idea_exploit

by lijiejie

lijiejie / idea_exploit

Gather sensitive information from (.idea) folder for pentesters

218 Stars 30 Forks Last release: Not found 4 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

.idea disclosure exploit

A script use .idea folder to gather sensitive information for pentesters .

Websites not correctly deployed let their IDE config folder (.idea) exposed to hacker,

which can lead password or archived data files leaked.

The scanner will try to download all files, please recheck local files by yourself.

Requirements

pip install lxml requests

Example

Our scanner reported a vulnerability this afternoon

scanner_pannel

As you can see, the file DbConnCfg.json leaked db password.

D:\IQIYI.codebase\idea_exp>idea_exp.py http://107.{mask}.{mask}.151/
[+] Module name is {mask}
[+] Type is web_module
[+] About 67 urls to process
[200] /cfg/DbConnCfg.json
[200] /bi/applepay/comm.php
[200] /bi/applepay/ipn_ios.php
[404] /auth/auth_ios/auth_guest.php
...
[200] /ver/ver_util.php
All files saved to 107.{mask}.{mask}.151/idea_exp_report.html

contain_password

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.