Share
## https://sploitus.com/exploit?id=5DBD6B13-6D09-57FC-82AA-10993059211D
๐Ÿ” Vite/Vue JS Exploitation Toolkit
=======================================

This toolkit contains two Python scripts for identifying and exploiting Laravel applications with exposed .env files and vulnerable APP_KEYs.

---

Screenshots Grabber


Screenshots Exploit


๐Ÿงพ Script 1: main.py
====================

๐Ÿ“Œ Purpose:
Finds exposed Vite dev servers on the internet using advanced Shodan queries, with support for country and custom filtering. Also provides domain/IP conversion utilities for pentesters and bug bounty researchers.

๐Ÿ›  How It Works:
- Uses a wide set of Vite fingerprinting queries to search Shodan.
- Supports country code and custom Shodan filter input.
- Saves hostnames and IPs in organized, timestamped folders.
- Converts domain lists to IPs.
- Performs reverse IP lookups (IP to domain).

๐Ÿ“ฅ Usage:
1. Prepare your Shodan API key and edit the script to insert it.

2. Run the script:
   python main.py

3. Choose an option:
- Grab Hostname/Domain from Shodan (with filters)
- Domain to IP
- IP to Domain (Reverse IP)

4. Follow the prompts for input files and filters.

๐Ÿ“ Output:
- Shodan results saved in:
   `ResultGrabVite/[COUNTRY]/ResultHost_YYYYMMDD-HHMMSS.txt`
   `ResultGrabVite/[COUNTRY]/ResultIP_YYYYMMDD-HHMMSS.txt`
- Domain to IP results:
   `ResultDomainToIPVite/DomainToIP_YYYYMMDD-HHMMSS.txt`
- IP to Domain results:
   `ResultIPToDomainVite/IPToDomain_YYYYMMDD-HHMMSS.txt`

๐Ÿ“ฆ Dependencies:
- shodan
- colorama
- requests

Install with:
pip install -r requirements.txt

---

๐Ÿงพ Script 2: vue.py
============================

๐Ÿ“Œ Purpose:
Exploits Vite CVE-2025-31125 to read sensitive files (like .env, /etc/passwd, config files) from exposed Vite dev servers. Automatically extracts and categorizes secrets for pentesting and bug bounty work.

๐Ÿ›  How It Works:
- Reads a list of targets (one per line, with or without protocol).
- Attempts to read a wide range of sensitive files via the Vite dev server file read vulnerability.
- Stops after the first .env found per target for efficiency.
- Parses .env and config files for:
	- SMTP credentials (SES, Sendgrid, Mailgun, Office365, 1And1, Zoho, Mandrill, etc.)
	- Database credentials (phpMyAdmin, Adminer, etc.)
	- Stripe, Twilio, AWS, Redis, App Keys, and more.
- Send notification to Telegram
- Saves each type of secret to its own result file in a timestamped folder.

๐Ÿ“ฅ Usage:
1. Prepare a file (e.g., targets.txt) with one target per line (domain or IP).

2. Run the script:
   python vue.py

3. Enter the input filename when prompted

๐Ÿ“ Output:
- All successful file reads:
   `ResultsVite_YYYYMMDD_HHMMSS/found.txt`
- Extracted secrets:
   `ResultsVite_YYYYMMDD_HHMMSS/SMTP.txt`
   `ResultsVite_YYYYMMDD_HHMMSS/Database.txt`
   `ResultsVite_YYYYMMDD_HHMMSS/Stripe.txt`
   `ResultsVite_YYYYMMDD_HHMMSS/Twilio.txt`
   `ResultsVite_YYYYMMDD_HHMMSS/AWS.txt`
   `ResultsVite_YYYYMMDD_HHMMSS/Redis.txt`
   `ResultsVite_YYYYMMDD_HHMMSS/AppKey.txt`

