Majority of pentesters know shodan and use it, Shodan is one of most popular search engine that we can use to find vulnerabilities on internet. With shodan you can search and find deepest informations from a website. LeakLooker is tool that use shodan to find open databases from internet. Because if you can get website database you can do anything with that website.
LeakLooker
Find open databases with Shodan
New version supports :
- Elasticsearch
- CouchDB
- MongoDB
- SMB
- Gitlab
- Rsync
- Jenkins
- Sonarqube
- Kibana
and custom query.
Background :
https://medium.com/@woj_ciech/leaklooker-find-open-databases-in-a-second-9da4249c8472
Requirements :
Python 3 Shodan paid plan, except Kibana search
Put your Shodan API key ina line 82, Get Shodan API here
pip3 install shodanpip3 install coloramapip3 install hurry.filesizepip3 install beautifulsoup4pip install -r requirements.txt
Usage
(venv) [email protected]:~/PycharmProjects/LeakLooker# python leaklooker.py -h,)\/ \' # '', ,'`',)\/ \' ~ '', ,'`'LeakLooker - Find open databaseshttps://medium.com/@woj_ciech https://github.com/woj-ciech/Example: python leaklooker.py --mongodb --couchdb --kibana --elastic --first 21 --last 37usage: leaklooker.py [-h] [--elastic] [--couchdb] [--mongodb] [--samba][--gitlab] [--rsync] [--jenkins] [--sonarqube][--query QUERY] [--kibana] [--first FIRST] [--last LAST]optional arguments:-h, --help show this help message and exit--elastic Elasti search (default: False)--couchdb CouchDB (default: False)--mongodb MongoDB (default: False)--samba Samba (default: False)--gitlab Gitlab (default: False)--rsync Rsync (default: False)--jenkins Jenkins (default: False)--sonarqube SonarQube (default: False)--query QUERY Additional query or filter for Shodan (default: )--kibana Kibana (default: False)Pages:--first FIRST First page (default: None)--last LAST Last page (default: None)
You need to specify first and last page
Example
[email protected]:~/# python leaklooker.py --mongodb --couchdb --kibana --elastic --first 12 --last 14[...]----------------------------------Elastic - Page 12--------------------------------Found 25069 resultsIP: http://xxx.xxx.xxx.xxx:9200/_cat/indices?vSize: 1GCountry: FranceIndices:.monitoring-kibana-6-2019.01.08[...]----------------------------IP: http://yyy.yyy.yyy.yyy:9200/_cat/indices?vSize: 144GCountry: ChinaIndices:zhuanlihx_person[...]----------------------------------CouchDB - Page 12--------------------------------Found 5932 results-----------------------------IP: http://xxx.xxx.xxx:5984/_utilsCountry: Austrianew_fron_dbtest_db-----------------------------IP: http://yyy.yyy.yyy.yyy:5984/_utilsCountry: United States_replicator_usersbackup_20180917backup_dbeio_localtfa_pos----------------------------------MongoDB - Page 12--------------------------------Found 66680 resultsIP: xxx.xxx.xxx.xxxSize: 6GCountry: FranceDatabase name: WarnSize: 80MCollections:Warnsystem.indexesDatabase name: xhprofprodSize: 5GCollections:resultssystem.indexes-----------------------------IP: yyy.yyy.yyy.yyySize: 544MCountry: UkraineDatabase name: localSize: 32MCollections:startup_logDatabase name: ace_statSize: 256MCollections:stat_minutesystem.indexesstat_hourlystat_daily[...]Database name: aceSize: 256MCollections:usergroupsystem.indexesscheduletaskdpigroupportforwardwlangroup[...]----------------------------------Kibana - Page 12--------------------------------Found 10464 resultsIP: http://xxx.xxx.xxx.xxx:5601/app/kibana#/discover?_g=()Country: Germany---IP: http://yyy.yyy.yyy.yyy:5601/app/kibana#/discover?_g=()Country: United States---IP: http://zzz.zzz.zzz.zzz:5601/app/kibana#/discover?_g=()Country: United Kingdom
Screenshots
