-
Notifications
You must be signed in to change notification settings - Fork 4
/
endpoint-discovery.py
72 lines (57 loc) · 2.21 KB
/
endpoint-discovery.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
from argparse import ArgumentParser, FileType
import re
import sys
def search_pcap(args):
import pyshark
fname = args.file.name
args.file.close()
cap = pyshark.FileCapture(input_file=fname, display_filter="http.request.uri contains \"/firebaseio/\"")
endpoints = []
for packet in cap:
uri = packet.http.request.uri
pattern = re.compile("https?://(.+)\\.firebaseio\\.com/(.*)")
match = pattern.match(uri)
path = match.group(2)
endpoints.append(path)
return endpoints
def search_binary_exact(args):
binary = args.file.read()
pattern = re.compile("https?://(.+)\\.firebaseio\\.com/(.*)")
matches = pattern.findall(binary)
endpoints = [match.group(2) for match in matches]
return endpoints
def search_binary_strings(args):
binary = args.file.read()
pattern = re.compile("\\w{5,}") # find all text with len >= 5
matches = pattern.findall(binary)
endpoints = [match.group(0) for match in matches]
return endpoints
def discover_endpoints(args):
endpoints = []
if args.type == 'pcap':
endpoints = search_pcap(args)
elif args.type == 'binary_exact':
endpoints = search_binary_exact(args)
elif args.type == 'binary_strings':
endpoints = search_binary_strings(args)
cleaned_endpoints = []
for endpoint in endpoints:
if endpoint.startswith("/"):
endpoint = endpoints[1:]
if endpoint.endswith(".json"):
endpoint = endpoints[:-5]
cleaned_endpoints.append(endpoint)
endpoints = cleaned_endpoints
print("{} potential endpoints found.".format(len(endpoints)))
data = "\n".join(endpoints) + "\n"
args.out.write(data)
args.out.close()
def parse_args():
parser = ArgumentParser()
parser.add_argument('type', help="Look for potential endpoints in the specified file type", choices=["pcap", "binary_exact", "binary_strings"])
parser.add_argument('file', help="The file to search through", type=FileType('w'))
parser.add_argument('--out', help="A file to dump results to", nargs='?', type=FileType('w'), default=sys.stdout)
args = parser.parse_args()
discover_endpoints(args)
if __name__ == '__main__':
parse_args()