Ninja-Hacker-Cat Sidebar für Firefox
This firefox extension can check your website for the most basic security issues and data leaks. It's an easy way to test the basic security of your websites!
Installation
Install the extension in firefox: Firefox Add-Ons
Temporary installation:
- Settings
- Debug extension
- New extension -> Open
manifest.json
Rule filter
engine/detection.js
: Try to understand the current web service and trigger the rules that match these application "tags".
Rules
rules/leak-urls.js
: Contains filenames that maybe interessting -> WP-Backups, GIT-Leaks.
rules/poc.js
: Contains proof of concepts for critical security issues -> Confluence RCE.
rules/versions.js
: Contains rules for version grabbing and detecting vulnerable versions -> Exchange RCE.
rules/web.js
: Contains rules for web vulnerabilities based on URL. -> SQLi, Keywords.
rules/fuzzing.js
: Contains rules for fuzzing GET and POST params based on current WebRequest. -> XSS, SQLi.
How to test these features
You can test some features against wackopicko, juice shop. CVEs can be tested against vulhub e.g. confluence.
docker run --rm -p 8080:3000 bkimminich/juice-shop
docker run --rm -p 8080:80 adamdoupe/wackopicko
Try: http://localhost:8080/ afterwards.
TODO
- Refactoring fuzzing (only change one param per request)!
- Add response size check to rules
- Add fuzzing for get params
- Add fuzzing param filter
- Wrapper for fetch requests to count
- Test fuzzing form data!
- Add securityinfo.txt
- Version detection
- Check for leaky urls in current tab
Detections:
- Wordpress Version
- PHP Version
- SQL Injection based on Header/Cookies
- IDOR based on GET-Param
- Path traversal
- OS Command Injection (https://portswigger.net/support/using-burp-to-test-for-os-command-injection-vulnerabilities)
- Big-IP RCE (https://github.com/horizon3ai/CVE-2022-1388/blob/main/CVE-2022-1388.py)
- ManageEngine ADSelfService (https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html)
- XSS Tests in GET-Param (tested)
- SQL Injection based on GET-Param (tested)
- SQL Injection Login bypass (JSON, tested)
- Bitbucket RCE (version only, tested)
- Confluence RCE (PoC, tested)
- Exchange Proxyshell (PoC, untested)
- Apache (version only, untested)
- Weblogic Console (PoC, untested)
CVEs:
The CVEs this browser extension can detect: Confluence Server (CVE-2022-26134), Bitbucket Server (CVE-2022-36804), Exchange Server Proxyshell (CVE-2021-34473), Apache (CVE-2021-41773), Weblogic Console (CVE-2020-14882).
Deployment
zip -r Ninja-Hacker-Cat.zip . -x ".*" -x "images/.*"
Upload: https://addons.mozilla.org/en-US/developers/addons
Copyright
GNU GENERAL PUBLIC LICENSE Version 2
Copyright 1337core, 2022