..to create a different index page for the suite. It's very easy because the only thing you need to do is change the content of default.php. I don't want to create something like hello..
THC xConverter is a tool that makes use of (php) functions in order to calculate, fetch, convert and encrypt data
<?php
/* Handles all development actions and returns results as a JSON encoded value
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 02-04-2015
*/
session_cache_limiter('nocache');
header('Expires: '.gmdate('r',0));
header('Content-type: application/json');
$_DYNAMIC_ROOT = "..";
include_once("../header.php");
include_once("../Modules/thc_ss/properties.php");
$aDataR = array();
$aDataR['jresult'] = false;
$aDataR['jerror'] = "Invalid post data";
if(isset($_POST['sName']) && isset($_POST['sAbbr']) && isset($_POST['sDescription']) && isset($_POST['sVersion']) && isset($_POST['sAuthor'])){
/* create new module */
$sName = trim(strip_tags($_POST['sName']));
$sAbbr = trim(strip_tags(strtolower($_POST['sAbbr'])));
$sDescription = trim(strip_tags($_POST['sDescription']));
$sVersion = trim(strip_tags($_POST['sVersion']));
$sAuthor = trim(strip_tags($_POST['sAuthor']));
$sCatMod = trim(strip_tags($_POST['sModCat']));
$_CONTEXT['moddir'] = "../Modules/".$sAbbr;
// validate
if(strlen($sAbbr)==6){
if(!preg_match('/^thc_[a-z]{2}$/',$sAbbr)){
// wrong abbreviation
$aDataR['jerror'] = "Invalid abbreviation, for example use thc_<i>xx</i>";
}
else{
if(!preg_match('/^(\d+\.){2}(\d+)$/',$sVersion)){
// wrong version
$aDataR['jerror'] = "Invalid format, valid versions are i:i:i";
}
else{
if(strlen($sDescription)<10 || strlen($sDescription)>70){
// exceeded maximum or lower than minimum (description)
$aDataR['jerror'] = "Description can be up to 70 characters long with a minimum of 10 characters";
}
else{
if(strlen($sAuthor)<4 || strlen($sAuthor)>50){
// exceeded maximum or lower than minimum (author)
$aDataR['jerror'] = "Author can be up to 50 characters long with a minimum of 4 characters";
}
else{
if(!isset($_CONTEXT['modcats'][$sCatMod])){
$aDataR['jerror'] = "Invalid module category";
}
else{
if(strlen($sName)<1 || strlen($sName)>25){
// exceeded maximum or lower than minimum (module name)
$aDataR['jerror'] = "Module name can be up to 50 characters long with a minimum of 1 character";
}
else{
$_CONTEXT['modstaged'] = "../Modules/".$sAbbr;
if(!is_dir($_CONTEXT['modstaged'])){
if(!function_exists("GetDirByDir")){
$sDest = "../Functions/getdirbydir.php";
include_once($sDest);
}
$bPass = true;
$aDirs = GetDirByDir("../Modules",0);
for($x=0;$x<count($aDirs);$x++){
if(substr($aDirs[$x],0,4)=="thc_"){
@include_once("../".$aDirs[$x]."/setup.php");
if(isset($aProperties['name']) && $aProperties['name']==$sName){
$bPass = false;
break;
}
}
}
if($bPass){
if(false===@mkdir($_CONTEXT['modstaged'],0777)){
$aDataR['jerror'] = "Unable to create: ".$_CONTEXT['moddir'];
}
else{
if(!function_exists("WriteF")){
$sDest = "../Functions/fwrite.php";
include_once($sDest);
}
// template
$_CONTEXT['setuptemplate'] = "<?php\n";
$_CONTEXT['setuptemplate'] .= "/* properties for module */\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties = array();\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['name'] = \"".$sName."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['version'] = \"".$sVersion."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['author'] = \"".$sAuthor."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['description'] = \"".$sDescription."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['category'] = \"".$sCatMod."\";\n";
