Skip to content
/ andro_firebase Public

The script checks for misconfigured/open firebase database used in development of Android apk's.

License

MIT license
10 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

udit-thakkur/andro_firebase

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
firebase.sh
firebase.sh
 
 

Repository files navigation

andro_firebase

The script checks for misconfigured/open firebase database used in development of Android apk's.

Installation:

Prerequisites:

           - apktool (apt install apktool | brew install apktool)

           - jq (apt install jq | brew install jq)

Usage:

  • ./firebase.sh /path/to/apkfile
  • e.g. ./firebase.sh /root/tmp/hackcura.apk

Donation (Buy Me a Coffee):

You can encourage me to contribute more to the open source with donation. NEVER ASKED BUT ALWAYS APPRECIATED.

Team:

Udit Thakkur - https://www.twitter.com/udit_thakkur

Harshit Sengar - https://www.twitter.com/sengarharshit1

Exploitaion:

Khizer Javed had done a really good research on it for exploting it further. You can have a look in his blog post here: https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/

Legal Disclaimer:

The script is made for educational and ethical purposes only. Usage of the script for attacking targets without prior mutual consent is illegal. Team Hackcura is not responsible for any misuse or damage caused by this script.

About

The script checks for misconfigured/open firebase database used in development of Android apk's.

Resources

Readme

License

MIT license
Activity

Stars

10 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages