Solr-GRAB is a tool to Steal Apache Solr instance Queries with or without a username and password.
Note : This project should be used for authorized testing and educational purposes only.
Download
git clone https://github.com/GnosticPlayers/Solr-GRAB
Usage
You can search for Apache Solr Instances via Censys, with the dork "Welcome To Solr"
or "Apache Solr Admin"
. To grab queries, simply go to the http access point, sometimes being on port 80, 443 or 8080.
"http://127.0.0.1/"
."users/"
."id"
or "global_id"
."74332"
.Now execute it with: bash index.sh
.
Sometimes, you’ll have an error where it’s a 404 not found. If that’s the case, add "/solr/"
between "http://URLHERE/"
& "PROJECTHERE"
, such as: https://127.0.0.1/solr/users/
. This should fix the problem.
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…