$_CONTEXT['setuptemplate'] .= "?>\n";
// write file
$aDataR['jresult'] = (!WriteF($_CONTEXT['moddir']."/setup.php",$_CONTEXT['setuptemplate'],"w") ? false : true);
$aDataR['jmodname'] = $sAbbr;
}
}
else{
// module name does already exist
$aDataR['jerror'] = "Module name already exists";
}
}
else{
$aDataR['jerror'] = "Module path already exists";
}
}
}
}
}
}
}
}
else{
// wrong abbreviation
$aDataR['jerror'] = "Invalid abbreviation name";
}
}
elseif(isset($_POST['sIndex']) && isset($_POST['sModName'])){
/* add content to module */
if(!function_exists("WriteF")){
$sDest = "../Functions/fwrite.php";
include_once($sDest);
}
$_POST['sModName'] = trim($_POST['sModName']);
if(!preg_match('/^thc_[a-z]{2}$/',$_POST['sModName'])){
// wrong module name
$aDataR['jerror'] = "Invalid module name";
}
else{
$bPass = true;
$_POST['sIndex'] = trim($_POST['sIndex']);
$sStart = @substr($_POST['sIndex'],0,5);
$sEnd = @substr($_POST['sIndex'],strlen($_POST['sIndex'])-2);
$iPos = @strpos($_POST['sIndex'],"\$sCode");
$_CONTEXT['moddir'] = "../Modules/".$_POST['sModName'];
if($sStart=="<?php" && $sEnd=="?>"){
if($iPos>0){
$aDataR['jresult'] = (!WriteF($_CONTEXT['moddir']."/index.php",$_POST['sIndex'],"w") ? false : true);
}
else{
// expecting output in variable $sCode
$aDataR['jerror'] = "You need to define your output in variable \$sCode";
}
}
else{
// 'invalid' php syntax
$aDataR['jerror'] = "Filename must have proper open and close php tags at start and end of file";
}
// write index file
$aDataR['jmoddone'] = ($aDataR['jresult']==true ? "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result']."Successfully created module, you can now <a href=\"index.php?module=".$_POST['sModName']."\">try if it works</a>.</div>" : $aDataR['jerror']);
}
}
elseif(isset($_POST['sRelLoc'])){
/* create new app */
$sName = trim(strip_tags($_POST['sName']));
$sRelLoc = ExploitFilter(trim($_POST['sRelLoc']),0,1);
// remove trailing and leading slashes in $sRelLoc and $sRealLoc
if(false==($iLength = strlen($sRelLoc))){
// empty installation location
$aDataR['jerror'] = "Empty installation location";
die(json_encode($aDataR));
}
$sRelLoc = ($sRelLoc[$iLength-1]=="/" ? substr($sRelLoc,0,-1) : $sRelLoc);
if(preg_match('/^thc_[a-z]{2}$/',$sRelLoc)){
// can't install a module as an app
$aDataR['jerror'] = "Can't install a module as an app";
die(json_encode($aDataR));
}
$sRealLoc = @str_replace("//","/",$_PATHS['root']."/Apps/".$sRelLoc);
$sVersion = @trim(strip_tags($_POST['sVersion']));
$sAuthor = @trim(strip_tags($_POST['sAuthor']));
$sDescription = @trim(strip_tags($_POST['sDescription']));
$iName = strlen($sName);
$bPass = false;
// validate name field
if(!$iName || $iName>25){
// invalid name size
$aDataR['jerror'] = "Invalid name size";
die(json_encode($aDataR));
}
$bUsed = false;
// check if app name is already being used
for($x=0;$x<count($aExtra);$x++){
if($aExtra[0]==$sName){
$bUsed = true;
break;
}
}
if($bUsed){
// name is already used
$aDataR['jerror'] = "Name is already used";
die(json_encode($aDataR));
}
// check directory
if(is_dir($sRealLoc)){
// directory already exists, is it a reserved directory?
