Skip to content

A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.

Notifications You must be signed in to change notification settings

MuhammadKhizerJaved/Insecure-Firebase-Exploit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Insecure-Firebase-Exploit

A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.

Blog:

https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/

Usage:

Firebase-Write-Permission-Exploit.py This is the Updated Version of Exploit i made. Now simply give the Database Name, File Name You wish to create, Your Information. And Write it to the Insecure/vulnerable firebase databases.

Usage POC Image

python Firebase-Write-Permission-Exploit.py

Enter Firebase Databse Name: <Database Name Here>
Enter Your Filename: <File Name Here>
Enter your name: <Your Name Here>
Enter your email: <Your Email Here>
Enter your Blog: <Your Contact link Here>
Enter A Message: <A Message you want to display alongside the basic Exploit info>

About

A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages