# LeakLooker **Repository Path**: jhppye/LeakLooker ## Basic Information - **Project Name**: LeakLooker - **Description**: LeakLooker 工具可以帮你找到互联网上暴露的一些常用网络服务,基于 Shodan 数据库进行查找 - **Primary Language**: Python - **License**: Not specified - **Default Branch**: master - **Homepage**: https://www.oschina.net/p/leaklooker - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 1 - **Created**: 2022-05-24 - **Last Updated**: 2022-05-24 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # LeakLooker - Powered by Binaryedge.io Find open databases/services GUI https://www.offensiveosint.io/leaklooker-gui-discover-browse-and-monitor-database-source-code-leaks/ https://github.com/woj-ciech/LeakLooker-X New version supports: - Elasticsearch - CouchDB - MongoDB - Gitlab - Rsync - Jenkins - Sonarqube - Kibana - CassandraDB - RethinkDB - Directory listing - Amazon S3 and custom query. Queries: https://docs.binaryedge.io/api-v2/ Background: https://www.offensiveosint.io/leaklooker-find-open-databases-in-seconds/ https://www.offensiveosint.io/fun-with-amazon-s3-leaks-and-bucket-takeover-attack/ https://www.offensiveosint.io/leaklooker-v2-find-more-open-servers-and-source-code-leaks/ https://www.offensiveosint.io/leaklooker-part-3-dna-samples-internal-files-and-more/ ## Requirements: Python 3 & Binaryedge API ***Paste your BinaryEdge API key in line 113*** ``` pip3 install colorama pip3 install hurry.filesize pip3 install beautifulsoup4 pip3 install pybinaryedge ``` ``` pip install -r requirements.txt ``` ## Usage ``` (venv) root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py -h , )\ / \ ' # ' ', ,' `' , )\ / \ ' ~ ' ', ,' `' LeakLooker - Find open databases - Powered by Binaryedge.io https://medium.com/@woj_ciech https://github.com/woj-ciech/ Example: python leaklooker.py --mongodb --couchdb --kibana --elastic --first 21 --last 37 usage: leaklooker.py [-h] [--elastic] [--couchdb] [--mongodb] [--gitlab] [--rsync] [--jenkins] [--sonarqube] [--query QUERY] [--cassandra] [--rethink] [--listing] [--kibana] [--s3asia] [--s3usa] [--s3europe] [--first FIRST] [--last LAST] optional arguments: -h, --help show this help message and exit --elastic Elastic search (default: False) --couchdb CouchDB (default: False) --mongodb MongoDB (default: False) --gitlab Gitlab (default: False) --rsync Rsync (default: False) --jenkins Jenkins (default: False) --sonarqube SonarQube (default: False) --query QUERY Additional query or filter for BinaryEdge (default: ) --cassandra Cassandra DB (default: False) --rethink Rethink DB (default: False) --listing Listing directory (default: False) --kibana Kibana (default: False) --s3asia Amazon s3 s3.ap-southeast-1 (default: False) --s3usa Amazon s3 s3.ap-southeast-1 (default: False) --s3europe Amazon s3 s3.ap-southeast-1 (default: False) Pages: --first FIRST First page (default: None) --last LAST Last page (default: None) ``` ***You need to specify first and last page*** ## Example ### Search for RethinkDB and listing directory in pages from 21 to 37 ``` root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py --rethink --listing --first 21 --last 37 ----------------------------------Listing directory - Page 21-------------------------------- https://[REDACTED]:6666 Product: Apache httpd Hostname: localhost [REDACTED]/ [REDACTED]/ [REDACTED]/ [REDACTED]/ [REDACTED]/ ----------------------------- https://[REDACTED]:6666 Product: MiniServ ----------------------------- https://[REDACTED]:6666 Product: Apache httpd [REDACTED]/ [REDACTED]/ [REDACTED].html [REDACTED]/ [REDACTED].css [REDACTED]/ [REDACTED]/ [REDACTED]/ favicon.ico ----------------------------- https://[REDACTED]:6666 Product: Apache httpd [REDACTED]/ [REDACTED]/ [REDACTED]/ [REDACTED]..> [REDACTED]/ [REDACTED]..> [REDACTED]/ ----------------------------------Rethink DB - Page 21-------------------------------- ReQL: [REDACTED]:28015 HTTP Admin: http://[REDACTED]:8080 Hostname: [REDACTED] Version: rethinkdb 2.3.6~0trusty (GCC 4.8.2) Name: [REDACTED] Database: [REDACTED] Tables: Database: rethinkdb Tables: cluster_config current_issues db_config jobs logs permissions server_config server_status stats table_config table_status users Database: [REDACTED] Tables: ----------------------------- ReQL: [REDACTED]:28015 HTTP Admin: http://[REDACTED]:8080 Hostname: [REDACTED] Version: rethinkdb 2.3.6~0jessie (GCC 4.9.2) Name: [REDACTED] Database: [REDACTED] Tables: Database: rethinkdb Tables: cluster_config current_issues db_config jobs logs permissions server_config server_status stats table_config table_status users Database: settings Tables: ----------------------------- ``` ### Search for Jenkins, Gitlab in Uruguay (Country code is UY) on pages from 1 to 2 ``` root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py --jenkins --gitlab --first 1 --last 2 --query "country:UY" ----------------------------------GitLab - Page 1-------------------------------- Total results: 13 https://[REDACTED]:443 GitLab Community Edition Registration is open ----------------------- https://[REDACTED]:443 Registration is closed. Check public repositories. https://164.73.232.10:443/explore ----------------------- https://[REDACTED]:443 Registration is closed. Check public repositories. https://190.64.138.5:443/explore ----------------------- https://[REDACTED]:443 GitLab Community Edition Registration is open [...] ----------------------------------Jenkins - Page 1-------------------------------- Total results: 6501 http://[REDACTED]:443 Executors Windows (master) Jobs ----------------------------- http://[REDACTED]:443 Executors Jobs ----------------------------- http://[REDACTED]:443 Executors Jobs [REDACTED] [REDACTED] ``` ### Search for mongoDB and Elasticsearch with keyword "medical" only on first page ``` root@kali:~/PycharmProjects/LeakLooker# python leaklooker.py --mongo --elastic --first 1 --last 2 --query "medical" ``` ## Additional Tool has been made for educational purposes only. I'm not responsible for any damage caused. Don't be evil.