home
news
downloads
file library
gallery
tutorials
documentation
features
requirements
search
contact
random gallery image

more gallery images
random tutorial
preview

..will make a new module and not just some new module, nope let's make a fully automatic injection script! This tutorial is the first step into making this. Let's first explain what we're..

read more

random debugging
xAnalyze

xAnalyze is a module that can search through corrupt data and configuration files in order to find the exact position of errors

more about this module
more of this category
more modules

HackSuite File Library
File Library
Here you can find the latest files and structure of the THC HackSuite, note that if you have an earlier version of the suite it's not recommended to update files manually. Instead you should overwrite your existing HackSuite environment.
<?php
/* Wordlist Manager

Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 08-03-2015
*/
$_CONTEXT['subtitle'] = "Wordlist Manager";
// target files we need, so make sure they are present
$aFiles = array($_PATHS['functions_root']."/get_file_data.php",$_PATHS['functions_root']."/fwrite.php",$_PATHS['functions_root']."/getfilebydir.php");
for($x=0;$x<count($aFiles);$x++){
    (!IsThere($aFiles[$x]) ? include_once($_PATHS['end']) : include_once($aFiles[$x]));
}
// get files from the wordlist directory
$aFiles GetFilesByDirectory($_PATHS['wordlists_root'],0);
if(!isset($_POST['submit'])){
    // select wordlist form
    $sSelect "<select name=\"sList\">\n";
    $iFiles count($aFiles);
    $sSubmit "";
    if($iFiles>0){
        $sSubmit .= " <input type=\"submit\" name=\"submit\" value=\"Remove\"> <input type=\"submit\" name=\"submit\" value=\"View\">";
        for($x=0;$x<$iFiles;$x++){
            $sDest $_PATHS['wordlists_root']."/".$aFiles[$x];
            // let's make the file selection menu
            $sSelect .= "<option value=\"".$aFiles[$x]."\">".$aFiles[$x]." - ".@round(filesize($sDest)/1024,2)." KB</option>\n";
        }
        $sSelect .= "</select>\n";
    }
    // form
    $sCode .= "            <form method=\"post\">\n";
    $sCode .= "            <div class=\"emboss borderr5 border1pxtrans pad5 edgeglow overflw\">\n";
    $sCode .= "                <div class=\"embosshdrnocenter border1pxtrans pad10\" id=\"dscrp\">Manage your wordlists</div>\n";
    $sCode .= "                <div class=\"cc_record\" id=\"goaway\">\n";
    $sCode .= "                    <div class=\"flt pad3\">\n";
    $sCode .= "                        &gt; <a href=\"#\" class=\"importme\">import wordlist from url</a><br />\n";
    $sCode .= "                        &gt; <a href=\"index.php?module=thc_pg\">create new wordlist</a>\n";
    $sCode .= "                    </div>\n";
    $sCode .= "                </div>\n";
    $sCode .= "                <div class=\"clear\"></div>\n";
    $sCode .= "                <div class=\"cc_record\" id=\"goaway\">\n";
    $sCode .= "                    <div class=\"flt pad3 w150\">select wordlist:</div><div class=\"flt pad3\">".$sSelect."</div>\n";
    $sCode .= "                </div>\n";
    $sCode .= "                <div class=\"clear\"></div>\n";
    $sCode .= "                <div class=\"cc_record\" id=\"goaway\">\n";
    $sCode .= "                    <div class=\"flt pad3\">".$sSubmit."<input type=\"hidden\" name=\"iCFG\" value=\"".$_POST['iCFG']."\" /></div>\n";
    $sCode .= "                </div>\n";
    $sCode .= "            </div>\n";
    $sCode .= "            </form>\n";
    $sCode .= "<script type=\"text/javascript\">\n";
    $sCode .= "\$(document).ready(function(){\n";
    $sCode .= "    \$(\"a.importme\").click(function(e){\n";
    $sCode .= "        e.preventDefault();\n";
    $sCode .= "        \$('.cc_record#goaway').hide('fast');\n";
    $sCode .= "        \$('.embosshdrnocenter#dscrp').after('<div class=\"cc_record\"><div class=\"flt pad3\"><b>url:</b> <input type=\"text\" name=\"sUrl\" value=\"\" /></div></div><div class=\"clear\"></div><div class=\"cc_record\"><div class=\"flt pad3\"><input type=\"submit\" name=\"submit\" value=\"Import\" /></div></div><div class=\"clear\"></div>');\n";
    $sCode .= "    });\n";
    $sCode .= "});\n";
    $sCode .= "</script>\n";
}
elseif($_POST['submit']=="Remove"){
    // delete wordlist
    $sDest ExploitFilter($_PATHS['wordlists_root']."/".$_POST['sList'],0,1);
    if(!file_exists($sDest)){
        $_CONTEXT['errors'][] = "Wordlist file doesn't exist";
        include_once($_PATHS['end']);
    }
    $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result'].(@unlink($sDest) ? "Removed wordlist file" "Failed to remove wordlist file")."</div>";
}
elseif($_POST['submit']=="Import"){
    // import wordlist
    $aUrl = @parse_url($_POST['sUrl']);
    if(!isset($aUrl['host']) || empty($aUrl['host'])){
        $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Invalid url specified.</div>";
    }
    elseif(!isset($aUrl['path']) || empty($aUrl['path'])){
        $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."No path specified.</div>";
    }
    else{
        $aExtensions = array("pwl","txt","dat","php","lst");
        $aExtension = @explode(".",$aUrl['path']);
        $sExtension $aExtension[count($aExtension)-1];
        if(!in_array($sExtension,$aExtensions)){
            $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Invalid extension, if you really want to allow this extension you should open <b>Native/wordlistimport.php</b> and add the extension to <b>\$aExtensions</b></div>";
        }
        else{
            if(false===($sData = @file_get_contents($_POST['sUrl']))){
                $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."Failed to get data from target.</div>";
            }
            else{
                $aData explode("\n",$sData);
                if(strlen($aData[0])>20){
                    $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."The content doesn't seem to be a wordlist.</div>";
                }
                elseif(strlen($sData)<1024){
                    $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['error']."File needs to be at least 1KB large.</div>";
                }
                else{
                    (!WriteF($_PATHS['wordlists_root']."/".time().".txt",$sData,"w") ? include_once($_PATHS['end']) : $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result']."Successfully added wordlist.</div>");
                }
            }
        }
    }
}
elseif($_POST['submit']=="View"){
    // show source
    $sDest ExploitFilter($_PATHS['wordlists_root']."/".$_POST['sList'],0,1);
    if(!file_exists($sDest)){
        $_CONTEXT['errors'][] = "Wordlist file doesn't exist";
        include_once($_PATHS['end']);
    }
    $sData = @str_replace("\n","<br />\n",htmlspecialchars(file_get_contents($sDest)));
    $sCode .= "<div class=\"spacingmsg\">".$_CONTEXT['result_headers']['result'].$sData."</div>";
}
else{
    // invalid submission button
    $_CONTEXT['errors'][] = "Specified value for submission button is invalid.";
    include_once($_PATHS['end']);
}
?>
powered by
site stats
cms statistics:
version: 0.6.0
downloads: 4308
native: 26
modules: 21
apps: 2
support development
It takes lots of calories in order to create new things for the hacksuite, so it would be grand if you could buy me a protein shake or extra energy to keep me going. Thanks!
disclaimer
We are not responsible for any direct or indirect damage caused by abusing the tools provided on hacksuite.com. The suite is developed for educational purposes, use at your own risk!
site resources
remote resources
partners and friends
Created by Remco Kouw. Powered by protein shakes and a high calorie diet.