random gallery image
random tutorial
preview

..will make a new module and not just some new module, nope let's make a fully automatic injection script! This tutorial is the first step into making this. Let's first explain what we're..

read more

random vulnerability assesment
THC AntiEvil

Attempts to find suspicious and evil files or code

more about this module
more of this category
more modules

HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/*
The file index.php handles all communication between the frontend and the request handlers.

Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 08-03-2015
*/
if(!defined('IN_SCRIPT')){
    exit;
}
echo
"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
echo
"<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
echo
"<head>\n";
echo
"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
echo
"<title>THC Medusa White</title>\n";
echo
"<link rel=\"stylesheet\" type=\"text/css\" href=\"../css/style.css\" />\n";
echo
"<script type=\"text/javascript\" src=\"../../../JS/jquery-1.9.1.min.js\"></script>\n";
echo
"<script type=\"text/javascript\" src=\"../../../JS/jquery.easing.js\"></script>\n";
echo
"</head>\n";
echo
"<body>\n";
// create the setup form
echo"<center><img src=\"../images/medusa2.png\" border=\"0\" /></center>\n";
echo
"<form target=\"screen\" action=\"cracker.php\" method=\"post\">\n";
echo
"<div class=\"formwrap\">\n";
echo
"    <div class=\"form\">\n";
echo
"        <div class=\"row\" id=\"def\">\n";
echo
"            <div class=\"iframe\"><iframe src=\"cracker.php\" width=\"0\" height=\"0\" name=\"screen\"></iframe></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\">\n";
echo
"            <div class=\"progress\"><div class=\"nojs red\">please enable javascript in your browser</div></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
// get products
$sSelect "\n<select name=\"sProduct\" class=\"product\">\n";
$bProduct false;
for(
$x=0;$x<count($aFiles);$x++){
    if(@
filesize($aFiles[$x])>0){
        
$bProduct true;
        include_once(
$aFiles[$x]);
        
