0

LeakLooker

Find open databases with Shodan

Github 资源库
主要指标
  • 所有者: woj-ciech/LeakLooker
  • 平台:
  • 许可证:
  • 分类:
  • 主题:
  • 喜欢:
    0
      比较:

Github星跟踪图

LeakLooker - Powered by Binaryedge.io

Find open databases/services

New version supports:

  • Elasticsearch
  • CouchDB
  • MongoDB
  • Gitlab
  • Rsync
  • Jenkins
  • Sonarqube
  • Kibana
  • CassandraDB
  • RethinkDB
  • Directory listing
  • Amazon S3

and custom query.

Queries:

https://docs.binaryedge.io/api-v2/

Background:

v1: https://medium.com/@woj_ciech/leaklooker-find-open-databases-in-a-second-9da4249c8472

v2: https://medium.com/hackernoon/leaklooker-v2-find-more-open-servers-and-source-code-leaks-25e671700e41

v3: https://medium.com/@woj_ciech/leaklooker-part-3-dna-samples-internal-files-and-more-967e794fa031

Requirements:

Python 3 &
Binaryedge API

Paste your BinaryEdge API key in line 113

pip3 install colorama
pip3 install hurry.filesize
pip3 install beautifulsoup4
pip3 install pybinaryedge

pip install -r requirements.txt

Usage

(venv) root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py -h

         ,
         )\
        /  \
       '  # '
       ',  ,'
         `'

         ,
         )\
        /  \
       '  ~ '
       ',  ,'
         `'
LeakLooker - Find open databases - Powered by Binaryedge.io
https://medium.com/@woj_ciech https://github.com/woj-ciech/
Example: python leaklooker.py --mongodb --couchdb --kibana --elastic --first 21 --last 37
usage: leaklooker.py [-h] [--elastic] [--couchdb] [--mongodb] [--gitlab]
                     [--rsync] [--jenkins] [--sonarqube] [--query QUERY]
                     [--cassandra] [--rethink] [--listing] [--kibana]
                     [--s3asia] [--s3usa] [--s3europe] [--first FIRST]
                     [--last LAST]

optional arguments:
  -h, --help     show this help message and exit
  --elastic      Elastic search (default: False)
  --couchdb      CouchDB (default: False)
  --mongodb      MongoDB (default: False)
  --gitlab       Gitlab (default: False)
  --rsync        Rsync (default: False)
  --jenkins      Jenkins (default: False)
  --sonarqube    SonarQube (default: False)
  --query QUERY  Additional query or filter for BinaryEdge (default: )
  --cassandra    Cassandra DB (default: False)
  --rethink      Rethink DB (default: False)
  --listing      Listing directory (default: False)
  --kibana       Kibana (default: False)
  --s3asia       Amazon s3 s3.ap-southeast-1 (default: False)
  --s3usa        Amazon s3 s3.ap-southeast-1 (default: False)
  --s3europe     Amazon s3 s3.ap-southeast-1 (default: False)

Pages:
  --first FIRST  First page (default: None)
  --last LAST    Last page (default: None)

You need to specify first and last page

Example

Search for RethinkDB and listing directory in pages from 21 to 37

root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py --rethink --listing --first 21 --last 37
----------------------------------Listing directory - Page 21--------------------------------
https://[REDACTED]:6666
Product: Apache httpd
Hostname: localhost
[REDACTED]/
[REDACTED]/
[REDACTED]/
[REDACTED]/
[REDACTED]/
-----------------------------
https://[REDACTED]:6666
Product: MiniServ
-----------------------------
https://[REDACTED]:6666
Product: Apache httpd
[REDACTED]/
[REDACTED]/
[REDACTED].html
[REDACTED]/
[REDACTED].css
[REDACTED]/
[REDACTED]/
[REDACTED]/
favicon.ico
-----------------------------
https://[REDACTED]:6666
Product: Apache httpd
[REDACTED]/
[REDACTED]/
[REDACTED]/
[REDACTED]..>
[REDACTED]/
[REDACTED]..>
[REDACTED]/
----------------------------------Rethink DB - Page 21--------------------------------
ReQL: [REDACTED]:28015
HTTP Admin: http://[REDACTED]:8080
Hostname: [REDACTED]
Version: rethinkdb 2.3.6~0trusty (GCC 4.8.2)
Name: [REDACTED]
Database: [REDACTED]
Tables: 
Database: rethinkdb
Tables: 
cluster_config
current_issues
db_config
jobs
logs
permissions
server_config
server_status
stats
table_config
table_status
users
Database: [REDACTED]
Tables: 
-----------------------------
ReQL: [REDACTED]:28015
HTTP Admin: http://[REDACTED]:8080
Hostname: [REDACTED]
Version: rethinkdb 2.3.6~0jessie (GCC 4.9.2)
Name: [REDACTED]
Database: [REDACTED]
Tables: 
Database: rethinkdb
Tables: 
cluster_config
current_issues
db_config
jobs
logs
permissions
server_config
server_status
stats
table_config
table_status
users
Database: settings
Tables: 
-----------------------------

Search for Jenkins, Gitlab in Uruguay (Country code is UY) on pages from 1 to 2

root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py --jenkins --gitlab --first 1 --last 2 --query "country:UY"
----------------------------------GitLab - Page 1--------------------------------
Total results: 13
https://[REDACTED]:443
GitLab Community Edition
Registration is open
-----------------------
https://[REDACTED]:443
Registration is closed. Check public repositories. https://164.73.232.10:443/explore
-----------------------
https://[REDACTED]:443
Registration is closed. Check public repositories. https://190.64.138.5:443/explore
-----------------------
https://[REDACTED]:443
GitLab Community Edition
Registration is open
[...]
----------------------------------Jenkins - Page 1--------------------------------
Total results: 6501
http://[REDACTED]:443
Executors
Windows
(master)
Jobs
-----------------------------
http://[REDACTED]:443
Executors
Jobs
-----------------------------
http://[REDACTED]:443
Executors
Jobs
[REDACTED]
[REDACTED]

Search for mongoDB and Elasticsearch with keyword "medical" only on first page

root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py --mongo --elastic --first 1 --last 2 --query "medical"

Additional

Tool has been made for educational purposes only. I'm not responsible for any damage caused. Don't be evil.

主要指标

概览
名称与所有者woj-ciech/LeakLooker
主编程语言
编程语言Python (语言数: 0)
平台
许可证
所有者活动
创建于2019-01-08 17:39:24
推送于2020-06-28 08:43:22
最后一次提交2020-06-28 10:43:21
发布数0
用户参与
星数1.4k
关注者数41
派生数321
提交数30
已启用问题?
问题数16
打开的问题数10
拉请求数0
打开的拉请求数2
关闭的拉请求数2
项目设置
已启用Wiki?
已存档?
是复刻?
已锁定?
是镜像?
是私有?