..a different index page for the suite. It's very easy because the only thing you need to do is change the content of default.php. I don't want to create something like hello world..
xAnalyze is a module that can search through corrupt data and configuration files in order to find the exact position of errors
<?php
/* Wordlist Manager
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 08-03-2015
*/
$_CONTEXT['subtitle'] = "Wordlist Manager";
// target files we need, so make sure they are present
$aFiles = array($_PATHS['functions_root']."/get_file_data.php",$_PATHS['functions_root']."/fwrite.php",$_PATHS['functions_root']."/getfilebydir.php");
for($x=0;$x<count($aFiles);$x++){
(!IsThere($aFiles[$x]) ? include_once($_PATHS['end']) : include_once($aFiles[$x]));
}
// get files from the wordlist directory
$aFiles = GetFilesByDirectory($_PATHS['wordlists_root'],0);
if(!isset($_POST['submit'])){
// select wordlist form
$sSelect = "<select name=\"sList\">\n";
$iFiles = count($aFiles);
$sSubmit = "";
if($iFiles>0){
$sSubmit .= " <input type=\"submit\" name=\"submit\" value=\"Remove\"> <input type=\"submit\" name=\"submit\" value=\"View\">";
for($x=0;$x<$iFiles;$x++){
$sDest = $_PATHS['wordlists_root']."/".$aFiles[$x];
// let's make the file selection menu
$sSelect .= "<option value=\"".$aFiles[$x]."\">".$aFiles[$x]." - ".@round(filesize($sDest)/1024,2)." KB</option>\n";
}
$sSelect .= "</select>\n";
}
// form
$sCode .= " <form method=\"post\">\n";
$sCode .= " <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
$sCode .= " <div class=\"embosshdrnocenter border1pxtrans pad10\" id=\"dscrp\">Manage your wordlists</div>\n";
$sCode .= " <div class=\"cc_record\" id=\"goaway\">\n";
$sCode .= " <div class=\"flt pad3\">\n";
$sCode .= " > <a href=\"#\" class=\"importme\">import wordlist from url</a><br />\n";
$sCode .= " > <a href=\"index.php?module=thc_pg\">create new wordlist</a>\n";
$sCode .= " </div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\" id=\"goaway\">\n";
$sCode .= " <div class=\"flt pad3 w150\">select wordlist:</div><div class=\"flt pad3\">".$sSelect."</div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\" id=\"goaway\">\n";
$sCode .= " <div class=\"flt pad3\">".$sSubmit."<input type=\"hidden\" name=\"iCFG\" value=\"".$_POST['iCFG']."\" /></div>\n";
$sCode .= " </div>\n";
$sCode .= " </div>\n";
$sCode .= " </form>\n";
$sCode .= "<script type=\"text/javascript\">\n";
$sCode .= "\$(document).ready(function(){\n";
$sCode .= " \$(\"a.importme\").click(function(e){\n";
$sCode .= " e.preventDefault();\n";
$sCode .= " \$('.cc_record#goaway').hide('fast');\n";
$sCode .= " \$('.embosshdrnocenter#dscrp').after('<div class=\"cc_record\"><div class=\"flt pad3\"><b>url:</b> <input type=\"text\" name=\"sUrl\" value=\"\" /></div></div><div class=\"clear\"></div><div class=\"cc_record\"><div class=\"flt pad3\"><input type=\"submit\" name=\"submit\" value=\"Import\" /></div></div><div class=\"clear\"></div>');\n";
$sCode .= " });\n";
$sCode .= "});\n";
$sCode .= "</script>\n";
}
elseif($_POST['submit']=="Remove"){
// delete wordlist
$sDest = ExploitFilter($_PATHS['wordlists_root']."/".$_POST['sList'],0,1);
if(!file_exists($sDest)){
$_CONTEXT['errors'][] = "Wordlist file doesn't exist";
include_once($_PATHS['end']);
}
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result'].(@unlink($sDest) ? "Removed wordlist file" : "Failed to remove wordlist file")."</div>";
}
elseif($_POST['submit']=="Import"){
// import wordlist
$aUrl = @parse_url($_POST['sUrl']);
if(!isset($aUrl['host']) || empty($aUrl['host'])){
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Invalid url specified.</div>";
}
elseif(!isset($aUrl['path']) || empty($aUrl['path'])){
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."No path specified.</div>";
}
else{
$aExtensions = array("pwl","txt","dat","php","lst");
$aExtension = @explode(".",$aUrl['path']);
$sExtension = $aExtension[count($aExtension)-1];
if(!in_array($sExtension,$aExtensions)){
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Invalid extension, if you really want to allow this extension you should open <b>Native/wordlistimport.php</b> and add the extension to <b>\$aExtensions</b></div>";
}
else{
if(false===($sData = @file_get_contents($_POST['sUrl']))){
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Failed to get data from target.</div>";
}
else{
$aData = explode("\n",$sData);
if(strlen($aData[0])>20){
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."The content doesn't seem to be a wordlist.</div>";
}
elseif(strlen($sData)<1024){
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."File needs to be at least 1KB large.</div>";
}
else{
(!WriteF($_PATHS['wordlists_root']."/".time().".txt",$sData,"w") ? include_once($_PATHS['end']) : $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result']."Successfully added wordlist.</div>");
}
}
}
}
}
elseif($_POST['submit']=="View"){
// show source
$sDest = ExploitFilter($_PATHS['wordlists_root']."/".$_POST['sList'],0,1);
if(!file_exists($sDest)){
$_CONTEXT['errors'][] = "Wordlist file doesn't exist";
include_once($_PATHS['end']);
}
$sData = @str_replace("\n","<br />\n",htmlspecialchars(file_get_contents($sDest)));
$sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result'].$sData."</div>";
}
else{
// invalid submission button
$_CONTEXT['errors'][] = "Specified value for submission button is invalid.";
include_once($_PATHS['end']);
}
?>