..cool, we will make a new module and not just some new module, nope let's make a fully automatic injection script! This tutorial is the first step into making this. Let's first explain..
AntiFTP uses wordlists in order to bruteforce FTP user accounts
<?php
/* Handles request for proxy entries
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 15-03-2015
*/
header('Expires: '.gmdate('r',0));
header('Content-type: application/json');
$_DYNAMIC_ROOT = "..";
include_once("../header.php");
$aDataR = array();
$aDataR['jresult'] = false;
$aDataR['jmessage'] = "An error occured";
$aFiles = array($_PATHS['functions_root']."/fwrite.php",$_PATHS['functions_root']."/raw_to_array.php");
for($x=0;$x<count($aFiles);$x++){
if(!file_exists($aFiles[$x])){
$aDataR['jmessage'] = "Missing required file: ".$aFiles[$x];
die(json_encode($aDataR));
}
@include_once($aFiles[$x]);
}
$sDest = $_PATHS['data_root']."/proxies.txt";
if(isset($_POST['sUrl'])){
// proxy scrape
$sScrapePattern = "/(http:\/\/)?[1-2]?[0-9]{1,3}.[1-2]?[0-9]{1,3}.[1-2]?[0-9]{1,3}.[1-2]?[0-9]{1,3}[: ][1-9]?[0-9]{1,5}/is";
if(!function_exists("GetFileData")){
include_once($_PATHS['functions_root']."/get_file_data.php");
}
if(false==($sFile = GetFileData($_POST['sUrl']))){
$sCode .= "Failed to get file content";
}
else{
preg_match_all($sScrapePattern,$sFile,$aMatches);
$aProxies = array();
for($x=0;$x<count($aMatches[0]);$x++){
$aProxies[] = $aMatches[0][$x];
}
}
$sBuffer = "";
for($x=0;$x<count($aProxies);$x++){
// filter invalid values
if($aProxies[$x]=="" || (false===($iPosPort = @strrpos($aProxies[$x],":")))){
continue;
}
if($sBuffer!=""){
$sBuffer .= "\n";
}
$sBuffer .= substr($aProxies[$x],0,$iPosPort)."|".trim(substr($aProxies[$x],($iPosPort+1)))."|";
}
if($sBuffer==""){
$aDataR['jmessage'] = "No proxies to add";
}
else{
$sNewLine = filesize($sDest)>0 ? "\n" : "";
if(WriteF($sDest,$sNewLine.$sBuffer,"a")){
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Successfully added proxies";
}
else{
$aDataR['jmessage'] = "Failed to insert proxies";
}
}
}
elseif(isset($_POST['iProxy'])){
// remove proxy
$iProxy = intval($_POST['iProxy']);
$aFile = file($sDest);
$sData = "";
for($x=0;$x<count($aFile);$x++){
$sData .= ($iProxy==$x ? "" : $aFile[$x]);
}
if(WriteF($sDest,trim($sData),"w")){
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Successfully removed proxy";
}
else{
$aDataR['jmessage'] = "Failed to remove proxy";
}
}
elseif(isset($_POST['sProxyList'])){
// import proxies
$sProxyList = (isset($sProxyList) ? $sProxyList : trim($_POST['sProxyList']));
if(!@strlen($sProxyList)){
$aDataR['jmessage'] = "No list to import";
}
else{
$aProxyList = explode("\n",$sProxyList);
$sBuffer = "";
for($x=0;$x<count($aProxyList);$x++){
// filter invalid values
if($aProxyList[$x]=="" || (false===($iPosPort = @strrpos($aProxyList[$x],":")))){
continue;
}
$sBuffer .= substr($aProxyList[$x],0,$iPosPort)."|".trim(substr($aProxyList[$x],($iPosPort+1)))."|\n";
}
$sNewLine = filesize($sDest)>0 ? "\n" : "";
if(WriteF($sDest,$sNewLine.trim($sBuffer),"a")){
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Successfully imported proxies";
}
else{
$aDataR['jmessage'] = "Failed to import proxies";
}
}
}
elseif(isset($_POST['sProxyAddressT'])){
// proxy test
if(!isset($_POST['sProxyAddressT']) || $_POST['sProxyAddressT']==""){
