/Gf-Patterns

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic) parameters grep

Gf-Patterns

GF By Twitter

A wrapper around grep, to help you grep for things

installation

If you've got Go installed and configured you can install waybackurls & Gf with:

▶ go get -u https://github.com/tomnomnom/waybackurls
▶ go get -u https://github.com/tomnomnom/gf

If you've installed using go get, you can enable auto-completion to your .bashrc like this:

echo 'source $GOPATH/src/github.com/tomnomnom/gf/gf-completion.bash' >> ~/.bashrc

Note that you'll have to restart your terminal, or run source ~/.bashrc for the changes to take effect.

To get started quickly, you can copy the example pattern files to ~/.gf like this:

▶ cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf

MY Gf Patterns installation

▶ git clone https://github.com/1ndianl33t/Gf-Patterns

To get started quickly, you can copy the example pattern files to ~/.gf like this:

▶ mv ~/Gf-Patterns/*.json ~/.gf

Use example

▶ cat subdomains.txt | waybackurls | sort -u >> waybackdata | gf ssrf | tee -a ssfrparams.txt

▶ cat waybackdata | gf redirect | tee -a redirect.txt

Pattern Files

The pattern definitions are stored in ~/.gf as little JSON files that can be kept under version control:

gf ssrf

▶ cat ~/.gf/ssrf.json

{
    "flags": "-iE",
     "patterns": [

        "access",
        "admin",
        "dbg",
        "debug",
        "edit",
        "grant",
        "test",
        "alter",
        "clone",
        "create",
        "delete",
        "disable",
        "enable",
        "exec",
        "execute",
        "load",
        "make",
        "modify",
        "rename",
        "reset",
        "shell",
        "toggle",
        "adm",
        "root",
        "cfg",
        "dest",
        "redirect",
        "uri",
        "path",
        "continue",
        "url",
        "window",
        "next",
        "data",
        "reference",
        "site",
        "html",
        "val",
        "validate",
        "domain",
        "callback",
        "return",
        "page",
        "feed",
        "host",
        "port",
        "to",
        "out",
        "view",
        "dir",
        "show",
        "navigation",
        "open"
        
      ]
}

gf redirect

▶ cat ~/.gf/redirect

{
    "flags": "-iE",
     "patterns": [
"forward=",
"dest=",
"redirect=",
"uri=",
"path=",
"continue=",
"url=",
"window=",
"to=",
"out=",
"view=",
"dir=",
"show=",
"navigation=",
"Open=",
"file=",
"val=",
"validate=",
"domain=",
"callback=",
"return=",
"page=",
"feed=",
"host=",
"port=",
"next=",
"data=",
"reference=",
"site=",
"html="
]
}

gf rce

▶ cat ~/.gf/rce.json
{
    "flags": "-iE",
     "patterns": [
 
        "daemon",
        "upload",
        "dir",
        "execute",
        "download",
        "log",
        "ip",
        "cli",
        "cmd"
]
}

Gf idor

▶ cat ~/.gf/idor.json
{
    "flags": "-iE",
     "patterns": [

 "id",
 "user",
 "account",
 "number",
 "order",
 "no",
 "doc",
 "key",
 "email",
 "group",
 "profile",
 "edit",
 "report"
 
 ]
}

Gf Sqli

▶ cat ~/.gf/sqli.json
{
    "flags": "-iE",
     "patterns": [

         "id",
        "select",
        "report",
        "role",
        "update",
        "query",
        "user",
        "name",
        "sort",
        "where",
        "search",
        "params",
        "process",
        "row",
        "view",
        "table",
        "from",
        "sel",
        "results",
        "sleep",
        "fetch",
        "order",
        "keyword",
        "column",
        "field",
        "delete",
        "string",
        "number",
        "filter"
]
}

Gf LFI

▶ cat ~/.gf/lfi.json
{
    "flags": "-iE",
     "patterns": [

        "file",
        "document",
        "folder",
        "root",
        "path",
        "pg",
        "style",
        "pdf",
        "template",
        "php_path",
        "doc"
]
}

Gf ssti

▶ cat ~/.gf/ssti.json


{
    "flags": "-iE",
     "patterns": [
        
        "template",
        "preview",
        "id",
        "view",
        "activity",
        "name",
        "content",
        "redirect"
]
}

Gf debug_logic

▶ cat ~/.gf/debug_logic.json
{
    "flags": "-iE",
     "patterns": [

        "access",
        "admin",
        "dbg",
        "debug",
        "edit",
        "grant",
        "test",
        "alter",
        "clone",
        "create",
        "delete",
        "disable",
        "enable",
        "exec",
        "execute",
        "load",
        "make",
        "modify",
        "rename",
        "reset",
        "shell",
        "toggle",
        "adm",
        "root",
        "cfg",
        "config"
]
}

Credit

Twitter Bugcrowd HUNT

Contact

Twitter