include_once("../Data/reserved.php");
$sAppPath = substr($sRealLoc,strlen($_PATHS['root']));
if(!function_exists("WriteF")){
$sDest = "../Functions/fwrite.php";
include_once($sDest);
}
if(!in_array($sAppPath,$_CONTEXT['reserved'])){
// ok it's 'safe' to go on, find setup so the program is recognizable(we don't need it here now though)
if(!file_exists($sRealLoc."/setup.php")){
// oops...not there
$aDataR['jerror'] = "You need to create a setup file in order to launch an app";
die(json_encode($aDataR));
}
// got the setup file, let's bind the program to the environment
$sTemplate = "<?php\n";
$sTemplate .= "/*\n";
$sTemplate .= "Installed apps\n\n";
$sTemplate .= "Author: Remco Kouw\n";
$sTemplate .= "Site: http://www.hacksuite.com\n";
$sTemplate .= "Last Edit: ".date('d-m-Y',time())."\n";
$sTemplate .= "*/\n";
$sTemplate .= "if(!defined('IN_SCRIPT')){\n";
$sTemplate .= "\texit;\n";
$sTemplate .= "}\n";
$sTemplate .= "\$aExtra = array();\n";
if(0!=($iExtra = @count($aExtra))){
for($x=0;$x<$iExtra;$x++){
$sTemplate .= "\$aExtra[".$x."] = array(\"".$aExtra[$x][0]."\",\"".$aExtra[$x][1]."\");\n";
}
}
// now add the new item
$sTemplate .= "\$aExtra[".$iExtra."] = array(\"".$sName."\",\"".$sRelLoc."\");\n";
$sTemplate .= "?>";
if(!WriteF("../Data/extra.php",$sTemplate,"w")){
// update failed
$aDataR['jerror'] = "Failed to bind the existing app in data directory (extra.php), you can try manually";
die(json_encode($aDataR));
}
// binded successfully
$aDataR['jresult'] = true;
$aDataR['jappname'] = $sName;
$aDataR['japplocation'] = $sRelLoc;
}
else{
// this is a reserved directory, so can't install in here
$aDataR['jerror'] = "This is a reserved directory, so can't install in here";
die(json_encode($aDataR));
}
}
else{
// directory doesn't exist, let's create the app then
if(strlen($sAuthor)<4 || strlen($sAuthor)>50){
// exceeded maximum or lower than minimum (author)
$aDataR['jerror'] = "Author can be up to 50 characters long with a minimum of 4 characters";
die(json_encode($aDataR));
}
// is version valid?
if(!preg_match('/^(\d+\.){2}(\d+)$/',$sVersion)){
// wrong version
$aDataR['jerror'] = "Invalid format, valid versions are i:i:i";
die(json_encode($aDataR));
}
if(strlen($sDescription)<10 || strlen($sDescription)>70){
// exceeded maximum or lower than minimum (description)
$aDataR['jerror'] = "Description can be up to 70 characters long with a minimum of 10 characters";
die(json_encode($aDataR));
}
$_CONTEXT['appstaged'] = $sRealLoc;
if(false===@mkdir($sRealLoc,0777)){
$aDataR['jerror'] = "Unable to create: ".$_CONTEXT['appstaged'];
die(json_encode($aDataR));
}
if(!function_exists("WriteF")){
$sDest = "../Functions/fwrite.php";
include_once($sDest);
}
// template
$_CONTEXT['setuptemplate'] = "<?php\n";
$_CONTEXT['setuptemplate'] .= "/*\n";
$_CONTEXT['setuptemplate'] .= "Properties for ".$sName."\n\n";
$_CONTEXT['setuptemplate'] .= "Author: ".$sAuthor."\n";
$_CONTEXT['setuptemplate'] .= "Site: http://www.hacksuite.com\n";
$_CONTEXT['setuptemplate'] .= "Last Edit: ".date('d-m-Y',time())."\n";
$_CONTEXT['setuptemplate'] .= "*/\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties = array();\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['name'] = \"".$sName."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['version'] = \"".$sVersion."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['author'] = \"".$sAuthor."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['location'] = \"".$sRelLoc."\";\n";
