Stage/bug-bounty-reports
4
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Script to dump all users and get their password #1

New Issue
Open
opened 2024-07-31 16:03:57 +00:00 by papey · 6 comments
papey commented 2024-07-31 16:03:57 +00:00
Member
Copy Link

Create a script (langage of your choice) to :

  • log a user
  • get all users data from the references endpoint
  • iterate on response data and ensure you have password for all users
Create a script (langage of your choice) to : - log a user - get all users data from the references endpoint - iterate on response data and ensure you have password for all users
Mateo was assigned by papey 2024-07-31 16:03:57 +00:00
papey added the due date 2024-08-07 2024-07-31 16:04:11 +00:00
Mateo added reference refs/tags/script-release 2024-08-01 08:48:11 +00:00
Mateo changed reference from refs/tags/script-release to script 2024-08-01 08:48:22 +00:00
Mateo commented 2024-08-01 08:48:53 +00:00
Member
Copy Link

Script done !
SRC on script branch
Binary on Releases

Script done ! SRC on script branch Binary on Releases
Corwin commented 2024-08-01 12:42:52 +00:00
Owner
Copy Link

Please add the output of the script in the ticket as "this is what your screen should show up"

Please add the output of the script in the ticket as "this is what your screen should show up" ✋
Mateo commented 2024-08-02 12:13:24 +00:00
Member
Copy Link

This is what your screen should show up :

Gathering Bearer token...
Token found: *********

Scanning for existing users...
69 users found !

Decrypting passwords...

1. user1 => ************
[...]
69. galileoGalilei => **************
Asynchronous elapsed time = 5.24288ms
This is what your screen should show up : ``` Gathering Bearer token... Token found: ********* Scanning for existing users... 69 users found ! Decrypting passwords... 1. user1 => ************ [...] 69. galileoGalilei => ************** Asynchronous elapsed time = 5.24288ms ```
Corwin commented 2024-08-06 16:21:08 +00:00
Owner
Copy Link

I noticed that several bot users are registered in the software. Can you please sort them out using a regex to find them using the /references endpoint ?
Here is the regex rule :

  • bot users have a password starting with an uppercase, ending with a random uppercase letter + 1 digit

A second generation of bot users also have :

  • maybe 1 uppercase in the middle and/or 3 consecutive digits and they all end with a special character

Please add the two regexes printing and the script adaptation to that !

You can use https://regex101.com/r/hj0miD/1 to try with the list of users and find the correct regexes to implement

I noticed that several bot users are registered in the software. Can you please sort them out using a regex to find them using the /references endpoint ? Here is the regex rule : - bot users have a password starting with an uppercase, ending with a random uppercase letter + 1 digit A second generation of bot users also have : - maybe 1 uppercase in the middle and/or 3 consecutive digits and they all end with a special character Please add the two regexes printing and the script adaptation to that ! You can use https://regex101.com/r/hj0miD/1 to try with the list of users and find the correct regexes to implement
Mateo commented 2024-08-07 08:45:28 +00:00
Member
Copy Link

First generation : "^[A-Z][A-Za-z]+[0-9][A-Z]"
Second generation : "^.*?([A-Z]|[0-9]{3}).*?[,?;.:/!§%*^¨$£+\-=]"

First generation : `"^[A-Z][A-Za-z]+[0-9][A-Z]"` Second generation : `"^.*?([A-Z]|[0-9]{3}).*?[,?;.:/!§%*^¨$£+\-=]"`
Mateo commented 2024-08-07 12:28:51 +00:00
Member
Copy Link

I noticed that several bot users are registered in the software. Can you please sort them out using a regex to find them using the /references endpoint ?
Here is the regex rule :

  • bot users have a password starting with an uppercase, ending with a random uppercase letter + 1 digit

A second generation of bot users also have :

  • maybe 1 uppercase in the middle and/or 3 consecutive digits and they all end with a special character

Please add the two regexes printing and the script adaptation to that !

You can use https://regex101.com/r/hj0miD/1 to try with the list of users and find the correct regexes to implement

@Corwin Done #10

> I noticed that several bot users are registered in the software. Can you please sort them out using a regex to find them using the /references endpoint ? > Here is the regex rule : > - bot users have a password starting with an uppercase, ending with a random uppercase letter + 1 digit > > A second generation of bot users also have : > - maybe 1 uppercase in the middle and/or 3 consecutive digits and they all end with a special character > > Please add the two regexes printing and the script adaptation to that ! > > You can use https://regex101.com/r/hj0miD/1 to try with the list of users and find the correct regexes to implement @Corwin Done #10
Sign in to join this conversation.
script
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Administrator Corwin Mateo papey
No Assignees Mateo
3 Participants
Notifications
Due Date
2024-08-07
Dependencies

No dependencies set.

Reference: Stage/bug-bounty-reports#1
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?