forked from alienwithin/OWASP-mth3l3m3nt-framework
/
index.php
128 lines (99 loc) · 4.12 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
/**
Purpose: Where the story begins (Welcome to the Mth3l3m3nt Framework)
Copyright (c) 2015 ~ alienwithin
Munir Njiru <munir@skilledsoft.com>
@version 1.0.0
@date: 30.06.2015
@url : http://munir.skilledsoft.com
**/
// Kickstart the framework
$f3=require('lib/base.php');
//load the configuration
$f3->config('framework/configuration.php');
$f3->set('APP_VERSION', '1.0');
$f3->set('ESCAPE', TRUE);
$f3->set('PACKAGE', 'Mth3l3m3nt Framework');
//Check Writeable Directories and Files have the right permissions
if (!is_dir($f3->get('TEMP')) || !is_writable($f3->get('TEMP')))
$writeableErr[] = sprintf('please make sure that the \'%s\' directory is existing and writable.',$f3->get('TEMP'));
if (!is_writable('framework/data/'))
$writeableErr[] = sprintf('please make sure that the \'%s\' directory is writable.','framework/data/');
if (!is_writable('framework/data/site_config.json'))
$writeableErr[] = sprintf('please make sure that the \'%s\' file is writable.','framework/data/site_config.json');
//handles all pagination
\Template::instance()->extend('pagebrowser','\Pagination::renderTag');
\Template\FooForms::init();
if(isset($writeableErr)) {
header('Content-Type: text;');
die(implode("\n",$writeableErr));
}
//Initialize some F3 Settings
$f3->set('FLASH', Flash::instance());
$web= Web::instance();
//Database Setup From our Config Class Instance
$cfg = Config::instance();
$f3->set('CONFIG', $cfg);
if ($cfg->ACTIVE_DB)
$f3->set('DB', DBHandler::instance()->get($cfg->ACTIVE_DB));
else {
$f3->error(500,'Sorry, but there is no active DB setup.');
}
///////////////
// frontend //
///////////////
$f3->route(array(
'GET /',
'GET /@page',
'GET /payloads',
'GET /page/@page'
),'Controller\Payload->getList');
// view single
$f3->route(array(
'GET /payload/@id'
), 'Controller\Payload->viewSingle');
$f3->route(array(
'GET /payload/search'
), 'Controller\Payload->search_frontend');
///////////////
// backend //
///////////////
if (\Controller\Auth::isLoggedIn()) {
// general CRUD operations
$f3->route('GET|POST /cnc/@module', 'Controller\Backend->getList');
$f3->route('GET|POST /cnc/@module/@page', 'Controller\Backend->getList');
$f3->route('GET|POST /cnc/@module/@action/@id', 'Controller\Backend->@action');
// some method reroutes
$f3->route('GET /cnc/@module/create', 'Controller\Backend->getSingle');
$f3->route('POST /cnc/@module/create', 'Controller\Backend->post');
$f3->route('GET /cnc/@module/edit/@id', 'Controller\Backend->getSingle');
$f3->route('POST /cnc/@module/edit/@id', 'Controller\Backend->post');
$f3->route('GET /cnc/@module/view/@id', 'Controller\Backend->viewSingle');
$f3->route('POST /cnc/@module/view/@id', 'Controller\Backend->viewSingle');
//Search
$f3->route('GET /cnc/@module/search', 'Controller\Backend->getSearchResults');
$f3->route('POST /cnc/@module/search', 'Controller\Backend->getSearchResults');
$f3->route('GET /cnc', 'Controller\Dashboard->main');
$f3->route('GET|POST /cnc/settings','Controller\Settings->general');
$f3->route('GET|POST /cnc/settings/@type','Controller\Settings->@type');
//LFI stuff
$f3->route('GET|POST /cnc/lfi','Controller\lfiplugins->koha_lfi');
$f3->route('GET|POST /cnc/lfi/@type','Controller\lfiplugins->@type');
//fuzzer-routes
$f3->route('GET|POST|HEAD /cnc/websaccre/dirfuzz','Controller\Urlfuzzer->dirfuzzer');
//$f3->route('GET|POST /cnc/recon/@type','Controller\recon->@type');
//Websaccre-routes
$f3->route('GET|POST /cnc/websaccre','Controller\Websaccre->generic_request');
$f3->route('GET|POST /cnc/websaccre/@type','Controller\Websaccre->@type');
//Dencoder-routes
$f3->route('GET|POST /cnc/dencoder','Controller\Dencoder->encoder_multi');
$f3->route('GET|POST /cnc/dencoder/@type','Controller\Dencoder->@type');
// no auth again
$f3->redirect('GET|POST /login', '/cnc', false);
} else {
// login
$f3->redirect(array('GET|POST /cnc/*','GET|POST /cnc'), '/login', false);
$f3->route('GET|POST /login','Controller\Auth->login');
}
$f3->route('GET /leave','Controller\Auth->logout');
$f3->run();