$_CONTEXT['setuptemplate'] .= "\$aProperties['description'] = \"".$sDescription."\";\n";
$_CONTEXT['setuptemplate'] .= "?>\n";
// write file
$aDataR['jresult'] = (!WriteF($sRealLoc."/setup.php",$_CONTEXT['setuptemplate'],"w") ? false : true);
$aDataR['jappname'] = $sName;
$aDataR['japplocation'] = $sRelLoc;
}
}
elseif(isset($_POST['sIndexM']) && isset($_POST['sAppName']) && isset($_POST['sAppLocation'])){
/* add content to app */
if(!function_exists("WriteF")){
$sDest = "../Functions/fwrite.php";
include_once($sDest);
}
$sName = ExploitFilter($_POST['sAppName'],1,0);
$sRelLoc = ExploitFilter($_POST['sAppLocation'],0,1);
if(!preg_match('/^thc_[a-z]{2}$/',$_POST['sAppName'])){
// not a module name
$_POST['sIndexM'] = trim($_POST['sIndexM']);
$sStart = @substr($_POST['sIndexM'],0,5);
$sEnd = @substr($_POST['sIndexM'],strlen($_POST['sIndexM'])-2);
$_CONTEXT['appdir'] = "../Apps/".$sRelLoc;
if($sStart=="<?php" && $sEnd=="?>"){
$aDataR['jresult'] = (!WriteF($_CONTEXT['appdir']."/index.php",$_POST['sIndexM'],"w") ? false : true);
if($aDataR['jresult']){
// template the extra pages
$sTemplate = "<?php\n";
$sTemplate .= "/*\n";
$sTemplate .= "Installed apps\n\n";
$sTemplate .= "Author: Remco Kouw\n";
$sTemplate .= "Site: http://www.hacksuite.com\n";
$sTemplate .= "Last Edit: ".date('d-m-Y',time())."\n";
$sTemplate .= "*/\n";
$sTemplate .= "if(!defined('IN_SCRIPT')){\n";
$sTemplate .= "\texit;\n";
$sTemplate .= "}\n";
$sTemplate .= "\$aExtra = array();\n";
if(0!=($iExtra = @count($aExtra))){
for($x=0;$x<$iExtra;$x++){
$sTemplate .= "\$aExtra[".$x."] = array(\"".$aExtra[$x][0]."\",\"".$aExtra[$x][1]."\");\n";
}
}
// now add the new item
$sTemplate .= "\$aExtra[".$iExtra."] = array(\"".$sName."\",\"Apps/".$sRelLoc."\");\n";
$sTemplate .= "?>";
if(!WriteF("../Data/extra.php",$sTemplate,"w")){
// update failed
$aDataR['jerror'] = "Failed to bind the existing app in data directory (extra.php), you can try manually";
}
else{
// binded successfully
$aDataR['jresult'] = true;
$aDataR['jappname'] = $sName;
}
}
else{
$aDataR['jerror'] = "Failed to create index.php file";
}
}
else{
// 'invalid' php syntax
$aDataR['jerror'] = "Filename must have proper open and close php tags at start and end of file";
}
// write index file
$aDataR['jappdone'] = ($aDataR['jresult']==true ? "Successfully created application, you can now <a href=\"Apps/".$sRelLoc."\">try if it works</a>." : $aDataR['jerror']);
}
else{
// can't be a module name
$aDataR['jerror'] = "You can't use a module as an application";
}
}
elseif(isset($_POST['sCallback'])){
/* create a callback */
$sLoc = @trim(strip_tags($_POST['sLoc']));
$iInterval = @intval($_POST['iInterval']);
$iScan = @intval($_POST['iScan']);
$iNotify = @intval($_POST['iNotify']);
$iScanTime = @intval($_POST['iScanSec']);
// don't you just hate using post variables directly? Uhm I do.. ;)
$sSearch = @$_POST['sSearch'];
$sMethod = @$_POST['sMethod'];
$sEmail = @$_POST['sEmail'];
$sEmailT = @$_POST['sEmailT'];
$sLogFile = @$_POST['sLogFile'];
$iKill = @intval($_POST['iKill']);
$iRegex = @intval($_POST['iRegex']);
$sLogTemplate = @$_POST['sLogTemplate'];
$sCallback = $_POST['sCallback'];
