官方公众号企业安全新浪微博
FreeBuf.COM网络安全行业门户,每日发布专业的安全资讯、技术剖析。
FreeBuf+小程序
Agneyastra:一款Firebase 错误配置检测工具包
- 关注
Agneyastra:一款Firebase 错误配置检测工具包
关于Agneyastra
Agneyastra是一款功能强大的错误配置检测工具,该工具主要针对的是Firebase平台,可以帮助广大研究人员更好地保障Firebase平台的安全。
Firebase 是 Google 推出的多功能平台,它通过一系列广泛的服务(包括实时数据库、身份验证、云存储和托管)为无数网络和移动应用程序提供支持。它的普及性和易用性使其成为开发人员的热门选择,但也是配置错误的主要目标,可能导致严重的安全漏洞。
Agneyastra 是一款尖端工具,旨在帮助漏洞赏金猎人和安全专业人员以无与伦比的精度检测 Firebase 错误配置。凭借其涵盖所有 Firebase 服务的全面检查、关联引擎和机密提取以及自动报告生成功能,Agneyastra 可确保不会忽视任何漏洞,从而扭转局势,让您占据优势。
功能介绍
1、支持快速检查所有 Firebase 服务中的配置错误。
2、支持关联引擎和敏感数据提取。
3、支持POC 和报告创建。
工具要求
Go环境
工具安装
由于该工具基于Go语言开发,因此我们首先需要在本地设备上安装并配置好最新版本的Go环境。
源码获取
广大研究人员可以直接使用下列命令将该项目源码克隆至本地:
https://github.com/JA3G3R/agneyastra.git
Go安装
go install github.com/JA3G3R/agneyastra/cmd/agneyastra@latest
工具帮助信息
工具使用
./agneyastra --key AIzaSyBv_y636JW_LYBcUQ7rN0b9Wukzop_gVEI --all
2024/11/22 23:17:40 Checking all services for misconfigurations
2024/11/22 23:17:42 Sign-in link sent to email: bhavarth1905kr@gmail.com
2024/11/22 23:17:44 Checking public read access. Dump directory:
2024/11/22 23:17:50 Running all firebase firestore misconfiguration checks
2024/11/22 23:18:00 Running all firebase rtdb misconfiguration checks
Final Report:
{
"api_keys": [
{
"api_key": "AIzaSyBv_y636JW_LYBcUQ7rN0b9Wukzop_gVEI",
"correlation_score": 0,
"auth": {
"anon-auth": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "Disable Anonymous Authentication",
"Details": {
"expiresIn": "3600",
"idToken": "redacted",
"localId": "3S1VMdFs2PVoISOrNxr8zL4akhs2",
"refreshToken": "redacted"
}
},
"custom-token-login": {
"Vulnerable": "error",
"Error": "failed to log in with custom token, status code: 400",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"send-signin-link": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "",
"VulnConfig": "Send Sign in Link enabled in Firebase project.",
"Remedy": "Disable Send Sign in Link from Firebase Console",
"Details": {
"email": "bhavarth1905kr@gmail.com"
}
},
"signup": {
"Vulnerable": "error",
"Error": "failed to sign up with email/password, status code: 400",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
}
},
"services": {
"bucket": {
"delete": {
"104159166443": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "",
"VulnConfig": "allow delete: if true; // Allows public delete access to storage objects.",
"Remedy": "Disable public delete access: 'allow delete: if false;'.",
"Details": {
"status_code": ""
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow delete: if request.auth == null; // Permits unauthenticated users to delete storage objects.",
"Remedy": "Restrict deletes to authenticated users: 'allow delete: if request.auth != null;'.",
"Details": {
"status_code": "404"
}
}
},
"read": {
"104159166443": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "public",
"VulnConfig": "",
"Remedy": "",
"Details": {
"Contents": {
"prefixes": null,
"items": null
}
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow read: if request.auth == null; // Allows unauthenticated access to storage objects.",
"Remedy": "Restrict to authenticated users: 'allow read: if request.auth != null;'.",
"Details": {
"Contents": {
"prefixes": {
"testing/": {
"prefixes": {
"testing/inner-folder/": {
"prefixes": {},
"items": [
{
"name": "testing/inner-folder/burpcert.der",
"bucket": "agneyastra-testing2.appspot.com"
}
]
}
},
"items": [
{
"name": "testing/2",
"bucket": "agneyastra-testing2.appspot.com"
}
]
}
},
"items": [
{
"name": "1",
"bucket": "agneyastra-testing2.appspot.com"
},
{
"name": "firebase.html",
"bucket": "agneyastra-testing2.appspot.com"
},
{
"name": "poc.txt",
"bucket": "agneyastra-testing2.appspot.com"
}
]
}
}
}
},
"write": {
"104159166443": {
"Vulnerable": "vulnerable:unknown",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"status_code": "404"
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow write: if request.auth == null; // Allows unauthenticated access to write storage objects.",
"Remedy": "Restrict to authenticated users: 'allow write: if request.auth != null;'.",
"Details": {
"status_code": "200"
}
}
}
},
"firestore": {
"delete": {
"104159166443": {
"Vulnerable": "error",
"Error": "bad request error in 2nd request",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow delete: if request.auth == null; // Permits unauthenticated users to delete storage objects.",
"Remedy": "Restrict deletes to authenticated users: 'allow delete: if request.auth != null;'.",
"Details": null
}
},
"read": {
"104159166443": {
"Vulnerable": "error",
"Error": "bad request error in 2nd request",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
}
},
"write": {
"104159166443": {
"Vulnerable": "error",
"Error": "bad request error in 2nd request",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": null
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow write: if request.auth == null; // Allows unauthenticated access to write storage objects.",
"Remedy": "Restrict to authenticated users: 'allow write: if request.auth != null;'.",
"Details": null
}
}
},
"rtdb": {
"delete": {
"104159166443": {
"Vulnerable": "vulnerable:true",
"Error": "",
"AuthType": "anon",
"VulnConfig": "allow delete: if request.auth == null; // Permits unauthenticated users to delete storage objects.",
"Remedy": "Restrict deletes to authenticated users: 'allow delete: if request.auth != null;'.",
"Details": {
"rtdb_url": "https://104159166443-default-rtdb.firebaseio.com/agneyastrapocBui7Cl.json",
"status_code": "404"
}
},
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"rtdb_url": "https://agneyastra-testing2-default-rtdb.firebaseio.com/agneyastrapocBui7Cl.json",
"status_code": "401"
}
}
},
"read": {
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"rtdb_url": "https://agneyastra-testing2-default-rtdb.firebaseio.com/.json",
"status_code": ""
}
}
},
"write": {
"agneyastra-testing2": {
"Vulnerable": "vulnerable:false",
"Error": "",
"AuthType": "",
"VulnConfig": "",
"Remedy": "",
"Details": {
"rtdb_url": "https://agneyastra-testing2-default-rtdb.firebaseio.com/agneyastrapoc5WGiNY.json",
"status_code": ""
}
}
}
}
},
"secrets": null
}
]
}项目地址
Agneyastra:【GitHub传送门】
本文为 独立观点,未经允许不得转载,授权请联系FreeBuf客服小蜜蜂,微信:freebee2022
被以下专辑收录,发现更多精彩内容
+ 收入我的专辑
+ 加入我的收藏
相关推荐
- 0 文章数
- 0 关注者
文章目录