0ang3el / aem-hacker Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
I used aem_hacker.py and used burp collaborator payload as a host and then got a callback from a server. The server sent salesforcesecret in the request. Any idea how to exploit this further? Or should I just report this to the company?
I have encountered a lot of false positives of the flash-based xss but I don't know why it is happening. Would you mind taking a look?
Not able to scan multiple site at once.
Thought to ask - when are you planning to add check for CVE-2019-8088 and some others findings you reported to Adobe? :) I don't have your email hence asking here.
Could you point out why I am getting this error, as I restarted the machine and also killed required process?
Traceback (most recent call last):
File "aem_hacker.py", line 1532, in <module>
main()
File "aem_hacker.py", line 1513, in main
httpd = run_detector(args.port)
File "aem_hacker.py", line 1475, in run_detector
httpd = HTTPServer(('', port), handler)
File "/usr/lib/python3.5/socketserver.py", line 441, in __init__
self.server_activate()
File "/usr/lib/python3.5/socketserver.py", line 463, in server_activate
self.socket.listen(self.request_queue_size)
OSError: [Errno 98] Address already in use
Hi,
Just wondering why aem_enum.py got removed in one of the commits.
There's no real explanation given.
https://github.com/0ang3el/aem-hacker/blob/003062db253e71d98b33a76f88037f67bc19cfa6/aem_enum.py
Thanks
my input url is an AEM but still getting an error "Seems that you provided bad URL. Try another one, bye.",
Fixed it by editting the preflight function:
def preflight(url, proxy=None, debug=False):
try:
http_request(url, proxy=proxy, debug=debug)
except:
return True
else:
return True
I know that this is not a good fix but it should be fix properly.
I would love if there was an ability to adjust requests per second. I'm in a bug bounty program limiting to 5 requests per second. Where can I edit the aem_hacker.py file to limit the requests, or can you ad a parameter for this?
It will speed up the too much the performance. To use, at least, one session per URL.
While I run this cmd: python3 aem_hacker.py -u https://site.com --host 100.000.00.000
The error comes.
Traceback (most recent call last):
File "aem_hacker.py", line 1676, in <module>
main()
File "aem_hacker.py", line 1648, in main
httpd = run_detector(args.port)
File "aem_hacker.py", line 1605, in run_detector
httpd = HTTPServer(('', port), handler)
File "/usr/lib/python3.8/socketserver.py", line 452, in __init__
self.server_bind()
File "/usr/lib/python3.8/http/server.py", line 138, in server_bind
socketserver.TCPServer.server_bind(self)
File "/usr/lib/python3.8/socketserver.py", line 466, in server_bind
self.socket.bind(self.server_address)
OSError: [Errno 98] Address already in use
Solutions?
Thank you
hi thanks for the tool love it am having a issue here because i keep getting a ssrf hit on my burp but unable to corrolate the issue to a specific domain is there a way to proxy all traffic through burp so i could see which request is actually working?
Hello,
When trying to find the AEM pages the script doesn't give any output on the screen. I mean no error and result.
I am sure there is multiple application which is using an AEM.
Thanks
The aem_discoverer.py
script did not get called by aem_hacker.py
. I am still learning how to run it (placing a URL inside a file and supplying that file's name in the --file
argument showed the URL and exited the script).
In the meantime I figured I could crawl our AEM sites in search of forgotten test pages and internal user IDs.
time python3 aem_slurper.py HOST 2>&1 | tee HOST.txt
sort -k3 HOST.txt > HOST-sorted-by-path.txt
less HOST-sorted-by-path.txt
Fantastic work here @0ang3el, thanks for the hard work!
I was wondering if you could share your process for generating the response.bin payload. Hex-editing the one you have just isn't working for additional features I'd like to add to the resulting JSP. Do you have any documentation for serializing/generating the replication-ready binary?
Thanks in advance!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.