..I will show you how to make a multi bridge between THC_DO, THC_SS and THC_II and keep track of the output in realtime using iframes. So what exactly are we going to do? First of all..
Creates a blueprint/map of a server folder
<?php
/* Reset Suite based op the involved.php data file
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 04-04-2015
*/
if(!defined('IN_SCRIPT')){
exit;
}
$_CONTEXT['subtitle'] = "Reset environment";
// target files we need, so make sure they are present
$aFiles = array($_PATHS['functions_root']."/fwrite.php",$_PATHS['functions_root']."/get_file_data.php",$_PATHS['data_root']."/involved.php",$_PATHS['functions_root']."/getfilebydir.php");
for($x=0;$x<count($aFiles);$x++){
(!IsThere($aFiles[$x]) ? include_once($_PATHS['end']) : include_once($aFiles[$x]));
}
// correct values
$aValues = array(0,1);
$sCode = (isset($sCode) ? $sCode : "");
$sTemplate = "";
if(!isset($_POST['sent'])){
/* construct form */
$sCode .= " <form method=\"post\">\n";
$sCode .= " <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
$sCode .= " <div class=\"embosshdrnocenter border1pxtrans pad10\">Reset environment</div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3\"><b>This will perform the following actions</b></div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3 w150\"></div>\n";
$sCode .= " <div class=\"flt pad3\">";
for($x=0;$x<count($_CONTEXT['reset']['dirs']);$x++){
if(isset($_CONTEXT['reset']['dirs'][$x]['cleanfiles'])){
$sAction = "empty ".count(GetFilesByDirectory($_CONTEXT['reset']['dirs'][$x]['main_dir']."/".$_CONTEXT['reset']['dirs'][$x]['sub_dir']))." file(s)";
}
elseif(isset($_CONTEXT['reset']['dirs'][$x]['except'])){
$sAction = "empty folder except ".count($_CONTEXT['reset']['dirs'][$x]['except'])." file(s)";
}
else{
$sAction = "remove folder files";
}
$sCode .= " <b>".substr($_CONTEXT['reset']['dirs'][$x]['main_dir'].($_CONTEXT['reset']['dirs'][$x]['sub_dir']=="" ? "" : "/".$_CONTEXT['reset']['dirs'][$x]['sub_dir']),(strlen($_SERVER['DOCUMENT_ROOT'])+1))."</b> - [ ".$sAction." ]<br />\n";
}
$sCode .= "<br />\n";
for($x=0;$x<count($_CONTEXT['reset']['files']);$x++){
$sPathRelative = ($_CONTEXT['reset']['files'][$x]['sub_dir']!="" ? $_CONTEXT['reset']['files'][$x]['sub_dir']."/" : "").$_CONTEXT['reset']['files'][$x]['filename'];
if(isset($_CONTEXT['reset']['files'][$x]['overwrite'])){
$sAction = "overwrite variables";
}
elseif(isset($_CONTEXT['reset']['files'][$x]['replace'])){
$sAction = "replace content";
}
elseif(isset($_CONTEXT['reset']['files'][$x]['empty'])){
$sAction = "empty file";
}
$sCode .= " ".$sPathRelative." - [ ".$sAction." ]<br />\n";
}
$sCode .= " </div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3\"><input type=\"hidden\" name=\"sent\" value=\"1\" /><input type=\"hidden\" name=\"iCFG\" value=\"".$_POST['iCFG']."\" /><input type=\"submit\" name=\"submit\" value=\"Reset\" /></div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " </div>\n";
$sCode .= " </form>\n";
}
else{
/* form has been sent */
if(isset($_CONTEXT['reset'])){
$_CONTEXT['reset_results'] = array();
foreach($_CONTEXT['reset'] as $sType=>$aValues){
if($sType=="files"){
/* MANAGE FILES */
$_CONTEXT['reset_results']['files'] = array();
$_CONTEXT['reset_results']['files']['amount'] = count($aValues);
$_CONTEXT['reset_results']['files']['names'] = array();
for($x=0;$x<$_CONTEXT['reset_results']['files']['amount'];$x++){
$sPathRelative = ($_CONTEXT['reset']['files'][$x]['sub_dir']!="" ? $_CONTEXT['reset']['files'][$x]['sub_dir']."/" : "").$_CONTEXT['reset']['files'][$x]['filename'];
$sPathAbsolute = $_CONTEXT['reset']['files'][$x]['main_dir']."/".($_CONTEXT['reset']['files'][$x]['sub_dir']!="" ? $_CONTEXT['reset']['files'][$x]['sub_dir']."/" : "").$_CONTEXT['reset']['files'][$x]['filename'];
