Daffa / Fixing minor bugs in tools

master
MD15 2021-02-01 10:38:58 +07:00
parent 22f733aaaa
commit d1311a4f85
12 changed files with 209 additions and 121 deletions

View File

@ -2,7 +2,7 @@
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<title>CSRF PoC Generator ~ MD15</title>
<title>CSRF PoC Generator ~ Daffainfo</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>

View File

@ -1,3 +1,3 @@
# Clickjacking
![Preview](https://i.ibb.co/9HcRVD8/image.png)
[Live Preview](https://md15.github.io/clickjacking)
[Live Preview](https://daffainfo.github.io/Bug-Bounty-Tools/Clickjacking)

View File

@ -4,6 +4,11 @@
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
<style>
iframe {
margin-top: 10px;
}
</style>
</head>
<body>
<div class="container">
@ -14,11 +19,11 @@
<small id="textHelp" class="form-text text-muted">Add http:// or https:// in the beginning</small>
</div>
<button id="submit-test" class="btn btn-primary">Test it!</button>
<iframe src="about:blank" id="iframe" frameborder="1" width="100%" height="100%"></iframe>
<iframe src="about:blank" id="iframe" frameborder="1" width="100%" height="50%"></iframe>
</div>
</body>
<script>
function frameIt() {
function frame() {
var url = document.getElementById("url").value;
var iframe = document.getElementById("iframe");
iframe.src = url;
@ -26,7 +31,7 @@
document.addEventListener('DOMContentLoaded', function () {
document.getElementById('submit-test').addEventListener('click',
function() {
frameIt();
frame();
}
);
});

