Git Product home page Git Product logo

cores's Introduction

C.O.R.E.S Supported Python versions

CORES v1.03312017
Description:Cross-Origin Resource Exploitation Server.
Created by: Nick Sanzotta/@Beamr
Contribution thanks to Bill Harshbarger

This tool 'cores.py' will launch a Python SimpleHTTPServer configured with 
HTML & JavaScript code to execute a CORS Proof of Concept (PoC) vulnerability.
At a minimum the user will need to supply a URL vulnerable to excessive CORS along 
with the correct HTTP (-m)ethod.

Optionally, the user has the ability to (-a) Autolaunch FireFox and execute the payload.

Overview:

The CORS spec denies the header Access-Control-Allow-Origin (ACAO) to be configured with 
'*' while allowing Access-Control-Allow-Credential (ACAC) set to 'true'.
Example: (NOT Allowed!)
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

A commonly found misconfiguration or work around for this restriction is the following.
Example: (Insecure Work Around, Shares with any domain with credentials!)
<? php 
header("Access-Control-Allow-Origin: ".$_SERVER["HTTP_ORIGIN"]);
header("Access-Control-Allow-Credentials: true");

Installation:

# git clone https://github.com/NickSanzotta/CORES.git
# cd CORES/cores/
# python cores.py

Usage:

usage: cores.py cores.py <URL> <OPTIONS>
	Example: python cores.py https://site.com/
	Example: python cores.py https://site.com/ -m POST -p 8080 -c -s alert --verbose --auto

	 [-m, Define HTTP request method ex: -m POST]
	 [-p, Define HTTP Server port ex: -p 8080]

	 [-c, Sets "Access-Control-Allow-Credentials: true" ex: -c]
	 [-a, Auto-launches FireFox to automatically visit destination server.]
	 [-s, Select Log style ex: JavaScript Alert / Inner HTML ]


 None

optional arguments:
  -h, --help            show this help message and exit
  -c, --creds           Sets "Access-Control-Allow-Credentials: true"
  -a, --auto            Enables FireFox to auto-launch.
  -v, --verbose         Turn on Verbosity (Displays JavaScript code in STDOUT)

 URL options:
  URL [http://site.com/]
			Define vulnerable CORS targert URL ex: https://site.com/
  -m [GET]              Define HTTP request method [GET, HEAD, POST] ex: -m POST
  -p [80]               Define HTTP Server Port ex: -p 8080

 Log style options:
  -s [alert, html]      ex: -s html   Displays logs in generated HTML.
			ex: -s alert  Displays logs in JavaScript Alert function.

cores's People

Contributors

bharshbarger avatar nicksanzotta avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.