Solr-GRAB : Steal Apache Solr Instance Queries With Or Without A Username And Password

Solr-GRAB is a tool to Steal Apache Solr instance Queries with or without a username and password.

Note : This project should be used for authorized testing and educational purposes only.

Download

git clone https://github.com/GnosticPlayers/Solr-GRAB

Usage

You can search for Apache Solr Instances via Censys, with the dork "Welcome To Solr" or "Apache Solr Admin". To grab queries, simply go to the http access point, sometimes being on port 80, 443 or 8080.

  • Replace “http://URLHERE/” with a desired URL, such as "http://127.0.0.1/".
  • Replace “PROJECTHERE/” with a desired project entry, such as a directory "users/".
  • Replace “IDHERE” with an ID that is unique per entry in JSON on the apache solr query, such as "id" or "global_id".
  • Lastly, replace “AMOUNTOFROWSHERE” with the amount of rows found in the query, such as "74332".

Now execute it with: bash index.sh.

Sometimes, you’ll have an error where it’s a 404 not found. If that’s the case, add "/solr/" between "http://URLHERE/" & "PROJECTHERE", such as: https://127.0.0.1/solr/users/. This should fix the problem.

R K

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

9 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

11 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

13 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

13 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

13 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

1 day ago