$_CONTEXT['reset_results']['files']['names'][$x] = array();
$_CONTEXT['reset_results']['files']['names'][$x]['location'] = $sPathRelative;
$_CONTEXT['reset_results']['files']['names'][$x]['exists'] = (file_exists($sPathAbsolute) ? true : false);
if(!$_CONTEXT['reset_results']['files']['names'][$x]['exists']){
$_CONTEXT['reset_results']['files']['names'][$x]['error'] = "skipped, file doesn't exist";
continue;
}
if(isset($_CONTEXT['reset']['files'][$x]['var'])){
// if the key "var" is set, we need to update variables in the file
include_once($sPathAbsolute);
$sFileData = GetFileData($sPathAbsolute);
// we can't simply rely on string length
$sHash = md5($sFileData);
$_CONTEXT['reset_results']['files']['names'][$x]['action'] = "update";
for($y=0;$y<count($_CONTEXT['reset']['files'][$x]['var']);$y++){
if(isset($_CONTEXT['reset']['files'][$x]['var'][$y]['file_validate'])){
// does this value present a valid file?
$sDest = $_PATHS['root']."/".ExploitFilter($_CONTEXT['reset']['files'][$x]['var'][$y]['value'],0,1);
if(!file_exists($sDest)){
$_CONTEXT['reset_results']['files']['names'][$x]['error'] = "replace action failed due to a non existing file => ".$sDest;
break;
}
}
$sOld = "";
$sNew = "";
if(isset($_CONTEXT['reset']['files'][$x]['var'][$y]['context'])){
// working with context data
if(!isset($_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']])){
$_CONTEXT['reset_results']['files']['names'][$x]['error'] = "can't find variable \$_CONTEXT['".$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']."']";
break;
}
$sOld = "\$_CONTEXT['".$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']."'] = ";
$sNew = $sOld;
if(is_array($_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']])){
// create plain text array data
$sBuffer = "array(";
for($z=0;$z<count($_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']]);$z++){
$sBuffer .= "\"".$_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']][$z]."\",";
}
$sBuffer = substr($sBuffer,0,-1);
$sBuffer .= ")";
$sOld .= $sBuffer;
}
elseif(is_bool($_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']])){
// create boolean value
$sOld .= ($_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']] ? "true" : "false");
}
elseif(is_int($_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']])){
// create integer value
$sOld .= $_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']];
}
else{
// create string value
$sOld .= "\"".$_CONTEXT[$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']]."\"";
}
}
else{
// working with plain variable
if(!isset($$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'])){
$_CONTEXT['reset_results']['files']['names'][$x]['error'] = "can't find variable \$".$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'];
break;
}
// construct replacement string
$sOld = "\$".$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']." = ";
$sNew = $sOld;
if(is_array($$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'])){
// create plain text array data
$sBuffer = "array(";
for($z=0;$z<count($$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']);$z++){
$sBuffer .= "\"".${$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']}[$z]."\",";
}
$sBuffer = substr($sBuffer,0,-1);
$sBuffer .= ")";
$sOld .= $sBuffer;
}
elseif(is_bool($$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'])){
// create boolean value
$sOld .= ($$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'] ? "true" : "false");
}
elseif(is_int($$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'])){
// create integer value
$sOld .= $$_CONTEXT['reset']['files'][$x]['var'][$y]['varname'];
}
else{
// create string value
$sOld .= "\"".$$_CONTEXT['reset']['files'][$x]['var'][$y]['varname']."\"";
}
}
$sOld .= ";";
// construct new string
