官方公众号企业安全新浪微博
FreeBuf.COM网络安全行业门户,每日发布专业的安全资讯、技术剖析。
FreeBuf+小程序
Agneyastra:一款Firebase 错误配置检测工具包
Alpha_h4ck- 关注
0
1
2
3
4
5
6
7
8
9
0
1
2
3
4
5
6
7
8
9
0
1
2
3
4
5
6
7
8
9
Agneyastra:一款Firebase 错误配置检测工具包
关于Agneyastra
Agneyastra是一款功能强大的错误配置检测工具,该工具主要针对的是Firebase平台,可以帮助广大研究人员更好地保障Firebase平台的安全。
Firebase 是 Google 推出的多功能平台,它通过一系列广泛的服务(包括实时数据库、身份验证、云存储和托管)为无数网络和移动应用程序提供支持。它的普及性和易用性使其成为开发人员的热门选择,但也是配置错误的主要目标,可能导致严重的安全漏洞。
Agneyastra 是一款尖端工具,旨在帮助漏洞赏金猎人和安全专业人员以无与伦比的精度检测 Firebase 错误配置。凭借其涵盖所有 Firebase 服务的全面检查、关联引擎和机密提取以及自动报告生成功能,Agneyastra 可确保不会忽视任何漏洞,从而扭转局势,让您占据优势。
功能介绍
1、支持快速检查所有 Firebase 服务中的配置错误。
2、支持关联引擎和敏感数据提取。
3、支持POC 和报告创建。
工具要求
Go环境
工具安装
由于该工具基于Go语言开发,因此我们首先需要在本地设备上安装并配置好最新版本的Go环境。
源码获取
广大研究人员可以直接使用下列命令将该项目源码克隆至本地:
https://github.com/JA3G3R/agneyastra.git
Go安装
go install github.com/JA3G3R/agneyastra/cmd/agneyastra@latest
工具帮助信息
工具使用
./agneyastra --key AIzaSyBv_y636JW_LYBcUQ7rN0b9Wukzop_gVEI --all
2024/11/22 23:17:40 Checking all services for misconfigurations
2024/11/22 23:17:42 Sign-in link sent to email: bhavarth1905kr@gmail.com
2024/11/22 23:17:44 Checking public read access. Dump directory:
2024/11/22 23:17:50 Running all firebase firestore misconfiguration checks
2024/11/22 23:18:00 Running all firebase rtdb misconfiguration checks
Final Report:
{
"api_keys": [
{
"api_key": "AIzaSyBv_y636JW_LYBcUQ7rN0b9Wukzop_gVEI",
"correlation_score": 0,
"auth": {
"anon-auth": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "Disable Anonymous Authentication",
"Details": {
"expiresIn": "3600",
"idToken": "redacted",
"localId": "3S1VMdFs2PVoISOrNxr8zL4akhs2",
"refreshToken": "redacted"
}
},
"custom-token-login": {
"Vulnerable": "error",
"Error": "failed to log in with custom token, status code: 400",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"send-signin-link": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "",
"VulnConfig": "Send Sign in Link enabled in Firebase project.",
"Remedy": "Disable Send Sign in Link from Firebase Console",
"Details": {
"email": "bhavarth1905kr@gmail.com"
}
},
"signup": {
"Vulnerable": "error",
"Error": "failed to sign up with email/password, status code: 400",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
}
},
"services": {
"bucket": {
"delete": {
"104159166443": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "",
"VulnConfig": "allow delete: if true; // Allows public delete access to storage objects.",
"Remedy": "Disable public delete access: 'allow delete: if false;'.",
"Details": {
"status_code": ""
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow delete: if request.auth == null; // Permits unauthenticated users to delete storage objects.",
"Remedy": "Restrict deletes to authenticated users: 'allow delete: if request.auth != null;'.",
"Details": {
"status_code": "404"
}
}
},
"read": {
"104159166443": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "public",
"VulnConfig": "",
"Remedy": "",
"Details": {
"Contents": {
"prefixes": null,
"items": null
}
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow read: if request.auth == null; // Allows unauthenticated access to storage objects.",
"Remedy": "Restrict to authenticated users: 'allow read: if request.auth != null;'.",
"Details": {
"Contents": {
"prefixes": {
"testing/": {
"prefixes": {
"testing/inner-folder/": {
"prefixes": {},
