..I will show you how to make a multi bridge between THC_DO, THC_SS and THC_II and keep track of the output in realtime using iframes. So what exactly are we going to do? First of all..
Attempts to find suspicious and evil files or code
<?php
/* HackSuite debug script
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 14-11-2014
*/
if(!defined('IN_SCRIPT')){
exit;
}
$_CONTEXT['subtitle'] = "Debugger";
// no need to go on if there's no debug options file
$sDest = $_PATHS['data_root']."/debug_options.php";
(!IsThere($sDest) ? include_once($_PATHS['end']) : include_once($sDest));
if(isset($_POST['sOption'])){
/* form submitted.. */
if($_POST['sOption']!=""){
// not that you'd care about a directory traversal bug or xss in a hacking kit, but let's clean the input anyway
$sDest = $_PATHS['includes_root']."/".str_replace(" ","_",strip_tags(str_replace("%","",str_replace("/","",$_POST['sOption'])))).".php";
// include the handler for this page
(!IsThere($sDest) ? include_once($_PATHS['end']) : include_once($sDest));
}
}
else{
/* wrong submission button or nothing submitted at all */
$sCode = (isset($sCode) ? $sCode : "");
$sSelect = "<select name=\"sOption\" onchange=\"this.form.submit();\">\n";
$sSelect .= "<option value=\"\" selected>select an option</option>\n";
foreach($_DEBUG_OPT as $sKey=>$sValue){
// make the text of the key a bit more readable
$sKey = str_replace("_"," ",$sKey);
$sSelect .= "<option value=\"".$sKey."\">".$sKey."</option>\n";
}
$sSelect .= "</select>\n";
// setup configuration file selection form
$sCode .= " <form method=\"post\">\n";
$sCode .= " <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
$sCode .= " <div class=\"embosshdrnocenter border1pxtrans pad10\">Debug Environment</div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3 w150\">select an action:</div><div class=\"flt pad3\">".$sSelect."</div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3\"><input type=\"hidden\" name=\"iCFG\" value=\"".$_POST['iCFG']."\" /><input type=\"submit\" name=\"send\" value=\"Send\" /></div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " </div>\n";
$sCode .= " </form>\n";
}
?>