if($_CONTEXT['reset']['files'][$x]['var'][$y]['newtype']=="boolean" || $_CONTEXT['reset']['files'][$x]['var'][$y]['newtype']=="integer"){
$sNew .= $_CONTEXT['reset']['files'][$x]['var'][$y]['value'];
}
elseif($_CONTEXT['reset']['files'][$x]['var'][$y]['newtype']=="string"){
$sNew .= "\"".$_CONTEXT['reset']['files'][$x]['var'][$y]['value']."\"";
}
elseif($_CONTEXT['reset']['files'][$x]['var'][$y]['newtype']=="array"){
$sNew .= "array(".$_CONTEXT['reset']['files'][$x]['var'][$y]['value'].")";
}
$sNew .= ";";
$sFileData = str_replace($sOld,$sNew,$sFileData);
}
if($sHash!=md5($sFileData)){
$_CONTEXT['reset_results']['files']['names'][$x]['result'] = (WriteF($sPathAbsolute,$sFileData,"w") ? true : false);
}
else{
$_CONTEXT['reset_results']['files']['names'][$x]['error'] = "no data updated";
}
}
else{
// do we need to overwrite the file or empty it
if(isset($_CONTEXT['reset']['files'][$x]['replace'])){
// overwrite with new content
$_CONTEXT['reset_results']['files']['names'][$x]['result'] = (WriteF($sPathAbsolute,$_CONTEXT['reset']['files'][$x]['replace'],"w") ? true : false);
$_CONTEXT['reset_results']['files']['names'][$x]['action'] = "overwrite";
}
else{
// erase content
$_CONTEXT['reset_results']['files']['names'][$x]['result'] = (WriteF($sPathAbsolute,"","w") ? true : false);
$_CONTEXT['reset_results']['files']['names'][$x]['action'] = "erase";
}
}
}
}
else{
/* MANAGE DIRECTORIES */
$_CONTEXT['reset_results']['dirs'] = array();
$_CONTEXT['reset_results']['dirs']['amount'] = count($aValues);
for($x=0;$x<$_CONTEXT['reset_results']['dirs']['amount'];$x++){
$sDir = $_CONTEXT['reset']['dirs'][$x]['main_dir'].($_CONTEXT['reset']['dirs'][$x]['sub_dir']!="" ? "/" : "").$_CONTEXT['reset']['dirs'][$x]['sub_dir'];
$_CONTEXT['reset_results']['dirs']['names'] = array();
$_CONTEXT['filesinstack'] = GetFilesByDirectory($sDir);
$_CONTEXT['reset_results']['dirs']['names'][$x] = array();
$_CONTEXT['reset_results']['dirs']['names'][$x]['location'] = $sDir;
$_CONTEXT['reset_results']['dirs']['names'][$x]['files'] = array();
if(false!=($iFiles = count($_CONTEXT['filesinstack']))){
for($y=0;$y<$iFiles;$y++){
$_CONTEXT['reset_results']['dirs']['names'][$x]['files'][$y] = array();
$_CONTEXT['reset_results']['dirs']['names'][$x]['files'][$y]['name'] = $_CONTEXT['filesinstack'][$y];
if(isset($_CONTEXT['reset']['dirs'][$x]['except'])){
if(in_array($_CONTEXT['filesinstack'][$y],$_CONTEXT['reset']['dirs'][$x]['except'])){
$_CONTEXT['reset_results']['dirs']['names'][$x]['files'][$y]['action'] = "skipped";
continue;
}
}
if(isset($_CONTEXT['reset']['dirs'][$x]['cleanfiles'])){
$_CONTEXT['reset_results']['dirs']['names'][$x]['files'][$y]['action'] = (WriteF($sDir."/".$_CONTEXT['filesinstack'][$y],"","w") ? "cleaned" : "failed to clean");
}
else{
$_CONTEXT['reset_results']['dirs']['names'][$x]['files'][$y]['action'] = (unlink($sDir."/".$_CONTEXT['filesinstack'][$y]) ? "deleted" : "failed to delete");
}
}
}
}
}
}
// show results
$sCode .= " <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
$sCode .= " <div class=\"embosshdrnocenter border1pxtrans pad10\">Reset environment</div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3\"><b>RESULTS</b></div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sResult = "";
for($x=0;$x<$_CONTEXT['reset_results']['files']['amount'];$x++){
if(!$_CONTEXT['reset_results']['files']['names'][$x]['result']){
$sResult .= "error occured in ".$_CONTEXT['reset_results']['files']['names'][$x]['location']." => ".$_CONTEXT['reset_results']['files']['names'][$x]['action']."<br />\n";
}
}
$sCode .= " <div>".($sResult!="" ? $sResult : "environment has been reset")."</div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " </div>\n";
}
else{
$_CONTEXT['errors'][] = "Reset data is corrupt, please update DATA_DIR/involved.php";
$_CONTEXT['fatal'] = true;
}
}
?>