..we are going to create a new app for the hacksuite. We're not going to do anything fancy here, we will make a simple app to get familiar how to write compatible scripts for the..
Mister LG can create upload forms and test targets on file upload vulnerabilities
<?php
/* HTTP Authentication
Author: Remco Kouw
Site: http://www.hacksuite.com
Last Edit: 25-02-2015
*/
define('IN_SCRIPT',1);
// set some paths
$_ROOT = str_replace("/TestServers","",substr($_SERVER['SCRIPT_FILENAME'],0,strrpos($_SERVER['SCRIPT_FILENAME'],"/")));
$sCurrentFile = substr($_SERVER['SCRIPT_FILENAME'],strrpos($_SERVER['SCRIPT_FILENAME'],"/")+1);
// get the current log folder
$_DYNAMIC_ROOT = "..";
include_once("../vars.php");
include_once("../paths.php");
$aLogFolder = explode("/",$_PATHS['log_root']);
$sLogFile = $_ROOT."/".$aLogFolder[(count($aLogFolder)-1)]."/".$sCurrentFile;
// include setup based upon file path
include_once($_ROOT."/Includes/server_setup.php");
// did we sent the form in order to login?
if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER']!=""){
if($_SERVER['PHP_AUTH_USER']==$_CONFIG['sUser'] && $_SERVER['PHP_AUTH_PW']==$_CONFIG['sPass']){
// return success message
echo"logged in as user ".$_SERVER['PHP_AUTH_USER'].":".$_SERVER['PHP_AUTH_PW'];
exit;
}
}
header('WWW-Authenticate: Basic realm="'.$_CONFIG['sRealm'].'"');
header('HTTP/1.0 401 Unauthorized');
echo"Restricted access to server!";
?>