random gallery image
random tutorial
preview..I will show you how to create native tools. I'm not going to make a new tool though, instead I will show you what is required to create one. You can find all the native tools in the..
random vulnerability assesment
THC AntiEvil
Attempts to find suspicious and evil files or code
HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/* Searches for browsable directories */
if(!defined("IN_SCRIPT")){
exit;
}
include_once($_PATHS['functions_root']."/simple_html_dom.php");
echo Screen("<br />\n<b>Searching browsable directories...</b><blockquote>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// we want robots.txt, but we won't have to get it if we already did
if(!isset($_CONTEXT['browsedirs'])){
// let's get the file
$ch = curl_init();
$sTarget = $sHost."/robots.txt";
curl_setopt($ch, CURLOPT_URL, $sTarget);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101506 Ubuntu/10.04 (lucid) Firefox/3.6.13 GTB7.1');
$sResult = @curl_exec($ch);
$iHTTP = @curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if($iHTTP==200){
$_CONTEXT['browsedirs'] = $sResult;
}
}
$_CONTEXT['checkdirs'] = array();
// do we have the file content now?
if(isset($_CONTEXT['browsedirs'])){
preg_match_all("/Disallow: ([^\r\n]*)/",$_CONTEXT['browsedirs'],$aResult,PREG_SET_ORDER);
for($y=0;$y<count($aResult);$y++){
// extract dirs
if(strpos($aResult[$y][1],"?")===false && strpos($aResult[$y][1],".")===false){
$_CONTEXT['checkdirs'][] = str_replace("//","/",$sHost."/".$aResult[$y][1]);
}
}
}
$_CONTEXT['parsehtml2'] = array();
$oHTML = file_get_html($sHost);
// images
foreach($oHTML->find('img') as $oImages){
$_CONTEXT['parsehtml2'][] = $oImages->src;
}
// iframes
foreach($oHTML->find('iframe') as $oIframes){
$_CONTEXT['parsehtml2'][] = $oIframes->src;
}
// embeds
foreach($oHTML->find('embed') as $oEmbed){
$_CONTEXT['parsehtml2'][] = $oEmbed->src;
}
// scripts
foreach($oHTML->find('script') as $oScript){
$_CONTEXT['parsehtml2'][] = $oScript->src;
}
// links
foreach($oHTML->find('a') as $oHref){
$_CONTEXT['parsehtml2'][] = $oHref->href;
}
// parse all files
for($y=0;$y<count($_CONTEXT['parsehtml2']);$y++){
// absolute path
$aUrl = parse_url($_CONTEXT['parsehtml2'][$y]);
// is it the same host?
if(isset($aUrl['host']) && "http://".$aUrl['host']!=$sHost){
// nope, we're only interested in folders on this host
continue;
}
if(substr($_CONTEXT['parsehtml2'][$y],0,6)!="http://"){
$_CONTEXT['parsehtml2'][$y] = $sHost.($_CONTEXT['parsehtml2'][$y][0]=="/" ? "" : "/").$_CONTEXT['parsehtml2'][$y];
}
if($_CONTEXT['parsehtml2'][$y]==$sHost){
continue;
}
// does it have a path?
$iPath = @strlen($aUrl['path']);
if(!isset($aUrl['path']) || $iPath==1){
// nope, we're interested in folders only
continue;
}
// does it have a directory?
if(0==($iPos = strrpos($aUrl['path'],"/"))){
if(strpos($aUrl['path'],".")>0 || strpos($aUrl['path'],"?")>0){
continue;
}
// single directory
$_CONTEXT['checkdirs'][] = $sHost.$aUrl['path'];
}
else{
$_CONTEXT['checkdirs'][] = $sHost.substr($aUrl['path'],0,$iPos);
}
}
$_CONTEXT['checkdirs'] = array_unique($_CONTEXT['checkdirs']);
$_CONTEXT['checkdirs'] = array_values($_CONTEXT['checkdirs']);
$iBrowsable = 0;
for($y=0;$y<count($_CONTEXT['checkdirs']);$y++){
$bResult = false;
$iLen = strlen($_CONTEXT['checkdirs'][$y]);
$_CONTEXT['checkdirs'][$y] = ($_CONTEXT['checkdirs'][$y][$iLen-1]=="/" ? substr($_CONTEXT['checkdirs'][$y],0,-1) : $_CONTEXT['checkdirs'][$y]);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $_CONTEXT['checkdirs'][$y]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101506 Ubuntu/10.04 (lucid) Firefox/3.6.13 GTB7.1');
$sResult = @curl_exec($ch);
curl_close($ch);
$aFolder = explode("/",$_CONTEXT['checkdirs'][$y]);
$sFolder = "/".$aFolder[count($aFolder)-1];
$bResult = (strpos($sResult,"<title>Index of ".$sFolder."</title>")!=0 ? true : false);
if($bResult){
$iBrowsable++;
echo Screen("Folder: <a href=\"".$_CONTEXT['checkdirs'][$y]."\" target=\"blank\">".$sFolder."</a> > <b id=h6>BROWSABLE</b><br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
}
else{
echo Screen("Folder: ".$sFolder." > <b id=h7>NOT BROWSABLE</b><br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
}
flush();
ob_flush();
}
echo Screen("<br />\n<b>Found ".count($_CONTEXT['checkdirs'])." directories of which ".$iBrowsable." is/are browsable</b>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
echo Screen("</blockquote>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
flush();
ob_flush();
?>
powered by
site stats
cms statistics:
version: 0.6.0downloads: 4303
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
site resources
remote resources
partners and friends