..show you how to create native tools. I'm not going to make a new tool though, instead I will show you what is required to create one. You can find all the native tools in the..
THC Sscan is a very versatile tool for scanning (html) files
<?php
/* THC InjectIT GUI
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 31-03-2015
*/
if(!defined("IN_SCRIPT")){
exit;
}
// add the js file to the headers first
$_CONTEXT['headers'] = (isset($_CONTEXT['headers']) ? $_CONTEXT['headers'] : "")."<script type=\"text/javascript\" src=\"".$_PATHS['module_default_root_http']."/menu.js\"></script>\n";
// we need to be able to read files from the urls directory
$sPage = $_PATHS['functions_root']."/getfilebydir.php";
(!IsThere($sPage) ? include_once($_PATHS['end']) : include_once($sPage));
$_CONTEXT['mfs'] = array();
/* keeps track of the current row when defining properties, which makes it easier to add and remove new rows */
$_CONTEXT['mfs']['currentrow'] = 0;
/* form properties */
$_CONTEXT['mfs']['module'] = $_CONTEXT['module_current'];
$_CONTEXT['mfs']['form'] = array();
$_CONTEXT['mfs']['form']['target'] = $_CONTEXT['screen']['name'];
$_CONTEXT['mfs']['form']['method'] = "post";
$_CONTEXT['mfs']['form']['action'] = $_CONTEXT['screen']['src'];
/* table */
$_CONTEXT['mfs']['table'] = array();
/* table header */
$_CONTEXT['mfs']['table']['header'] = array();
$_CONTEXT['mfs']['table']['header']['name'] = $_CONTEXT['modules'][$_CONTEXT['mfs']['module']]['name'];
$_CONTEXT['mfs']['table']['header']['description'] = $_CONTEXT['modules'][$_CONTEXT['mfs']['module']]['description'];
/* table rows */
$_CONTEXT['mfs']['table']['rows'] = array();
// select scan type
$sSelectAttack = "<select name=\"iAttackType\" class=\"attacktype\">\n";
$sSelectAttack .= " <option value=\"-1\" selected>select a scan</option>\n";
$sSelectAttack .= " <option value=\"0\">single scan</option>\n";
$sSelectAttack .= " <option value=\"1\">mass scan</option>\n";
$sSelectAttack .= "</select>\n";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "startscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "choose scan type";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sSelectAttack;
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "singlescan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "target";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = "<input type=\"text\" class=\"feedquery\" name=\"sTarget\" value=\"http://www.example.com/file.ext?var1=1&var2=1\" onfocus=\"this.value=''\" size=\"50\" />";
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "singlescan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "vars to poison";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['id'] = "querysplit";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = "";
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "massscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "filename";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
// get files from urls folder
$sFilesSelect = "";
if(false==($aFiles = GetFilesByDirectory($_PATHS['module_default_root']."/urls"))){
$sFilesSelect .= "No files in <b>urls</b> folder";
}
else{
$sFilesSelect .= "\n<select name=\"sUseFile\" class=\"usefile\">\n";
for($x=0;$x<count($aFiles);$x++){
$sFilesSelect .= " <option value=\"".$aFiles[$x]."\">".$aFiles[$x]."</option>\n";
}
$sFilesSelect .= "</select>\n";
}
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sFilesSelect;
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "allscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "attacks";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
// create selection form using inject.php
include_once($_PATHS['module_default_root']."/inject.php");
$sSelectExploit = "<select name=\"aExploits[]\" class=\"exploits\" multiple>\n";
foreach($_CONTEXT['inject'] as $sKey=>$aValues){
$sSelectExploit .= "<option value=\"".$sKey."\">use ".$sKey." exploit</option>\n";
}
$sSelectExploit .= "</select>\n";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sSelectExploit;
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "allscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "log all scans";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$sLogType = "<select name=\"iLogType\" class=\"logtype\">\n";
$sLogType .= " <option value=\"0\" selected>don't log scans</option>\n";
$sLogType .= " <option value=\"1\">log scans</option>\n";
$sLogType .= "</select>\n";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sLogType;
$_CONTEXT['mfs']['currentrow']++;
/* table rows */
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['value'] = "<div class=\"modrowleft mt5\"><input type=\"submit\" name=\"submit\" value=\"Scan\" class=\"submit\" /> <input type=\"submit\" name=\"submit\" value=\"Dump Log\" /> <input type=\"submit\" name=\"submit\" value=\"Truncate Log\" /></div>";
// create output form
$sCode = ModForm($_CONTEXT['mfs']);
?>