View File

@ -1,5 +1,5 @@
<?php
error_reporting(0);
$input = $_POST['apikey'];
$url = 'https://maps.googleapis.com/maps/api/staticmap?center=45%2C10&zoom=7&size=400x400&key='.$input;
@ -42,82 +42,126 @@ function getContents($url) {
$data = file_get_contents($url);
return $data;
}
if ($yourProducts[0] == 200) {
echo "<p>API key is vulnerable for Staticmap API.</p>";
echo $url;
} else if ($yourProducts[0] == 403) {
echo "<p>API key is not vulnerable for Staticmap API.</p>";
}
if ($yourProducts[1] == 200) {
echo "<p>API key is vulnerable for Streetview API.</p>";
echo $url2;
} else if ($yourProducts[1] == 403) {
echo "<p>API key is not vulnerable for Streetview API.</p>";
}
if ($yourProducts[2] == 200) {
echo "<p>API key is vulnerable for Embed API.</p>";
echo $url3;
} else if ($yourProducts[2] == 403) {
echo "<p>API key is not vulnerable for Embed API.</p>";
}
if (strpos($yourProducts1[0], 'REQUEST_DENIED' === false)) {
echo "<p>API key is vulnerable for Directions API.</p>";
echo $url4;
} else if ($yourProducts[3] == 200) {
echo "<p>API key is not vulnerable for Directions API.</p>";
}
if (strpos($yourProducts1[1], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Geocoding API.</p>";
echo $url5;
} else if ($yourProducts[4] == 200) {
echo "<p>API key is not vulnerable for Geocoding API.</p>";
}
if (strpos($yourProducts1[2], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Distance Matrix API.</p>";
echo $url6;
} else if ($yourProducts[5] == 200) {
echo "<p>API key is not vulnerable for Distance Matrix API.</p>";
}
if (strpos($yourProducts1[3], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Find Place from Text API.</p>";
echo $url7;
} else if ($yourProducts[6] == 200) {
echo "<p>API key is not vulnerable for Find Place from Text API.</p>";
}
if (strpos($yourProducts1[4], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Autocomplete API.</p>";
echo $url8;
} else if ($yourProducts[7] == 200) {
echo "<p>API key is not vulnerable for Autocomplete API.</p>";
}
if (strpos($yourProducts1[5], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Elevation API.</p>";
echo $url9;
} else if ($yourProducts[8] == 200) {
echo "<p>API key is not vulnerable for Elevation API.</p>";
}
if (strpos($yourProducts1[5], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Timezone API.</p>";
echo $url10;
} else if ($yourProducts[9] == 200) {
echo "<p>API key is not vulnerable for Timezone API.</p>";
}
if (strpos($yourProducts1[6], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Roads API.</p>";
echo $url11;
} else if (strpos($yourProducts[10], '403') === false) {
echo "<p>API key is not vulnerable for Roads API.</p>";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Result Google Map API Key</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
<style type="text/css">
a {
font-size: 1.25em;
}
h1 {
margin: 25px 0px;
}
</style>
</head>
<body>
<div class="container">
<h1 class="text-center">Results</h1>
<h5>Staticmap API</h5>
<?php
if ($yourProducts[0] == 200) {
echo "<p>API key is vulnerable for Staticmap API</p>";
echo "<a href='".$url."' target='_blank'>Staticmap API</a>";
} else if ($yourProducts[0] == 403) {
echo "<p>API key is not vulnerable for Staticmap API</p>";
}
?>
<h5>Streetview API</h5>
<?php
if ($yourProducts[1] == 200) {
echo "<p>API key is vulnerable for Streetview API</p>";
echo "<a href='".$url2."' target='_blank'>Streetview API</a>";
} else if ($yourProducts[1] == 403) {
echo "<p>API key is not vulnerable for Streetview API</p>";
}
?>
<h5>Embed API</h5>
<?php
if ($yourProducts[2] == 200) {
echo "<p>API key is vulnerable for Embed API</p>";
echo "<a href='".$url3."' target='_blank'>Embed API</a>";
} else if ($yourProducts[2] == 403) {
echo "<p>API key is not vulnerable for Embed API</p>";
}
?>
<h5>Directions API</h5>
<?php
if (strpos($yourProducts1[0], 'REQUEST_DENIED' === false)) {
echo "<p>API key is vulnerable for Directions API</p>";
echo "<a href='".$url4."' target='_blank'>Directions API</a>";
} else if ($yourProducts[3] == 200) {
echo "<p>API key is not vulnerable for Directions API</p>";
}
?>
<h5>Geocoding API</h5>
<?php
if (strpos($yourProducts1[1], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Geocoding API</p>";
echo "<a href='".$url5."' target='_blank'>Geocoding API</a>";
} else if ($yourProducts[4] == 200) {
echo "<p>API key is not vulnerable for Geocoding API</p>";
}
?>
<h5>Matrix API</h5>
<?php
if (strpos($yourProducts1[2], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Matrix API</p>";
echo "<a href='".$url6."' target='_blank'>Matrix API</a>";
} else if ($yourProducts[5] == 200) {
echo "<p>API key is not vulnerable for Matrix API</p>";
}
?>
<h5>Find Place from Text API</h5>
<?php
if (strpos($yourProducts1[3], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Find Place from Text API</p>";
echo "<a href='".$url7."' target='_blank'>Find Place from Text API</a>";
} else if ($yourProducts[6] == 200) {
echo "<p>API key is not vulnerable for Find Place from Text API</p>";
}
?>
<h5>Autocomplete API</h5>
<?php
if (strpos($yourProducts1[4], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Autocomplete API</p>";
echo "<a href='".$url8."' target='_blank'>Autocomplete API</a>";
} else if ($yourProducts[7] == 200) {
echo "<p>API key is not vulnerable for Autocomplete API</p>";
}
?>
<h5>Elevation API</h5>
<?php
if (strpos($yourProducts1[4], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Elevation API</p>";
echo "<a href='".$url9."' target='_blank'>Elevation API</a>";
} else if ($yourProducts[7] == 200) {
echo "<p>API key is not vulnerable for Elevation API</p>";
}
?>
<h5>Timezone API</h5>
<?php
if (strpos($yourProducts1[5], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Timezone API</p>";
echo "<a href='".$url10."' target='_blank'>Timezone API</a>";
} else if ($yourProducts[9] == 200) {
echo "<p>API key is not vulnerable for Timezone API</p>";
}
?>
<h5>Roads API</h5>
<?php
if (strpos($yourProducts1[6], 'REQUEST_DENIED') === false) {
echo "<p>API key is vulnerable for Roads API</p>";
echo "<a href='".$url11."' target='_blank'>Roads API</a>";
} else if (strpos($yourProducts[10], '403') === false) {
echo "<p>API key is not vulnerable for Roads API</p>";
}
?>
</body>
</html>

