random gallery image
random tutorial
preview

..we are going to create a new app for the hacksuite. We're not going to do anything fancy here, we will make a simple app to get familiar how to write compatible scripts for the..

read more

random vulnerability assesment
THC AntiEvil

Attempts to find suspicious and evil files or code

more about this module
more of this category
more modules

HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/* Searches for browsable directories */
if(!defined("IN_SCRIPT")){
    exit;
}
include_once(
$_PATHS['functions_root']."/simple_html_dom.php");
echo 
Screen("<br />\n<b>Searching browsable directories...</b><blockquote>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
// we want robots.txt, but we won't have to get it if we already did
if(!isset($_CONTEXT['browsedirs'])){
    
// let's get the file
    
$ch curl_init();
    
$sTarget $sHost."/robots.txt";
    
curl_setopt($chCURLOPT_URL$sTarget);
    
curl_setopt($chCURLOPT_RETURNTRANSFERtrue);
    
curl_setopt($chCURLOPT_USERAGENT'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101506 Ubuntu/10.04 (lucid) Firefox/3.6.13 GTB7.1');
    
$sResult = @curl_exec($ch);
    
$iHTTP = @curl_getinfo($chCURLINFO_HTTP_CODE);
    
curl_close($ch);
    if(
$iHTTP==200){
        
$_CONTEXT['browsedirs'] = $sResult;
    }
}
$_CONTEXT['checkdirs'] = array();
// do we have the file content now?
if(isset($_CONTEXT['browsedirs'])){
    
preg_match_all("/Disallow: ([^\r\n]*)/",$_CONTEXT['browsedirs'],$aResult,PREG_SET_ORDER);
    for(
$y=0;$y<count($aResult);$y++){
        
// extract dirs
        
if(strpos($aResult[$y][1],"?")===false && strpos($aResult[$y][1],".")===false){
            
$_CONTEXT['checkdirs'][] = str_replace("//","/",$sHost."/".$aResult[$y][1]);
        }
    }
}
$_CONTEXT['parsehtml2'] = array();
$oHTML file_get_html($sHost);
// images
foreach($oHTML->find('img') as $oImages){
    
$_CONTEXT['parsehtml2'][] = $oImages->src;
}
// iframes
foreach($oHTML->find('iframe') as $oIframes){
    
$_CONTEXT['parsehtml2'][] = $oIframes->src;
}
// embeds
foreach($oHTML->find('embed') as $oEmbed){
    
$_CONTEXT['parsehtml2'][] = $oEmbed->src;
}
// scripts
foreach($oHTML->find('script') as $oScript){
    
$_CONTEXT['parsehtml2'][] = $oScript->src;
}
// links
foreach($oHTML->find('a') as $oHref){
    
$_CONTEXT['parsehtml2'][] = $oHref->href;
}
// parse all files
for($y=0;$y<count($_CONTEXT['parsehtml2']);$y++){
    
// absolute path
    
$aUrl parse_url($_CONTEXT['parsehtml2'][$y]);
    
// is it the same host?
    
if(isset($aUrl['host']) && "http://".$aUrl['host']!=$sHost){
        
// nope, we're only interested in folders on this host
        
continue;
    }
    if(
substr($_CONTEXT['parsehtml2'][$y],0,6)!="http://"){
        
$_CONTEXT['parsehtml2'][$y] = $sHost.($_CONTEXT['parsehtml2'][$y][0]=="/" "" "/").$_CONTEXT['parsehtml2'][$y];
    }
    if(
$_CONTEXT['parsehtml2'][$y]==$sHost){
        continue;
    }
    
// does it have a path?
    
$iPath = @strlen($aUrl['path']);
    if(!isset(
$aUrl['path']) || $iPath==1){
        
// nope, we're interested in folders only
        
continue;
    }
    
// does it have a directory?
    
if(0==($iPos strrpos($aUrl['path'],"/"))){
        if(
strpos($aUrl['path'],".")>|| strpos($aUrl['path'],"?")>0){
            continue;
        }
        
// single directory
        
$_CONTEXT['checkdirs'][] = $sHost.$aUrl['path'];
    }
    else{
        
$_CONTEXT['checkdirs'][] = $sHost.substr($aUrl['path'],0,$iPos);
    }
}
$_CONTEXT['checkdirs'] = array_unique($_CONTEXT['checkdirs']);
$_CONTEXT['checkdirs'] = array_values($_CONTEXT['checkdirs']);
$iBrowsable 0;
for(
$y=0;$y<count($_CONTEXT['checkdirs']);$y++){
    
$bResult false;
    
$iLen strlen($_CONTEXT['checkdirs'][$y]);
    
$_CONTEXT['checkdirs'][$y] = ($_CONTEXT['checkdirs'][$y][$iLen-1]=="/" substr($_CONTEXT['checkdirs'][$y],0,-1) : $_CONTEXT['checkdirs'][$y]);
    
$ch curl_init();
    
curl_setopt($chCURLOPT_URL$_CONTEXT['checkdirs'][$y]);
    
curl_setopt($chCURLOPT_RETURNTRANSFERtrue);
    
curl_setopt($chCURLOPT_FOLLOWLOCATIONtrue);
    
curl_setopt($chCURLOPT_USERAGENT'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101506 Ubuntu/10.04 (lucid) Firefox/3.6.13 GTB7.1');
    
$sResult = @curl_exec($ch);
    
curl_close($ch);
    
$aFolder explode("/",$_CONTEXT['checkdirs'][$y]);
    
$sFolder "/".$aFolder[count($aFolder)-1];
    
$bResult = (strpos($sResult,"<title>Index of ".$sFolder."</title>")!=true false);
    if(
$bResult){
        
$iBrowsable++;
        echo 
Screen("Folder: <a href=\"".$_CONTEXT['checkdirs'][$y]."\" target=\"blank\">".$sFolder."</a> &gt; <b id=h6>BROWSABLE</b><br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
    }
    else{
        echo 
Screen("Folder: ".$sFolder." &gt; <b id=h7>NOT BROWSABLE</b><br />\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
    }
    
flush();
    
ob_flush();
}

echo 
Screen("<br />\n<b>Found ".count($_CONTEXT['checkdirs'])." directories of which ".$iBrowsable." is/are browsable</b>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
echo 
Screen("</blockquote>\n",$_CONTEXT['verbose'],$_CONTEXT['silent']);
flush();
ob_flush();
?>
powered by
site stats
cms statistics:
version: 0.6.0
downloads: 3921
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
Created by Remco Kouw. Powered by protein shakes and a high calorie diet.