..create a different index page for the suite. It's very easy because the only thing you need to do is change the content of default.php. I don't want to create something like hello..
AntiFTP uses wordlists in order to bruteforce FTP user accounts
<?php
/*
Sets up the search for easy to guess passwords.
In order to debug requests you can add the following after $cTHC->LoadUsers();
var_dump($cTHC);
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 12-11-2014
*/
set_time_limit(0);
ignore_user_abort(true);
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
$_DYNAMIC_ROOT = "../../..";
include_once("../../../header.php");
include_once("header.php");
// setup database connection
if(isset($_POST['sProduct'])){
$_CONTEXT['db'] = array();
if(isset($_POST['iProfile']) && $_POST['iProfile']==1){
// from profile
$aProfile = @explode(":",$_POST['sProfiles']);
if(@isset($_CONTEXT['dbcon'][$aProfile[0]][$aProfile[1]])){
$_CONTEXT['db']['host'] = $_CONTEXT['dbcon'][$aProfile[0]][$aProfile[1]]['host'];
$_CONTEXT['db']['username'] = $_CONTEXT['dbcon'][$aProfile[0]][$aProfile[1]]['user'];
$_CONTEXT['db']['password'] = $_CONTEXT['dbcon'][$aProfile[0]][$aProfile[1]]['pass'];
$_CONTEXT['db']['database'] = $_CONTEXT['dbcon'][$aProfile[0]][$aProfile[1]]['db'];
}
}
else{
// from user input
$_CONTEXT['db']['host'] = $_POST['sHostDB'];
$_CONTEXT['db']['username'] = $_POST['sUserDB'];
$_CONTEXT['db']['password'] = $_POST['sPassDB'];
$_CONTEXT['db']['database'] = $_POST['sNameDB'];
}
$rConnect = @mysql_connect($_CONTEXT['db']['host'],$_CONTEXT['db']['username'],$_CONTEXT['db']['password']);
if(!is_resource($rConnect) || @mysql_select_db($_CONTEXT['db']['database'])===false){
// fail so abort
$_CONTEXT['errors'][] = "Invalid database connection credentials.";
include_once($_PATHS['end']);
}
// load setup and find easy passwords
$cTHC->LoadWordlist($_POST['sWordlist']);
$cTHC->LoadProperties($_POST['sProduct']);
$cTHC->LoadUsers();
$cTHC->CrackUsers(0);
}
?>