$aDataR['jmessage'] = "No proxy address specified to test";
}
elseif(!isset($_POST['iProxyPort']) || $_POST['iProxyPort']==""){
$aDataR['jmessage'] = "No proxy port specified";
}
else{
$_POST['sCredentials'] = @trim($_POST['sCredentials']);
$_POST['sCredentials'] = $_POST['sCredentials']=="" ? "" : $_POST['sCredentials'];
$fp = @fsockopen($_POST['sProxyAddressT'],$_POST['iProxyPort'],$errno,$errstr,3);
if(!$fp){
$aDataR['jmessage'] = "Proxy is offline";
}
else{
if(isset($_POST['iLogProxy']) && $_POST['iLogProxy']==1){
$sNewLine = filesize($sDest)>0 ? "\n" : "";
if(WriteF($sDest,$sNewLine.trim($_POST['sProxyAddressT'])."|".trim($_POST['iProxyPort'])."|".$_POST['sCredentials'],"a")){
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Successfully added proxy";
}
else{
$aDataR['jmessage'] = "Failed to insert proxy";
}
}
else{
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Proxy is online";
}
}
}
}
elseif(isset($_POST['sProxyAddress'])){
// insert proxy
if(!isset($_POST['sProxyAddress']) || $_POST['sProxyAddress']==""){
$aDataR['jmessage'] = "No proxy address specified";
}
elseif(!isset($_POST['iProxyPort']) || $_POST['iProxyPort']==""){
$aDataR['jmessage'] = "No proxy port specified";
}
else{
$_POST['sCredentials'] = @trim($_POST['sCredentials']);
$_POST['sCredentials'] = $_POST['sCredentials']=="" ? "" : $_POST['sCredentials'];
$fp = @fsockopen($_POST['sProxyAddress'],$_POST['iProxyPort'],$errno,$errstr,3);
if(!$fp){
$aDataR['jmessage'] = "Proxy is offline";
}
else{
$sNewLine = filesize($sDest)>0 ? "\n" : "";
if(WriteF($sDest,$sNewLine.trim($_POST['sProxyAddress'])."|".trim($_POST['iProxyPort'])."|".$_POST['sCredentials'],"a")){
$aDataR['jresult'] = true;
$aDataR['jmessage'] = "Successfully added proxy";
}
else{
$aDataR['jmessage'] = "Failed to insert proxy";
}
}
}
}
else{
$aDataR['jmessage'] = "Invalid submission button";
}
// get up to date selection menu's for html interfaces
$_CONTEXT['proxies'] = RawToArray($sDest);
$aDataR['jselectoption'] = "<select name=\"iOptionSelected\" class=\"selectitem\">";
$aDataR['jselectoption'] .= "<option value=\"-1\">select an option</option>";
$aDataR['jselectoption'] .= "<option value=\"Insert\">insert a single proxy</option>";
$aDataR['jselectoption'] .= "<option value=\"Import\">import a list of proxies</option>";
$aDataR['jselectoption'] .= "<option value=\"Scrape\">scrape proxy address from a document</option>";
$aDataR['jselectoption'] .= "<option value=\"Test\">test if a proxy is online</option>";
$aDataR['jselectproxy'] = "";
if(false!=($_CONTEXT['proxies'] = RawToArray($sDest))){
$_CONTEXT['iproxies'] = count($_CONTEXT['proxies']);
$aDataR['jselectproxy'] .= "<select name=\"iProxy\">";
// if there are proxies in the data file, that means we can also remove them
$aDataR['jselectoption'] .= "<option value=\"Remove\">remove a proxy from the list</option>";
$aDataR['jselectproxy'] .= "<option value=\"-1\">select a proxy</option>";
for($x=0;$x<$_CONTEXT['iproxies'];$x++){
$aDataR['jselectproxy'] .= "<option value=\"".$x."\">".$_CONTEXT['proxies'][$x][0]."</option>";
}
$aDataR['jselectproxy'] .= "</select>";
}
$aDataR['jselectoption'] .= "</select>";
if($aDataR['jselectproxy']==""){
$aDataR['jselectproxy'] = "no proxies available";
}
echo json_encode($aDataR);
?>