random gallery image
random tutorial
preview..cool, we will make a new module and not just some new module, nope let's make a fully automatic injection script! This tutorial is the first step into making this. Let's first..
random information gathering
THC Sscan
THC Sscan is a very versatile tool for scanning (html) files
HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/* Returns and installs setup.php files in Apps
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 16-11-2014
*/
session_cache_limiter('nocache');
header('Expires: '.gmdate('r',0));
header('Content-type: application/json');
$_DYNAMIC_ROOT = "..";
include_once("../header.php");
$aDataR = array();
$aDataR['jresult'] = false;
@include_once("../Data/extra.php");
if(isset($_POST['sInstallApp'])){
if(!isset($_POST['sInstallApp'])){
$aDataR['jmessage'] = "No app specified to install";
}
else{
// since we are all paranoid hackers, let's make sure the file is valid
$sApp = str_replace("\/","/",ExploitFilter($_POST['sInstallApp'],0,1));
if(substr($sApp,0,4)!="Apps" && substr($sApp,(strlen($sApp)-9))=="setup.php"){
$aDataR['jmessage'] = "Invalid setup location specified to install";
}
else{
// include setup file to see if the data is valid
include_once("../".$sApp);
if(!isset($aProperties['name'])){
$aDataR['jmessage'] = "Invalid setup location specified to install";
}
else{
$bExists = false;
for($x=0;$x<count($aExtra);$x++){
if($aExtra[$x][0]==$aProperties['name']){
$bExists = true;
}
}
if($bExists){
// make sure we don't install anything more than once
$aDataR['jmessage'] = "App has already been installed";
}
else{
// function for overwriting existing app library
@include_once("../Functions/fwrite.php");
if(!function_exists("WriteF")){
$aDataR['jmessage'] = "Can't write data file";
}
else{
// install apps
$sTemplate = "<?php\n";
$sTemplate .= "/*\n";
$sTemplate .= "Installed apps\n\n";
$sTemplate .= "Author: Remco Kouw\n";
$sTemplate .= "Site: http://www.hacksuite.com\n";
$sTemplate .= "Last Edit: ".date('d-m-Y',time())."\n";
$sTemplate .= "*/\n";
$sTemplate .= "if(!defined('IN_SCRIPT')){\n";
$sTemplate .= "\texit;\n";
$sTemplate .= "}\n";
$sTemplate .= "\$aExtra = array();\n";
// amount of installed products
$iInstalledPaths = count($aExtra);
// go through the $aReadyToInstall array to see which setups are already installed
for($x=0;$x<$iInstalledPaths;$x++){
$sTemplate .= "\$aExtra[".$x."] = array(\"".$aExtra[$x][0]."\",\"".$aExtra[$x][1]."\");\n";
}
$sTemplate .= "\$aExtra[".$iInstalledPaths."] = array(\"".$aProperties['name']."\",\"Apps/".$aProperties['location']."\");\n";
$sTemplate .= "?>";
// install
if(false===($bResult = WriteF("../Data/extra.php",$sTemplate,"w"))){
$aDataR['jmessage'] = "Failed to write data to file";
}
else{
$sDest = "../Logs/log_activity.php";
if(!file_exists($sDest)){
$aDataR['jmessage'] = "Activity log file doesn't exist";
}
elseif(!is_writable($sDest)){
$aDataR['jmessage'] = "Activity log file isn't writable";
}
else{
@include_once($sDest);
$sTemplate = "<?php\n";
$sTemplate .= "/* Activity log\n\n";
$sTemplate .= "Author: Remco Kouw\n";
$sTemplate .= "Site: http://www.hacksuite.com\n";
$sTemplate .= "Last Edit: ".date('d-m-Y',time())."\n";
$sTemplate .= "*/\n";
$sTemplate .= "if(!defined('IN_SCRIPT')){\n\t";
$sTemplate .= "exit;\n";
$sTemplate .= "}\n";
$sTemplate .= "\$_CONTEXT['useraccessdata'] = array();\n";
$sTemplate .= "\$_CONTEXT['useraccessdata']['installed'] = ".$_CONTEXT['useraccessdata']['installed'].";\n";
$sTemplate .= "\$_CONTEXT['useraccessdata']['last_update'] = ".time().";\n";
$sTemp = "";
for($x=0;$x<count($_CONTEXT['useraccessdata']['ip']);$x++){
if($x!=0){
$sTemp .= ",";
}
$sTemp .= "\"".$_CONTEXT['useraccessdata']['ip'][$x]."\"";
}
if(!in_array($_SERVER['REMOTE_ADDR'],$_CONTEXT['useraccessdata']['ip'])){
// this ip is not used for installing stuff yet, so let's log it
$sTemp = ($sTemp=="" ? "\"".$_SERVER['REMOTE_ADDR']."\"" : $sTemp.",\"".$_SERVER['REMOTE_ADDR']."\"");
}
$sTemplate .= "\$_CONTEXT['useraccessdata']['ip'] = array(".$sTemp.");\n";
$sTemplate .= "\$_CONTEXT['useraccessdata']['last_scan'] = ".$_CONTEXT['useraccessdata']['last_scan'].";\n";
$sTemplate .= "\$_CONTEXT['useraccessdata']['action'] = \"installed ".$aProperties['name']."\";\n";
$sTemplate .= "?>";
// file is writable...what can go wrong?
WriteF($sDest,$sTemplate,"w");
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Successfully installed application";
}
}
}
}
}
}
}
}
else{
// find new apps
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($_PATHS['root']."/Apps"),RecursiveIteratorIterator::CHILD_FIRST);
$aReadyToInstall = array();
foreach($iterator as $path){
if(!$path->isDir()){
if($path->getFilename()=="setup.php"){
$aReadyToInstall[] = str_replace("\\","/",str_replace("../","",$path->getPathname()));
}
}
}
// how many products are ready to be installed
$iReadyToInstall = count($aReadyToInstall);
if(!$iReadyToInstall){
// nothing to install
$aDataR['jmessage'] = "No new products";
}
else{
// new setup buffer
$aSetups = array();
// amount of installed products
$iInstalledPaths = count($aExtra);
// go through the $aReadyToInstall array to see which setups are already installed
for($x=0;$x<$iReadyToInstall;$x++){
// which are installed
$bInstalled = false;
for($y=0;$y<$iInstalledPaths;$y++){
if($aExtra[$y][1]."/setup.php"==$aReadyToInstall[$x]){
$bInstalled = true;
break;
}
}
if(!$bInstalled){
$aSetups[] = $aReadyToInstall[$x];
}
}
if(false==($iSetups = count($aSetups))){
$aDataR['jmessage'] = "No new products";
}
else{
// build selection menu
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "\n<select name=\"sInstallApp\">\n";
for($x=0;$x<$iSetups;$x++){
// get the name of the app
include_once("../".$aSetups[$x]);
if(!isset($aProperties['name'])){
$aProperties['name'] = "no name defined";
}
$aDataR['jmessage'] .= "<option value=\"".$aSetups[$x]."\">".$aProperties['name']."</option>\n";
}
$aDataR['jmessage'] .= "</select>\n";
}
}
}
echo json_encode($aDataR);
?>
powered by
site stats
cms statistics:
version: 0.6.0downloads: 4380
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
site resources
remote resources
partners and friends