"items": [
{
"name": "testing/inner-folder/burpcert.der",
"bucket": "agneyastra-testing2.appspot.com"
}
]
}
},
"items": [
{
"name": "testing/2",
"bucket": "agneyastra-testing2.appspot.com"
}
]
}
},
"items": [
{
"name": "1",
"bucket": "agneyastra-testing2.appspot.com"
},
{
"name": "firebase.html",
"bucket": "agneyastra-testing2.appspot.com"
},
{
"name": "poc.txt",
"bucket": "agneyastra-testing2.appspot.com"
}
]
}
}
}
},
"write": {
"104159166443": {
"Vulnerable": "vulnerable:unknown",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"status_code": "404"
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow write: if request.auth == null; // Allows unauthenticated access to write storage objects.",
"Remedy": "Restrict to authenticated users: 'allow write: if request.auth != null;'.",
"Details": {
"status_code": "200"
}
}
}
},
"firestore": {
"delete": {
"104159166443": {
"Vulnerable": "error",
"Error": "bad request error in 2nd request",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow delete: if request.auth == null; // Permits unauthenticated users to delete storage objects.",
"Remedy": "Restrict deletes to authenticated users: 'allow delete: if request.auth != null;'.",
"Details": null
}
},
"read": {
"104159166443": {
"Vulnerable": "error",
"Error": "bad request error in 2nd request",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
}
},
"write": {
"104159166443": {
"Vulnerable": "error",
"Error": "bad request error in 2nd request",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow write: if request.auth == null; // Allows unauthenticated access to write storage objects.",
"Remedy": "Restrict to authenticated users: 'allow write: if request.auth != null;'.",
"Details": null
}
}
},
"rtdb": {
"delete": {
"104159166443": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow delete: if request.auth == null; // Permits unauthenticated users to delete storage objects.",
"Remedy": "Restrict deletes to authenticated users: 'allow delete: if request.auth != null;'.",
"Details": {
"rtdb_url": "https://104159166443-default-rtdb.firebaseio.com/agneyastrapocBui7Cl.json",
"status_code": "404"
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"rtdb_url": "https://agneyastra-testing2-default-rtdb.firebaseio.com/agneyastrapocBui7Cl.json",
"status_code": "401"
}
}
},
"read": {
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"rtdb_url": "https://agneyastra-testing2-default-rtdb.firebaseio.com/.json",
"status_code": ""
}
}
},
"write": {
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"rtdb_url": "https://agneyastra-testing2-default-rtdb.firebaseio.com/agneyastrapoc5WGiNY.json",
"status_code": ""
}
}
}
}
},
"secrets": null
}
]
}项目地址
Agneyastra:【GitHub传送门】
免责声明
1.一般免责声明:本文所提供的技术信息仅供参考,不构成任何专业建议。读者应根据自身情况谨慎使用且应遵守《中华人民共和国网络安全法》,作者及发布平台不对因使用本文信息而导致的任何直接或间接责任或损失负责。
2. 适用性声明:文中技术内容可能不适用于所有情况或系统,在实际应用前请充分测试和评估。若因使用不当造成的任何问题,相关方不承担责任。
3. 更新声明:技术发展迅速,文章内容可能存在滞后性。读者需自行判断信息的时效性,因依据过时内容产生的后果,作者及发布平台不承担责任。
本文为 Alpha_h4ck 独立观点,未经授权禁止转载。
如需授权、对文章有疑问或需删除稿件,请联系 FreeBuf 客服小蜜蜂(微信:freebee1024)
如需授权、对文章有疑问或需删除稿件,请联系 FreeBuf 客服小蜜蜂(微信:freebee1024)
被以下专辑收录,发现更多精彩内容
+ 收入我的专辑
+ 加入我的收藏
相关推荐
Alpha_h4ck LV.10
好好学习,天天向上
- 2359 文章数
- 1023 关注者
Tetragon:一款基于eBPF的运行时环境安全监控工具
2025-01-21
DroneXtract:一款针对无人机的网络安全数字取证工具
2025-01-21
CNAPPgoat:一款针对云环境的安全实践靶场
2025-01-21
文章目录