..tutorial we are going to create a new app for the hacksuite. We're not going to do anything fancy here, we will make a simple app to get familiar how to write compatible scripts for the..
THC Sscan is a very versatile tool for scanning (html) files
<?php
/* Manager for login security properties
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 10-03-2015
*/
if(!defined('IN_SCRIPT')){
exit;
}
$_CONTEXT['subtitle'] = "Security Manager";
$sJSDev = "<script type=\"text/javascript\" src=\"Templates/".$_PATHS['style_user']."/js/security.js\"></script>\n";
$_CONTEXT['headers'] = isset($_CONTEXT['headers']) ? $_CONTEXT['headers'].$sJSDev : $sJSDev;
// target files we need, so make sure they are present
$aFiles = array($_PATHS['functions_root']."/fwrite.php",$_PATHS['functions_root']."/get_file_data.php");
for($x=0;$x<count($aFiles);$x++){
(!IsThere($aFiles[$x]) ? include_once($_PATHS['end']) : include_once($aFiles[$x]));
}
// output form
$sSelect = "\n<select name=\"iUpdateMe\" class=\"updateme\">\n";
$sSelect .= " <option value=\"-1\" selected=\"selected\">select an option</option>\n";
$sSelect .= " <option value=\"0\">change password access</option>\n";
$sSelect .= " <option value=\"1\">change ip access</option>\n";
$sSelect .= " <option value=\"2\">allowed ip addresses</option>\n";
$sSelect .= " <option value=\"3\">update password</option>\n";
$sSelect .= " <option value=\"4\">update password hash - advanced users only</option>\n";
$sSelect .= " <option value=\"5\">update password salt - advanced users only</option>\n";
$sSelect .= " <option value=\"6\">update cookie life</option>\n";
$sSelect .= " <option value=\"7\">update sleep after login fail - anti bruteforce</option>\n";
$sSelect .= " <option value=\"8\">login file location</option>\n";
$sSelect .= " <option value=\"9\">redirect after login failure</option>\n";
$sSelect .= " <option value=\"10\">reset access to suite</option>\n";
$sSelect .= "</select>\n";
// store default values
$sHidden = "<div class=\"defvals\">\n";
$sHidden .= " <div class=\"ip_access\">".$_CONTEXT['ip_access']."</div>\n";
$sHidden .= " <div class=\"ip_allowed\">";
for($x=0;$x<count($_CONTEXT['ip_allowed']);$x++){
if($x>0){
$sHidden .= ",";
}
$sHidden .= $_CONTEXT['ip_allowed'][$x];
}
$sHidden .= "</div>\n";
$sHidden .= " <div class=\"pass_access\">".$_CONTEXT['pass_access']."</div>\n";
$sHidden .= " <div class=\"pass_hash\">".$_CONTEXT['pass_hash']."</div>\n";
$sHidden .= " <div class=\"pass_salt\">".$_CONTEXT['pass_salt']."</div>\n";
$sHidden .= " <div class=\"sleeptime\">".$_CONTEXT['sleeptime']."</div>\n";
$sHidden .= " <div class=\"cookielife\">".$_CONTEXT['cookielife']."</div>\n";
$sHidden .= " <div class=\"login_file\">".$_CONTEXT['login_file']."</div>\n";
$sHidden .= " <div class=\"redirect_fail_login\">".$_CONTEXT['redirect_fail_login']."</div>\n";
$sHidden .= "</div>\n";
// form
$sCode .= " <form method=\"post\" class=\"security\">\n";
$sCode .= " <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
$sCode .= " <div class=\"embosshdrnocenter border1pxtrans pad10\">Edit your access settings</div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3 w150\">select option</div>\n";
$sCode .= " <div class=\"flt pad3\">".$sSelect."</div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " <div class=\"dholder\"></div>\n";
$sCode .= " <div class=\"cc_record\">\n";
$sCode .= " <div class=\"flt pad3\"><input type=\"submit\" name=\"submit\" value=\"Update\" /><input type=\"hidden\" name=\"iCFG\" value=\"".$_POST['iCFG']."\" /></div>\n";
$sCode .= " </div>\n";
$sCode .= " <div class=\"clear\"></div>\n";
$sCode .= " </div>\n";
$sCode .= " </form>\n";
$sCode .= $sHidden;
?>