..you how to make a multi bridge between THC_DO, THC_SS and THC_II and keep track of the output in realtime using iframes. So what exactly are we going to do? First of all if you don't..
THC Sscan is a very versatile tool for scanning (html) files
<?php
/* Server map manager for THC_XM
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 07-03-2015
*/
if(!defined('IN_SCRIPT')){
exit;
}
$_CONTEXT['subtitle'] = "Map Manager";
$_PATHS['map_root'] = $_PATHS['root']."/Modules/thc_xm/BluePrints";
// target files we need, so make sure they are present
$aFiles = array($_PATHS['functions_root']."/get_file_data.php",$_PATHS['functions_root']."/getfilebydir.php",$_PATHS['functions_root']."/fwrite.php");
for($x=0;$x<count($aFiles);$x++){
(!IsThere($aFiles[$x]) ? include_once($_PATHS['end']) : include_once($aFiles[$x]));
}
// get files from the map directory
$aFiles = GetFilesByDirectory($_PATHS['map_root'],0);
if(!isset($_POST['submit'])){
// select shell form
$sSelect = "<select name=\"sMap\">\n";
$iFiles = count($aFiles);
if($iFiles>0){
for($x=0;$x<$iFiles;$x++){
// let's make the file selection menu
$sSelect .= "<option value=\"".$aFiles[$x]."\">".$aFiles[$x]."</option>\n";
}
$sSelect .= "</select>\n";
$sCode .= " <form method=\"post\">\n";
$sCode .= " <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
$sCode .= " <div class=\"embosshdrnocenter border1pxtrans pad10\">Manage generated map files</div>\n";
$sCode .= " <div class=\"cc_record emboss overflw borderr5 mt5\">\n";
$sCode .= " <div class=\"flt pad3 w150\">select map file:</div>\n";
$sCode .= " <div class=\"flt pad3\">".$sSelect."</div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3\"><input type=\"hidden\" name=\"iCFG\" value=\"".$_POST['iCFG']."\" /><input type=\"submit\" name=\"submit\" value=\"Download\" /> <input type=\"submit\" name=\"submit\" value=\"Remove\" /> <input type=\"submit\" name=\"submit\" value=\"Show Source\" /></div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " </div>\n";
$sCode .= " </form>\n";
}
else{
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['notice']."No maps found, you can create them <a href=\"index.php?module=thc_xm\">here</a></div>\n";
}
}
elseif($_POST['submit']=="Remove"){
// delete blueprint
$sDest = ExploitFilter($_PATHS['map_root']."/".$_POST['sMap'],0,1);
if(!file_exists($sDest)){
$_CONTEXT['errors'][] = "BluePrint file doesn't exist";
include_once($_PATHS['end']);
}
include_once("thc_xm/profiles.php");
if(@count($_CONTEXT['blueprints'])===false){
$aDataR['jerror'] = "Corrupt profiles file, expecting blueprints array.";
}
else{
$sName = "";
for($x=0;$x<count($_CONTEXT['blueprints']);$x++){
if($_CONTEXT['blueprints'][$x][1]==$_POST['sMap']){
$sName = $_CONTEXT['blueprints'][$x][0];
break;
}
}
if($sName!=""){
$sData = @file_get_contents("Modules/thc_xm/profiles.php");
$sData2 = str_replace("\$_CONTEXT['blueprints'][] = array(\"".$sName."\",\"".$_POST['sMap']."\");\n","",$sData);
if(strlen($sData2)!=strlen($sData)){
WriteF("thc_xm/profiles.php",$sData2,"w");
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result'].(@unlink($sDest) ? "Removed map file" : "Failed to remove map file")."</div>";
}
else{
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Failed to remove map from profile.</div>";
}
}
else{
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Failed to find item in profile.</div>";
}
}
}
elseif($_POST['submit']=="Show Source"){
// show source
$sDest = ExploitFilter($_PATHS['map_root']."/".$_POST['sMap'],0,1);
if(!file_exists($sDest)){
$_CONTEXT['errors'][] = "Map file doesn't exist";
include_once($_PATHS['end']);
}
$sData = @str_replace("\n","<br />\n",htmlspecialchars(file_get_contents($sDest)));
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result'].$sData."</div>";
}
elseif($_POST['submit']=="Download"){
// download
$sDest = ExploitFilter($_PATHS['map_root']."/".$_POST['sMap'],0,1);
if(!file_exists($sDest)){
$_CONTEXT['errors'][] = "Map file doesn't exist";
include_once($_PATHS['end']);
}
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Disposition: attachment;filename=".basename($sDest)." ");
header("Content-Transfer-Encoding: binary ");
readfile($sDest);
exit;
}
else{
// invalid submission button
$_CONTEXT['errors'][] = "Specified value for submission button is invalid.";
include_once($_PATHS['end']);
}
?>