random gallery image
random tutorial
preview

..show you how to create native tools. I'm not going to make a new tool though, instead I will show you what is required to create one. You can find all the native tools in the..

read more

random information gathering
THC Sscan

THC Sscan is a very versatile tool for scanning (html) files

more about this module
more of this category
more modules

HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/* 
AntiEvil output window

Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 16-03-2015
*/
set_time_limit(0);
// set variable to be able to save a task
$_MODULE_C "thc_ae";
include_once(
"../../Includes/screen_header.php");
$sDest $_PATHS['module_default_root']."/plugins.php";
(!
IsThere($sDest) ? include_once($_PATHS['end']) : include_once($sDest));
include_once(
$_PATHS['style_root']."/screen.php");
// options
$sOptions "<b>logging:</b> ".($_CONTEXT['log']==true "on" "off")."<br>\n";
$sOptions .= "<b>silence:</b> ".($_CONTEXT['silent']==true "on" "off")."<br>\n";
$sOptions .= "<b>verbose:</b> ".($_CONTEXT['verbose']==true "on" "off")."\n";
include_once(
$_PATHS['functions_root']."/scrn.php");
if(isset(
$_POST['submit'])){
    switch(
$_POST['submit']){
        case
"Discover":
        
// go through all plugins and see which and if plugins can be loaded
        
$iLoad 0;
        if(!
is_dir($_POST['sRoot']) || (substr($_POST['sRoot'],0,strlen($_SERVER['DOCUMENT_ROOT'])))!=$_SERVER['DOCUMENT_ROOT']){
            die(
Screen($sOut."<b id=h7>Invalid directory or above root</b>".$sEnd."<br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']));
        }
        foreach(
$_CONTEXT['thcaeplugs'] as $sKey=>$aValues){
            if(isset(
$_POST[$sKey])){
                
$iLoad++;
                include_once(
$_PATHS['module_default_root']."/plugins/".$aValues[1]);
            }
        }
        if(!
$iLoad){
            die(
Screen($sOut."<b id=h7>No plug-ins loaded</b>".$sEnd."<br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']));
        }
        include_once(
$_PATHS['includes_root']."/task_start.php");
        echo 
Screen($sOut,$_CONTEXT['verbose'],$_CONTEXT['silent']);
        echo 
Screen("<br>\n<b>Plugins initialized, preparing scan on documents</b><p>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
        
flush();
        
ob_flush();
        echo 
Screen("<br>\n<b>Running scan on localhost..</b><p>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
        
// spit fire...
        
flush();
        
ob_flush();
        break;
        default:
        
// default template
        
echo $sOut;
        echo 
$sOptions;
        echo 
$sEnd;
        exit;
    }
}
else{
    echo 
$sOut;
    echo 
$sOptions;
    echo 
$sEnd;
    exit;
}
$oIterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($_POST['sRoot']),RecursiveIteratorIterator::CHILD_FIRST);
// go through the folder
$iIssues 0;
$iDirs 0;
$iFiles 0;
$_CONTEXT['parse'] = array();
foreach(
$oIterator as $oPath){
    
$sFileData "";
    if(
$oPath->isDir()){
        
$iDirs++;
        if(isset(
$_POST['folders']) && in_array($oPath->getBasename(),$_CONTEXT['thcaeplugs']['folders'])){
            
// folders
            
$iIssues++;
            echo 
Screen("Found suspicious folder <b>".$oPath->getBasename()."</b> in ".$oPath->__toString()."<br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
            
flush();
            
ob_flush();
        }
    }
    else{
        
$iFiles++;
        
$sExt = (@substr($oPath->getExtension(),0,3)=="php" "php" $oPath->getExtension());
        if(isset(
$_POST['backdoors']) && in_array($oPath->getFilename(),$_CONTEXT['thcaeplugs']['shells'])){
            
// shells
            
$iIssues++;
            echo 
Screen("Found possible shell <b>".$oPath->getFilename()."</b> in ".$oPath->__toString()."<br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
            
flush();
            
ob_flush();
        }
        if(isset(
$_POST['malicious']) && isset($_CONTEXT['thcaeplugs'][$sExt]) && in_array($sExt,$_CONTEXT['thcaeplugs']['browsable'])){
            
// code
            
if(filesize($oPath->__toString())>0){
                
$sFileData file_get_contents($oPath->__toString());
                for(
$x=0;$x<count($_CONTEXT['thcaeplugs'][$sExt]);$x++){
                    
$iPos strpos($sFileData,$_CONTEXT['thcaeplugs'][$sExt][$x]);
                    if(
is_int($iPos)){
                        
$iIssues++;
                        echo 
Screen("Found possible evil code in ".$oPath->__toString()."<br />\n<blockquote>".substr($sFileData,$iPos,(strpos($sFileData,"\n",$iPos)-$iPos))."</blockquote>",$_CONTEXT['verbose'],$_CONTEXT['silent']);
                        
flush();
                        
ob_flush();
                    }
                }
            }
        }
        if(isset(
$_POST['time'])){
            
// time
            
$iTimeSearch $oPath->getMTime();
            if(
$iTimeE>=$iTimeSearch && $iTimeS<=$iTimeSearch){
                
$iIssues++;
                echo 
Screen("Found changed/created file ".$oPath->__toString()." from ".date($_CONTEXT['time_pattern'].' H:i:s',$iTimeSearch)."<br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
                
flush();
                
ob_flush();
            }
        }
        if(isset(
$_POST['remote']) && in_array($sExt,array("html","htm","php"))){
            
// remote js, embed and iframes
            
if($sFileData==""){
                
$sFileData file_get_contents($oPath->__toString());
            }
            
// get remote src
            
for($a=0;$a<count($_CONTEXT['thcaeplugs']['regexes']);$a++){
                
preg_match_all($_CONTEXT['thcaeplugs']['regexes'][$a],$sFileData,$aTemp);
                if(isset(
$aTemp[0][0]) && !empty($aTemp[0][0])){
                    for(
$i=0;$i<count($aTemp[0]);$i++){
                        
$aTemp[0][$i] = str_replace(" ","",str_replace("'","\"",stripslashes($aTemp[0][$i])));
                        
preg_match_all('/src="([^"]*)"/is',$aTemp[0][$i],$aTemp2);
                        if(isset(
$aTemp2[1][0]) && $aTemp2[1][0]!=""){
                            if(
substr($aTemp2[1][0],0,7)=="http://" && substr($aTemp2[1][0],0,strlen("http://".$_SERVER['HTTP_HOST']))!="http://".$_SERVER['HTTP_HOST']){
                                
$iIssues++;
                                echo 
Screen("Found possible remote thread in ".$oPath->__toString()."<br />\n<blockquote>".$aTemp2[1][0]."</blockquote>",$_CONTEXT['verbose'],$_CONTEXT['silent']);
                                
flush();
                                
ob_flush();
                            }
                        }
                    }
                }
            }
        }
    }
}
echo 
Screen("<p><b>issues found:</b> ".$iIssues.", <b>folders:</b> ".$iDirs.", <b>files:</b> ".$iFiles."</p>",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// update entry in background task file
include_once($_PATHS['includes_root']."/task_end.php");
echo 
$sEnd;
?>
powered by
site stats
cms statistics:
version: 0.6.0
downloads: 4372
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
Created by Remco Kouw. Powered by protein shakes and a high calorie diet.