"><input type=\"text\" class=\"emailfield\" name=\"sEmailField\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"options\">\n";
echo" <div class=\"text\">hash field</div>\n";
echo" <div class=\"input\"><input type=\"text\" class=\"hashfield\" name=\"sHashField\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"options\">\n";
echo" <div class=\"text\">table name</div>\n";
echo" <div class=\"input\"><input type=\"text\" class=\"tablename\" name=\"sTableName\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"options\">\n";
echo" <div class=\"text\">table prefix</div>\n";
echo" <div class=\"input\"><input type=\"text\" class=\"tableprefix\" name=\"sTablePrefix\" value=\"\" /></div>\n";
echo" </div>\n";
echo" <div class=\"clear\"></div>\n";
echo" <div class=\"row\" id=\"submitit\">\n";
echo" <div class=\"text\"></div>\n";
echo" <div class=\"input\">".($bProduct ? "<input type=\"submit\" name=\"submit\" class=\"submit\" value=\"Submit\" /> <a href=\"../white\">[ whitehat ]</a> <a href=\"#\" class=\"cfglink\">[ database profiler ]</a> <a href=\"#\" class=\"manual\">[ manual cracking ]</a> <a href=\"shellmanager.php\">[ shell manager ]</a> <a href=\"../../../index.php\">[ home ]</a>" : "")."</div>\n";
echo" </div>\n";
echo" </div>\n";
echo"</div>\n";
echo"</form>\n";
echo"<script type=\"text/javascript\">\n";
echo"\$('.row#cprofile').hide();\n";
echo"\$('.profileopt').removeAttr(\"checked\");\n";
echo"var refreshIntervalId = '';\n";
// fetches product properties when selection changes
echo"\$(document).on(\"change\",\".product\",function(e){\n";
echo" e.preventDefault();\n";
echo" dataString = \$(this).serialize();\n";
echo" \$.ajax({\n";
echo" type: \"POST\",\n";
echo" data: dataString,\n";
echo" url: \"../forums/\"+$(this).val()+\"?JSON=1\",\n";
echo" dataType: \"json\",\n";
echo" success: function(json){\n";
echo" \$('input.usernamefield').val(json.usernamefield);\n";
echo" \$('input.emailfield').val(json.emailfield);\n";
echo" \$('input.hashfield').val(json.hashfield);\n";
echo" \$('input.tablename').val(json.tablename);\n";
echo" \$('input.tableprefix').val(json.tableprefix);\n";
echo" },\n";
echo" error: function(xhr, textStatus, errorThrown){\n";
echo" alert(errorThrown);\n";
echo" }\n";
echo" });\n";
echo"});\n";
// hide or display optional form elements
echo"\$(document).on(\"change\",\".hideoptions\",function(){\n";
echo" if(\$(this).is(\":checked\")){\n";
echo" \$('.row#options').hide();\n";
echo" }\n";
echo" else{\n";
echo" \$('.row#options').show();\n";
echo" }\n";
echo"});\n";
// hide or display connection profiles
echo"\$(document).on(\"change\",\".profileopt\",function(){\n";
echo" if(\$(this).is(\":checked\")){\n";
echo" \$('.row#db').hide();\n";
echo" \$('.row#cprofile').show();\n";
echo" }\n";
echo" else{\n";
echo" \$('.row#db').show();\n";
echo" \$('.row#cprofile').hide();\n";
echo" }\n";
echo"});\n";
// when submit is clicked check every x seconds for progress
echo"\$(document).on(\"click\",\".submit\",function(){\n";
echo" var refreshIntervalId = setInterval(function(){\n";
echo" \$.getJSON('taskreader.php', function(data) {\n";
echo" \$('.progress').html('');\n";
echo" \$.each(data, function(i,item){\n";
echo" if(\$('.task#'+i).length == 0){\n";
echo" \$('.progress').append('<div class=\"task\" id=\"'+i+'\"></div>');\n";
echo" }\n";
echo" if(item['current']==item['total'] && item['current']>0){\n";
echo" if(item['matches']==0){\n";
echo" \$('.task#'+i).html('<div><b>'+item['start']+'</b> '+item['product']+' '+item['version']+' - <b>found:</b> '+item['matches']+' - <b>no weak passwords found</b> - <a href=\"#\" class=\"removeid\" id=\"'+item['identifier']+'\">remove this task</a></div>');\n";
echo" }\n";
echo" else{\n";
echo" \$('.task#'+i).html('<div><b>'+item['start']+'</b> '+item['product']+' '+item['version']+' - <b>found:</b> '+item['matches']+' - <a href=\"#\" class=\"dumpid\" id=\"'+item['identifier']+'\">dump passwords</a> - <a href=\"#\" class=\"removeid\" id=\"'+item['identifier']+'\">remove this task</a></div>');\n";
