Ninja-Hacker-Cat Sidebar für Firefox

This firefox extension can check your website for the most basic security issues and data leaks. It's an easy way to test the basic security of your websites!

Installation

Install the extension in firefox: Firefox Add-Ons

Temporary installation:

• Settings
• Debug extension
• New extension -> Open manifest.json

Rule filter

engine/detection.js: Try to understand the current web service and trigger the rules that match these application "tags".

Rules

rules/leak-urls.js: Contains filenames that maybe interessting -> WP-Backups, GIT-Leaks.

rules/poc.js: Contains proof of concepts for critical security issues -> Confluence RCE.

rules/versions.js: Contains rules for version grabbing and detecting vulnerable versions -> Exchange RCE.

rules/web.js: Contains rules for web vulnerabilities based on URL. -> SQLi, Keywords.

rules/fuzzing.js: Contains rules for fuzzing GET and POST params based on current WebRequest. -> XSS, SQLi.

How to test these features

You can test some features against wackopicko, juice shop. CVEs can be tested against vulhub e.g. confluence.

docker run --rm -p 8080:3000 bkimminich/juice-shop
docker run --rm -p 8080:80 adamdoupe/wackopicko

Try: http://localhost:8080/ afterwards.

TODO

• Refactoring fuzzing (only change one param per request)!
• Add response size check to rules
• Add fuzzing for get params
• Add fuzzing param filter
• Wrapper for fetch requests to count
• Test fuzzing form data!
• Add securityinfo.txt
• Version detection
• Check for leaky urls in current tab

Detections:

• Wordpress Version
• PHP Version
• SQL Injection based on Header/Cookies
• IDOR based on GET-Param
• Path traversal
• OS Command Injection (https://portswigger.net/support/using-burp-to-test-for-os-command-injection-vulnerabilities)
• Big-IP RCE (https://github.com/horizon3ai/CVE-2022-1388/blob/main/CVE-2022-1388.py)
• ManageEngine ADSelfService (https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html)
• XSS Tests in GET-Param (tested)
• SQL Injection based on GET-Param (tested)
• SQL Injection Login bypass (JSON, tested)
• Bitbucket RCE (version only, tested)
• Confluence RCE (PoC, tested)
• Exchange Proxyshell (PoC, untested)
• Apache (version only, untested)
• Weblogic Console (PoC, untested)

CVEs:

The CVEs this browser extension can detect: Confluence Server (CVE-2022-26134), Bitbucket Server (CVE-2022-36804), Exchange Server Proxyshell (CVE-2021-34473), Apache (CVE-2021-41773), Weblogic Console (CVE-2020-14882).

Deployment

zip -r Ninja-Hacker-Cat.zip . -x ".*" -x "images/.*"

Upload: https://addons.mozilla.org/en-US/developers/addons

Copyright

GNU GENERAL PUBLIC LICENSE Version 2

Copyright 1337core, 2022

https://www.1337core.de