View File

@ -1,5 +1,5 @@
<?php
error_reporting(0);
$input = $_POST['website'];
$url = $input.'/.env';
@ -24,37 +24,55 @@ function getHttpcode($url){
curl_close($ch);
return $httpcode;
}
// var_dump($listUrl[0]);
if ($listUrl[0] == "200") {
echo "<p>.env exposed</p>";
echo '<a target="_blank" href="'.$url.'">'.$url.'</a><br>';
echo "===========================================";
}
else if ($listUrl[0] != "200") {
echo "<p>.env not exposed</p><br>";
echo "===========================================";
}
if ($listUrl[1] == "200") {
echo "<p>Logs exposed</p>";
echo '<a target="_blank" href="'.$url2.'">'.$url2.'</a><br>';
echo "===========================================";
}
else if ($listUrl[1] != "200") {
echo "<p>Logs file not exposed</p><br>";
echo "===========================================";
}
if ($listUrl[2] == "405") {
echo '<p>Debug mode enabled</p>';
echo '<a target="_blank" href="'.$url3.'">'.$url3.'</a><br>';
echo "===========================================";
}
else if ($listUrl[2] != "405") {
echo "<p>Debug mode in ".$input." disabled</p><br>";
echo "===========================================";
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Result Laravel</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
<style type="text/css">
a {
font-size: 1.25em;
}
h1 {
margin: 25px 0px;
}
</style>
</head>
<body>
<div class="container">
<h1 class="text-center">Results</h1>
<h5>.env File</h5>
<?php
if ($listUrl[0] == "200") {
echo "<p>.env exposed</p>";
echo '<a target="_blank" href="'.$url.'">'.$url.'</a><br>';
}
else if ($listUrl[0] != "200") {
echo "<p>.env not exposed</p><br>";
}
?>
<h5>Logs file</h5>
<?php
if ($listUrl[1] == "200") {
echo "<p>Logs exposed</p>";
echo '<a target="_blank" href="'.$url2.'">'.$url2.'</a><br>';
}
else if ($listUrl[1] != "200") {
echo "<p>Logs file not exposed</p><br>";
}
?>
<h5>Debug mode</h5>
<?php
if ($listUrl[2] == "405") {
echo '<p>Debug mode enabled</p>';
echo '<a target="_blank" href="'.$url3.'">'.$url3.'</a><br>';
}
else if ($listUrl[2] != "405") {
echo "<p>Debug mode in ".$input." disabled</p><br>";
}
?>

View File

@ -0,0 +1,18 @@
#!/bin/bash
# Find Laravel Configuration File Mass Scanner
LISTS=$1
if [[ ! -f ${LISTS} ]]; then
echo "ERROR: ${LISTS} not found"
echo "usage: bash $0 list.txt"
exit
fi
for SITE in $(cat $LISTS);
do
if [[ $(curl --connect-timeout 3 --max-time 3 -kLs "${SITE}/.env" ) =~ 'DB_DATABASE' ]]; then
echo -e "\e[32m[+] FOUND: ${SITE}/.env"
else
echo -e "\e[31m[-] NOT FOUND: ${SITE}"
fi
done

View File

@ -1,5 +1,5 @@
#!/bin/bash
# Log Zend Mass Scanner
# Find Zend Configuration File Mass Scanner
LISTS=$1
if [[ ! -f ${LISTS} ]]; then

View File

@ -1,2 +1,2 @@
# BugBounty
Tools for Bug Bounty
Random tools for Bug Bounty

View File

@ -1,4 +1,5 @@
<?php
error_reporting(0);
$nomer = 1;
$input = $_POST['wordpress'];
@ -10,6 +11,7 @@
$url4 = $input.'/wp-content/debug.log';
//Backup file
$url5 = $input.'/.wp-config.php.swp';
$url6 = $input.'/wp-config.inc';
$url7 = $input.'/wp-config.old';
@ -24,6 +26,7 @@
$url16 = $input.'/wp-config.php.txt';
$url17 = $input.'/wp-config.php~';
//xmlrpc
$url18 = $input.'/xmlrpc.php';
$output = file_get_contents($url);
@ -69,7 +72,7 @@
<th>Username Wordpress</th>
<tr>
<?php
for($i=0; $i<count($json); $i++) {
for($i=0; $i < count($json); $i++) {
echo "<tr>";
echo "<td>".$nomer++."</td>";
echo "<td>".$json[$i]["slug"]."</td>";