$sSendVars = $_POST['sSendVars'];
$sScanUrl = $_POST['sScanUrl'];
if(!@preg_match('/^[0-9a-zA-z_\-]+\.php$/',$sLoc)){
// invalid filename for callback function
$aDataR['jerror'] = "Invalid filename for callback function";
die(json_encode($aDataR));
}
if(@stripos($sCallback,"function Callbck(")===false){
// missing callback function
$aDataR['jerror'] = "Missing callback function";
die(json_encode($aDataR));
}
$aUrl = @parse_url($sScanUrl);
if(!isset($aUrl['host']) || !strlen($aUrl['host'])){
// no host specified
$aDataR['jerror'] = "No host specified";
die(json_encode($aDataR));
}
if($sSearch==""){
// insert a string or pattern to search for
$aDataR['jerror'] = "Insert a string or pattern to search for";
die(json_encode($aDataR));
}
if($iScan>2){
// only applies to temporary scans
if($iInterval!==false){
if($iInterval<0){
// interval must be a number above 0
$aDataR['jerror'] = "Interval must be a number above 0";
die(json_encode($aDataR));
}
elseif($iInterval>$iScanTime){
// interval must be lower than total scan time
$aDataR['jerror'] = "Interval must be lower than total scan time";
die(json_encode($aDataR));
}
elseif(!is_int($iInterval)){
// invalid value for interval
$aDataR['jerror'] = "Invalid value for interval";
die(json_encode($aDataR));
}
}
}
if($iNotify==1){
// send mail
if(!@filter_var($sEmail,FILTER_VALIDATE_EMAIL)){
// invalid email specified
$aDataR['jerror'] = "Invalid email specified";
die(json_encode($aDataR));
}
else{
if($sEmailT!=""){
// email template
$sDest = "../Modules/thc_ss/EMAILT/".$sEmailT;
if(@file_exists($sDest)){
@include_once($sDest);
if(!function_exists("TemplateEmail")){
// email template function <b>TemplateEmail</b> doesn't exist
$aDataR['jerror'] = "Email template function <b>TemplateEmail</b> doesn't exist";
die(json_encode($aDataR));
}
}
else{
// email template doesn't exist
$aDataR['jerror'] = "Email template doesn't exist";
die(json_encode($aDataR));
}
}
else{
// no email template specified
$aDataR['jerror'] = "No email template specified";
die(json_encode($aDataR));
}
}
}
elseif($iNotify==2){
if($sLogTemplate!=""){
// log template
$sDest = "../Modules/thc_ss/LOGT/".$sLogTemplate;
if(!@file_exists($sDest)){
// log template file doesn't exist
$aDataR['jerror'] = "Log template file doesn't exist";
die(json_encode($aDataR));
}
// log results to a file
if($sLogFile!=""){
// log file
$sDest = "../thc_ss/LOGS/".$sLogFile;
if(!@file_exists($sDest)){
// logfile doesn't exist
$aDataR['jerror'] = "Logfile doesn't exist";
die(json_encode($aDataR));
}
}
else{
// no logfile specified
$aDataR['jerror'] = "No logfile specified";
die(json_encode($aDataR));
}
}
else{
// no logtemplate specified
$aDataR['jerror'] = "No logfile specified";
die(json_encode($aDataR));
}
}
$bContinue = true;
if(!function_exists("GetFilesByDirectory")){
include_once("../Functions/getfilebydir.php");
}
$aFiles = GetFilesByDirectory("../Modules/thc_ss/CALLBACKS");
for($x=0;$x<count($aFiles);$x++){
include_once("../Modules/thc_ss/CALLBACKS/".$aFiles[$x]);
if($_CBACKD[0]==$_POST['sName'] || $_CBACKD[1]==$_POST['sLoc']){
$bContinue = false;
break;
}
}
if(!$bContinue){
// filename must not exist and callback name must be unique
$aDataR['jerror'] = "Filename must not exist and callback name must be unique";
die(json_encode($aDataR));
}
// do we use preg searches?