$sSelect .= "<option value=\"".$_PROPERTIES['filename']."\">".$_PROPERTIES['name']." ".$_PROPERTIES['version']."</option>\n";
    }
}
$sSelect .= "</select>\n";
echo
"        <div class=\"row\" id=\"def\">\n";
echo
"            <div class=\"text\">choose your product</div>\n";
echo
"            <div class=\"input\">".($bProduct $sSelect "<b class=\"red\">no or invalid product definitions found!</b>")."</div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"def\">\n";
echo
"            <div class=\"text\">wordlists</div>\n";
echo
"            <div class=\"input\">".(!empty($sSelectWord) ? $sSelectWord "<b class=\"red\">no or empty wordlists found!</b>")."</div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
if(
$bRecords){
    echo
"        <div class=\"row\" id=\"connect\">\n";
    echo
"            <div class=\"text\">connect with profile</div>\n";
    echo
"            <div class=\"input\"><input type=\"checkbox\" class=\"profileopt\" name=\"iProfile\" value=\"1\" /></div>\n";
    echo
"        </div>\n";
    echo
"        <div class=\"clear\"></div>\n";
}
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"db\">\n";
echo
"            <div class=\"text\">database user</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" name=\"sUserDB\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"db\">\n";
echo
"            <div class=\"text\">database pass</div>\n";
echo
"            <div class=\"input\"><input type=\"password\" name=\"sPassDB\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"db\">\n";
echo
"            <div class=\"text\">database host</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" name=\"sHostDB\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"db\">\n";
echo
"            <div class=\"text\">database name</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" name=\"sNameDB\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"cprofile\">\n";
echo
"            <div class=\"text\">connections</div>\n";
echo
"            <div class=\"input\">".($bRecords $sSelectProfiles "<b class=\"red\">no profiles found!</b>")."</div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"def2\">\n";
echo
"            <div class=\"text\">use default settings</div>\n";
echo
"            <div class=\"input\"><input type=\"checkbox\" class=\"hideoptions\" name=\"iUseDefault\" value=\"1\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"options\">\n";
echo
"            <div class=\"text\">username field</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" class=\"usernamefield\" name=\"sUserNameField\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"options\">\n";
echo
"            <div class=\"text\">email field</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" class=\"emailfield\" name=\"sEmailField\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"options\">\n";
echo
"            <div class=\"text\">hash field</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" class=\"hashfield\" name=\"sHashField\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"options\">\n";
echo
"            <div class=\"text\">table name</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" class=\"tablename\" name=\"sTableName\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"options\">\n";
echo
"            <div class=\"text\">table prefix</div>\n";
echo
"            <div class=\"input\"><input type=\"text\" class=\"tableprefix\" name=\"sTablePrefix\" value=\"\" /></div>\n";
echo
"        </div>\n";
echo
"        <div class=\"clear\"></div>\n";
echo
"        <div class=\"row\" id=\"submitit\">\n";
echo
"            <div class=\"text\"></div>\n";
echo
"            <div class=\"input\">".(!empty($sSelectWord) && $bProduct "<input type=\"submit\" name=\"submit\" class=\"submit\" value=\"Submit\" /> <a href=\"../black\">[ switch to blackhat ]</a> <a href=\"#\" class=\"cfglink\">[ database profiler ]</a>" "")." <a href=\"../../../index.php\">[ home ]</a></div>\n";
echo
"        </div>\n";
echo
"    </div>\n";
echo
"</div>\n";
echo
"</form>\n";
echo
"<script type=\"text/javascript\">\n";
echo
"\$('.row#cprofile').hide();\n";
echo
"\$('.profileopt').removeAttr(\"checked\");\n";
echo
"var refreshIntervalId = '';\n";
// fetches product properties when selection changes
echo"\$(document).on(\"change\",\".product\",function(e){\n";
echo
"    e.preventDefault();\n";
echo
"    dataString = \$(this).serialize();\n";
echo
"    \$.ajax({\n";
echo
"        type: \"POST\",\n";
echo
"        data: dataString,\n";
echo
"        url: \"../forums/\"+$(this).val()+\"?JSON=1\",\n";
echo
"        dataType: \"json\",\n";
echo
"        success: function(json){\n";
echo
"            \$('input.usernamefield').val(json.usernamefield);\n";
echo
"            \$('input.emailfield').val(json.emailfield);\n";
echo
"            \$('input.hashfield').val(json.hashfield);\n";
echo
"            \$('input.tablename').val(json.tablename);\n";
echo
"            \$('input.tableprefix').val(json.tableprefix);\n";
echo
"        },\n";
echo
"        error: function(xhr, textStatus, errorThrown){\n";
echo
"            alert(errorThrown);\n";
echo
"        }\n";
echo
"    });\n";
echo
"});\n";
// hide or display optional form elements
echo"\$(document).on(\"change\",\".hideoptions\",function(){\n";
echo
"    if(\$(this).is(\":checked\")){\n";
echo
"        \$('.row#options').hide();\n";
echo
"    }\n";
echo
"    else{\n";
echo
"        \$('.row#options').show();\n";
echo
"    }\n";
echo
"});\n";
// hide or display connection profiles
