..cool, we will make a new module and not just some new module, nope let's make a fully automatic injection script! This tutorial is the first step into making this. Let's first explain..
Mister LG can create upload forms and test targets on file upload vulnerabilities
<?php
/* Matches encrypted string with a hash
Checks if an encrypted string is equal to a hash
PARAMETERS:
$sWord: word to encrypt
$sHash: hash to match
$sEnc: function name(must be preloaded)
$sSalt: salt(OPTIONAL)
$iStructure: where to put salt in the string(OPTIONAL)
VALUES:
TRUE: match
FALSE: no match
*/
function AntiHash($sWord,$sHash,$sEnc,$sSalt="",$iStructure=""){
if($iStructure==1){
$sWord .= $sSalt;
}
else{
$sWord = $sSalt.$sWord;
}
return(($sEnc($sWord)==$sHash ? true : false));
}
?>