echo" }\n";
echo" }\n";
echo" else{\n";
echo" \$('.task#'+i).html('<div><b>'+item['start']+'</b> '+item['product']+' '+item['version']+' - ('+item['current']+'/'+item['total']+') - <b>found:</b> '+item['matches']+' - <b>last:</b> '+item['last_user']+'</div>');\n";
echo" }\n";
echo" });\n";
echo" });\n";
echo" },1900);\n";
echo"});\n";
// dump results
echo"\$(document).on(\"click\",\"a.dumpid\",function(e){\n";
echo" e.preventDefault();\n";
echo" \$('.progress').after('<div class=\"dump\"></div>');\n";
echo" \$('.progress').remove();\n";
echo" \$('.row#options').remove();\n";
echo" \$('.row#submitit').remove();\n";
echo" \$('.row#def').remove();\n";
echo" \$('.row#def2').remove();\n";
echo" \$('.row#db').remove();\n";
echo" \$('.row#cprofile').remove();\n";
echo" \$('.row#connect').remove();\n";
echo" \$('.row#z').remove();\n";
echo" \$.ajax({\n";
echo" type: \"GET\",\n";
echo" url: \"handler.php?getresult=\"+\$(this).attr('id'),\n";
echo" dataType: \"json\",\n";
echo" success: function(json){\n";
echo" if(!json.jresult){\n";
echo" alert(json.jmessage);\n";
echo" }\n";
echo" else{\n";
echo" \$('.dump').append(json.jdump);\n";
echo" }\n";
echo" },\n";
echo" error: function(xhr, textStatus, errorThrown){\n";
echo" alert(errorThrown);\n";
echo" }\n";
echo" });\n";
echo" clearInterval(refreshIntervalId);\n";
echo"});\n";
// manual cracking
echo"\$(document).on(\"click\",\"a.manual\",function(e){\n";
echo" e.preventDefault();\n";
echo" \$('.progress').after('<div class=\"crackform\"></div>');\n";
echo" \$('.crackform').append('<div class=\"row\" id=\"z\"><div class=\"text\"><b>hash</b></div><div class=\"input\"><input type=\"text\" name=\"sHash\" value=\"\" /></div></div><div class=\"clear\"></div>');\n";
echo" \$('.crackform').append('<div class=\"row\" id=\"z\"><div class=\"text\"><b>username</b></div><div class=\"input\"><input type=\"text\" name=\"sUser\" value=\"\" /></div></div><div class=\"clear\"></div>');\n";
echo" \$('.crackform').append('<div class=\"row\" id=\"z\"><div class=\"text\">salt</div><div class=\"input\"><input type=\"text\" name=\"sSalt\" value=\"\" /></div></div><div class=\"clear\"></div>');\n";
echo" \$('.crackform').append('<div class=\"row\" id=\"z\"><font class=\"red\">specify the salt only if it\'s needed</font></div><div class=\"clear\"></div>');\n";
echo" \$('.row#options').remove();\n";
echo" \$('.row#submitit').remove();\n";
echo" \$('.row#db').remove();\n";
echo" \$('.row#def2').remove();\n";
echo" \$('.row#connect').after('<div class=\"row\" id=\"z\"><div class=\"input\"><input type=\"submit\" class=\"submit\" name=\"submit\" value=\"Crack\" /> <a href=\"index.php\">[ main ]</a> <a href=\"shellmanager.php\">[ shell manager ]</a></div></div></div><div class=\"clear\"></div>');\n";
echo" \$('.row#connect').remove();\n";
echo" clearInterval(refreshIntervalId);\n";
echo"});\n";
// make a configuration settings link using a form as we need to make a post request and I don't like buttons
echo"\$(\".cfglink\").click(function(e){\n";
echo" e.preventDefault();\n";
echo" var form = \$('<form action=\"../../../configuration.php\" method=\"post\">' + '<input type=\"hidden\" name=\"iCFG\" value=\"13\" />' + '</form>');\n";
echo" \$('body').append(form);\n";
echo" \$(form).submit();\n";
echo"});\n";
// remove task item
echo"\$(document).on(\"click\",\"a.removeid\",function(e){\n";
echo" e.preventDefault();\n";
echo" \$.ajax({\n";
echo" type: \"GET\",\n";
echo" url: \"handler.php?removetask=\"+\$(this).attr('id'),\n";
echo" dataType: \"json\",\n";
echo" success: function(json){\n";
echo" if(!json.jresult){\n";
echo" alert(json.jmessage);\n";
echo" }\n";
echo" },\n";
echo" error: function(xhr, textStatus, errorThrown){\n";
echo" alert(errorThrown);\n";
echo" }\n";
echo" });\n";
echo"});\n";
// remove no javascript message, if it's still there then no js is enabled
echo"\$('div.nojs').remove();\n";
echo"</script>\n";
echo"</body>\n";
echo"</html>";
?>