View Issue Details

IDProjectCategoryView StatusLast Update
0004762Kali Linux[All Projects] New Tool Requestspublic2018-05-10 15:10
ReporteranarcoderAssigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0004762: Google Explorer - Mass exploitation tool
Description- Google Explorer
- Version - 0.1
- github.com/anarcoder/google_explorer
- autor: Daniel Almeida
- License: MIT
- It's a massive exploitation tool, that crawls google.com, parsing the results and run a specific exploit on each target, testing if is exploitable or not for that exploit. The tool is made in Selenium lib, so the user can deal with the captcha, with no problems.. if the captcha shows, the user type the captcha, and the robot keeps crawling until no results is showed.

As new exploits are published, i make the --plugin for it, so the tool is constantly updated. Actually is on ArchStrike and BlackArch. The last --plugin was for drupalgeddon2 (7 and 8) and the results are good.

- Dependencies are:

beautifulsoup4>=4.4.1
docopt>=0.6.2
lxml>=3.6.0
selenium==2.53.6
requests>=2.10.0


- I didn't find public tools that make anything like it..

- How to use:


1 - First make a google search:

$ python3 google_explorer.py --browser=firefox --dork='intext:"powered by drupal" inurl:"/user/register"'


2 - Then run the --plugin for the specific google dork:

$ python3 google_explorer.py --plugin='drupalgeddonrce2'



There are other combinations of search you can make, like:

$ python3 google_explorer.py --browser=firefox --dork='YOUR DORK HERE" --locationo='Brazil' --last_update='past year'

This last command will search on servers located at Brazil, and indexed by google on the last year..


$ python3 google_explorer.py --browser=firefox --dork='YOUR DORK HERE" --language='Portuguese'


This last command will search for pages written in Portuguese..



The sucess of results depends on your google dork, more goode the dork is, more efficient is results of the tool..



Some old pocs:

https://filebin.net/nt03f8m34g19k3lt/poc_apple.m4v

https://filebin.net/ycf15jj31f9opf7k/poc_mass.mp4

https://filebin.net/ycf15jj31f9opf7k/poc_mass2.mp4

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2018-05-10 15:10 anarcoder New Issue