$bPreg = ($iRegex==1 ? true : false);
// make sure we have a valid method
if($sMethod!="post"){
$sMethod = "get";
}
// do we have a callback or will we just use static variables or send nothing
if(@strpos($sSendVars,"=")>0){
// add to query
if($sSendVars[0]=="?"){
// remove the question mark
$sSendVars = substr($sSendVars,1);
}
if($sSendVars[strlen($sSendVars)-1]=="&"){
// remove the last ampersand to prevent mixed up urls
$sSendVars = substr($sSendVars,0,-1);
}
$aUrl['query'] = (isset($aUrl['query']) && $aUrl['query']!="" ? $aUrl['query']."&".$sSendVars : $sSendVars);
}
// construct callback template
$sTemplate = "<?php\n";
$sTemplate .= "if(!defined('IN_SCRIPT')){\n";
$sTemplate .= " exit;\n";
$sTemplate .= "}\n";
$sTemplate .= "// properties for this callback\n";
$sTemplate .= "\$_CBACKD = array(\"".$_POST['sName']."\",\"".$_POST['sLoc']."\");\n";
$sTemplate .= "\$_CBACKV = array();\n";
$iIndexA = 0;
include_once("../Modules/thc_ss/properties.php");
foreach($_POST as $sKey=>$sValue){
if($sValue!="" && $sKey!="sCallback"){
// value not empty, which is kewl but do we have this variable in the properties file?
for($i=0;$i<count($_CONTEXT['thc_ss_indexform']);$i++){
if(isset($_CONTEXT['thc_ss_indexform'][$i]['var']) && $_CONTEXT['thc_ss_indexform'][$i]['var']==$sKey){
if(!isset($$sKey)){
continue;
}
$sTemplate .= "\$_CBACKV[".$iIndexA."] = array();\n";
$sTemplate .= "\$_CBACKV[".$iIndexA."]['value'] = \"".$$sKey."\";\n";
$sTemplate .= "\$_CBACKV[".$iIndexA."]['row'] = \$_CONTEXT['thc_ss_indexform'][".$i."]['row'];\n";
$sTemplate .= "\$_CBACKV[".$iIndexA."]['fieldclass'] = \$_CONTEXT['thc_ss_indexform'][".$i."]['fieldclass'];\n";
$sTemplate .= "\$_CBACKV[".$iIndexA."]['visibility'] = 1;\n";
$iIndexA++;
continue;
}
}
}
}
$sTemplate .= "if(!isset(\$_GETCBACK)){\n";
$sTemplate .= $_POST['sCallback']."\n";
$sTemplate .= "}\n";
$sTemplate .= "?>";
include_once("../Functions/fwrite.php");
$aDataR['jresult'] = (WriteF("../Modules/thc_ss/CALLBACKS/".$_POST['sLoc'],$sTemplate,"w") ? true : false);
if($aDataR['jresult']){
$aDataR['jcallback'] = 1;
}
}
elseif(isset($_POST['sEditFile']) && isset($_POST['sNewData'])){
/* edit callback or setup file */
$sPage = "../Functions/fwrite.php";
if(!IsThere($sPage)){
$aDataR['jerror'] = "Can't find function file <b>fwrite.php</b>";
}
else{
@require($sPage);
// filter out file injections
$_POST['sEditFile'] = ExploitFilter($_POST['sEditFile'],0,1);
if(substr($_POST['sEditFile'],0,5)=="Apps/"){
$_POST['sEditFile'] = "../".$_POST['sEditFile'];
}
$aDataR['jresult'] = (WriteF($_POST['sEditFile'],$_POST['sNewData'],"w") ? true : false);
$aDataR['jeditdone'] = ($aDataR['jresult'] ? 1 : 0);
// just in case we fail here, error messages won't be read anyway if result is true
$aDataR['jerror'] = "Failed to overwrite file";
}
}
echo json_encode($aDataR);
?>