echo"\$(document).on(\"change\",\".profileopt\",function(){\n";
echo
"    if(\$(this).is(\":checked\")){\n";
echo
"        \$('.row#db').hide();\n";
echo
"        \$('.row#cprofile').show();\n";
echo
"    }\n";
echo
"    else{\n";
echo
"        \$('.row#db').show();\n";
echo
"        \$('.row#cprofile').hide();\n";
echo
"    }\n";
echo
"});\n";
// when submit is clicked check every x seconds for progress
echo"\$(document).on(\"click\",\".submit\",function(){\n";
echo
"    var refreshIntervalId = setInterval(function(){\n";
echo
"        \$.getJSON('taskreader.php', function(data) {\n";
echo
"            \$('.progress').html('');\n";
echo
"            \$.each(data, function(i,item){\n";
echo
"                if(\$('.task#'+i).length == 0){\n";
echo
"                    \$('.progress').append('<div class=\"task\" id=\"'+i+'\"></div>');\n";
echo
"                }\n";
echo
"                if(item['current']==item['total'] && item['current']>0){\n";
echo
"                    if(item['matches']==0){\n";
echo
"                        \$('.task#'+i).html('<div><b>'+item['start']+'</b> '+item['product']+' '+item['version']+' - <b>found:</b> '+item['matches']+' - <b>no weak passwords found</b> - <a href=\"#\" class=\"removeid\" id=\"'+item['identifier']+'\">remove this task</a></div>');\n";
echo
"                    }\n";
echo
"                    else{\n";
echo
"                        \$('.task#'+i).html('<div><b>'+item['start']+'</b> '+item['product']+' '+item['version']+' - <b>found:</b> '+item['matches']+' - <a href=\"#\" class=\"emailid\" id=\"'+item['identifier']+'\">send users an email</a> - <a href=\"#\" class=\"removeid\" id=\"'+item['identifier']+'\">remove this task</a></div>');\n";
echo
"                    }\n";
echo
"                }\n";
echo
"                else{\n";
echo
"                    \$('.task#'+i).html('<div><b>'+item['start']+'</b> '+item['product']+' '+item['version']+' - ('+item['current']+'/'+item['total']+') - <b>found:</b> '+item['matches']+' - <b>last:</b> '+item['last_user']+'</div>');\n";
echo
"                }\n";
echo
"            });\n";
echo
"        });\n";
echo
"    },1900);\n";
echo
"});\n";
// prepare email form
echo"\$(document).on(\"click\",\"a.emailid\",function(e){\n";
echo
"    e.preventDefault();\n";
echo
"    \$('.progress').after('<div class=\"email\"></div>');\n";
echo
"    \$('.progress').remove();\n";
echo
"    \$('.row#options').remove();\n";
echo
"    \$('.row#submitit').remove();\n";
echo
"    \$('.row#def').remove();\n";
echo
"    \$('.row#db').remove();\n";
echo
"    \$('.row#connect').remove();\n";
echo
"    \$('.row#cprofile').remove();\n";
echo
"    \$('.row#def2').remove();\n";
echo
"    \$('.email').append('<form class=\"wiebenzin\"><textarea rows=\"20\" cols=\"73\"></textarea><input type=\"hidden\" name=\"sendemail\" value=\"'+\$(this).attr('id')+'\" /><input type=\"submit\" name=\"notify\" class=\"submitmail\" value=\"Notify Users\" /></form>');\n";
echo
"    \$('textarea').load('templates/email.txt');\n";
echo
"    clearInterval(refreshIntervalId);\n";
echo
"});\n";
// make a configuration settings link using a form as we need to make a post request and I don't like buttons 
echo"\$(\".cfglink\").click(function(e){\n";
echo
"    e.preventDefault();\n";
echo
"    var form = \$('<form action=\"../../../configuration.php\" method=\"post\">' + '<input type=\"hidden\" name=\"iCFG\" value=\"13\" />' + '</form>');\n";
echo
"    \$('body').append(form);\n";
echo
"    \$(form).submit();\n";
echo
"});\n";
// remove task item
echo"\$(document).on(\"click\",\"a.removeid\",function(e){\n";
echo
"    e.preventDefault();\n";
echo
"    \$.ajax({\n";
echo
"        type: \"GET\",\n";
echo
"        url: \"handler.php?removetask=\"+\$(this).attr('id'),\n";
echo
"        dataType: \"json\",\n";
echo
"        success: function(json){\n";
echo
"            if(!json.jresult){\n";
echo
"                alert(json.jmessage);\n";
echo
"            }\n";
echo
"        },\n";
echo
"        error: function(xhr, textStatus, errorThrown){\n";
echo
"            alert(errorThrown);\n";
echo
"        }\n";
echo
"    });\n";
echo
"});\n";
// submit mail request
echo"\$(document).on(\"click\",\"input.submitmail\",function(e){\n";
echo
"    e.preventDefault();\n";
echo
"    \$('form.wiebenzin').submit();\n";
echo
"});\n";
// send notify emails
echo"\$(document).on(\"submit\",\"form.wiebenzin\",function(event){\n";
echo
"    event.preventDefault();\n";
echo
"    dataString = \$(this).serialize();\n";
echo
"    \$.ajax({\n";
echo
"        type: \"POST\",\n";
echo
"        data: dataString,\n";
echo
"        url: \"handler.php\",\n";
echo
"        dataType: \"json\",\n";
echo
"        success: function(json){\n";
echo
"            if(json.jresult){\n";
echo
"                \$('form.wiebenzin').remove();\n";
echo
"                \$('.form').append(json.jmessage);\n";
echo
"            }\n";
echo
"            else{\n";
echo
"                alert(json.jmessage);\n";
echo
"            }\n";
echo
"        },\n";
echo
"        error: function(xhr, textStatus, errorThrown){\n";
echo
"            alert(errorThrown);\n";
echo
"        }\n";
echo
"    });\n";
echo
"});\n";
// remove no javascript message, if it's still there then no js is enabled
echo"\$('div.nojs').remove();\n";
echo
"</script>\n";
echo
"</body>\n";
echo
"</html>";
?>
powered by
site stats
cms statistics:
version: 0.6.0
downloads: 3840
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
Created by Remco Kouw. Powered by protein shakes and a high calorie diet.