..you how to make a multi bridge between THC_DO, THC_SS and THC_II and keep track of the output in realtime using iframes. So what exactly are we going to do? First of all if you don't..
Attempts to find suspicious and evil files or code
<?php
/* THC InjectIT GUI
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 31-03-2015
*/
if(!defined("IN_SCRIPT")){
exit;
}
// add the js file to the headers first
$_CONTEXT['headers'] = (isset($_CONTEXT['headers']) ? $_CONTEXT['headers'] : "")."<script type=\"text/javascript\" src=\"".$_PATHS['module_default_root_http']."/menu.js\"></script>\n";
// we need to be able to read files from the urls directory
$sPage = $_PATHS['functions_root']."/getfilebydir.php";
(!IsThere($sPage) ? include_once($_PATHS['end']) : include_once($sPage));
$_CONTEXT['mfs'] = array();
/* keeps track of the current row when defining properties, which makes it easier to add and remove new rows */
$_CONTEXT['mfs']['currentrow'] = 0;
/* form properties */
$_CONTEXT['mfs']['module'] = $_CONTEXT['module_current'];
$_CONTEXT['mfs']['form'] = array();
$_CONTEXT['mfs']['form']['target'] = $_CONTEXT['screen']['name'];
$_CONTEXT['mfs']['form']['method'] = "post";
$_CONTEXT['mfs']['form']['action'] = $_CONTEXT['screen']['src'];
/* table */
$_CONTEXT['mfs']['table'] = array();
/* table header */
$_CONTEXT['mfs']['table']['header'] = array();
$_CONTEXT['mfs']['table']['header']['name'] = $_CONTEXT['modules'][$_CONTEXT['mfs']['module']]['name'];
$_CONTEXT['mfs']['table']['header']['description'] = $_CONTEXT['modules'][$_CONTEXT['mfs']['module']]['description'];
/* table rows */
$_CONTEXT['mfs']['table']['rows'] = array();
// select scan type
$sSelectAttack = "<select name=\"iAttackType\" class=\"attacktype\">\n";
$sSelectAttack .= " <option value=\"-1\" selected>select a scan</option>\n";
$sSelectAttack .= " <option value=\"0\">single scan</option>\n";
$sSelectAttack .= " <option value=\"1\">mass scan</option>\n";
$sSelectAttack .= "</select>\n";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "startscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "choose scan type";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sSelectAttack;
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "singlescan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "target";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = "<input type=\"text\" class=\"feedquery\" name=\"sTarget\" value=\"http://www.example.com/file.ext?var1=1&var2=1\" onfocus=\"this.value=''\" size=\"50\" />";
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "singlescan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "vars to poison";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['id'] = "querysplit";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = "";
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "massscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "filename";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
// get files from urls folder
$sFilesSelect = "";
if(false==($aFiles = GetFilesByDirectory($_PATHS['module_default_root']."/urls"))){
$sFilesSelect .= "No files in <b>urls</b> folder";
}
else{
$sFilesSelect .= "\n<select name=\"sUseFile\" class=\"usefile\">\n";
for($x=0;$x<count($aFiles);$x++){
$sFilesSelect .= " <option value=\"".$aFiles[$x]."\">".$aFiles[$x]."</option>\n";
}
$sFilesSelect .= "</select>\n";
}
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sFilesSelect;
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "allscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "attacks";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
// create selection form using inject.php
include_once($_PATHS['module_default_root']."/inject.php");
$sSelectExploit = "<select name=\"aExploits[]\" class=\"exploits\" multiple>\n";
foreach($_CONTEXT['inject'] as $sKey=>$aValues){
$sSelectExploit .= "<option value=\"".$sKey."\">use ".$sKey." exploit</option>\n";
}
$sSelectExploit .= "</select>\n";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sSelectExploit;
$_CONTEXT['mfs']['currentrow']++;
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['id'] = "allscan";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['class'] = "modleft";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][0]['value'] = "log all scans";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['class'] = "modright";
$sLogType = "<select name=\"iLogType\" class=\"logtype\">\n";
$sLogType .= " <option value=\"0\" selected>don't log scans</option>\n";
$sLogType .= " <option value=\"1\">log scans</option>\n";
$sLogType .= "</select>\n";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['cells'][1]['value'] = $sLogType;
$_CONTEXT['mfs']['currentrow']++;
/* table rows */
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']] = array();
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['class'] = "modrow";
$_CONTEXT['mfs']['table']['rows'][$_CONTEXT['mfs']['currentrow']]['value'] = "<div class=\"modrowleft mt5\"><input type=\"submit\" name=\"submit\" value=\"Scan\" class=\"submit\" /> <input type=\"submit\" name=\"submit\" value=\"Dump Log\" /> <input type=\"submit\" name=\"submit\" value=\"Truncate Log\" /></div>";
// create output form
$sCode = ModForm($_CONTEXT['mfs']);
?>