Skip to content
/ sabgrab Public

(ab)uses LeakySAB to get providers from open SABnzbd instances.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lem6ns/sabgrab

BranchesTags

Repository files navigation

sabgrab

(ab)uses LeakySAB to get providers from open SABnzbd instances.

table of contents

demo

webui image

testVulnerableServers.js

Code_9pzPpHlCRo.mp4

usage

  1. npm i
  2. configure config.json (please fill in host field and not leave it 127.0.0.1)
  3. node index.js
  4. web ui accessible at :8112

in new terminal,

  1. get criminalip api key here
  2. edit getVulnerableServers.js to add api key
  3. node getVulnerableServers.js
  4. node testVulnerableServers.js
  5. profit! credentials are saved at creds.json

api

cors is NOT enabled.

sending a request to :8112/address:port will return the following responses:

success:

{
  "error": false,
  "data": [
    {
      "server": "example.com",
      "host": "example.com",
      "description": "example.com",
      "username": "username",
      "password": "password",
      "port": "1234",
      "ssl": false,
    },
    {
      "server": "example2.com",
      "host": "example2.com",
      "description": "example2.com",
      "username": "username2",
      "password": "password2",
      "port": "12345",
      "ssl": true,
    },
  ]
}

error:

{
  "error": true,
  "data": {
    "message": "error"
  }
}

troubleshooting

make sure that port 8119 and port 8112 is open.

About

(ab)uses LeakySAB to get providers from open SABnzbd instances.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages