Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host.
Scan Rationale
- Scan host.
- Resolve IP adress and check .env file in IP Adress
- Checking debug mode Laravel ( Read .env variables )
Also Read – IotShark : Monitoring And Analyzing IoT Traffic
Installation
- Install with installer.sh
chmod +x installer.sh
./installer.sh
- Install manual
go get github.com/briandowns/spinner
go get github.com/christophwitzko/go-curl
go run main.go –hostname victim.host
or
go build laravelN00b main.go
Run
./laravelN00b –hostname victim.host