๐Ÿ“ฆ Dependencies:
- requests
- colorama

Install with:
pip install -r requirements.txt

## ๐Ÿ“ Folder Structure

Organize your data in the following folder structure:

```
vite-js-grabber/
โ”‚
โ”œโ”€โ”€ vite-grabber.py         # Main grabber script (Shodan recon, domain/IP tools)
โ”œโ”€โ”€ vue.py                  # Main exploit script (CVE-2025-31125 file reader & extractor)
โ”œโ”€โ”€ requirements.txt        # Python dependencies
โ”‚
โ”œโ”€โ”€ ResultGrabVite/         # Shodan grab results (auto-created)
โ”‚   โ””โ”€โ”€ [COUNTRY]/ResultHost_YYYYMMDD-HHMMSS.txt
โ”‚   โ””โ”€โ”€ [COUNTRY]/ResultIP_YYYYMMDD-HHMMSS.txt
โ”‚
โ”œโ”€โ”€ ResultDomainToIPVite/   # Domain to IP conversion results
โ”‚   โ””โ”€โ”€ DomainToIP_YYYYMMDD-HHMMSS.txt
โ”‚
โ”œโ”€โ”€ ResultIPToDomainVite/   # IP to domain (reverse IP) results
โ”‚   โ””โ”€โ”€ IPToDomain_YYYYMMDD-HHMMSS.txt
โ”‚
โ”œโ”€โ”€ ResultsVite_YYYYMMDD_HHMMSS/   # Exploit results (auto-created per run)
โ”‚   โ”œโ”€โ”€ found.txt           # All successful file reads
โ”‚   โ”œโ”€โ”€ SMTP.txt            # Extracted SMTP credentials
โ”‚   โ”œโ”€โ”€ Database.txt        # Extracted DB credentials
โ”‚   โ”œโ”€โ”€ Stripe.txt          # Stripe keys
โ”‚   โ”œโ”€โ”€ Twilio.txt          # Twilio keys
โ”‚   โ”œโ”€โ”€ AWS.txt             # AWS keys
โ”‚   โ”œโ”€โ”€ Redis.txt           # Redis info
โ”‚   โ””โ”€โ”€ AppKey.txt          # Laravel/Vite app keys
โ”‚
โ””โ”€โ”€ README.md               # This file
```

## Sample Results in Telegram BOT
```
- ๐Ÿ”ฅ Vite Exploit Found!
	- http://172-234-151-170.ip.linodeusercontent.com/@fs/.env?import

- ๐Ÿ”ฅ Interesting File Found
	- http://172-234-151-170.ip.linodeusercontent.com/@fs/etc/passwd?import

- ๐Ÿ“ง SMTP Credentials Found
	- URL: http://172-234-151-170.ip.linodeusercontent.com/@fs/.env?import
	- MAIL_HOST: smtp.mailgun.org
	- MAIL_USER: postmaster@mg.example.com
	- MAIL_PASS: supersecretpassword
	- MAIL_FROM: admin@example.com
	- MAIL_PORT: 587

- ๐Ÿ—„๏ธ Database Credentials Found
	- URL: http://172-234-151-170.ip.linodeusercontent.com/@fs/.env?import
	- DB_HOST: 127.0.0.1
	- DB_USER: root
	- DB_PASS: dbpassword
	- DB_NAME: mydb
	- DB_PORT: 3306
	- DB_CONNECTION: mysql

```
---

โš ๏ธ Legal Disclaimer:
These tools are for authorized penetration testing and educational purposes only. Unauthorized use is illegal and unethical. Always obtain explicit permission before testing any system.

---

๐Ÿงพ Requirements Summary (for both scripts)
==========================================

Create a requirements.txt file with:
requests
urllib3
colorama

Then install:
pip install -r requirements.txt

---

๐Ÿ‘จโ€๐Ÿ’ป Author: Bob Marley
------
Buy me a Coffe :
```
If you find this project useful and want to support future development:

โ‚ฟ  BTC: 17sbbeTzDMP4aMELVbLW78Rcsj4CDRBiZh
โ‚ฎ  USDT: TQfx5kjY4d1Q6piDgBVL31d8YJ8xCx5uTd (TRC-20)
ฮž  ETH: 0xb88cdeba793e13fa39ee19ad34cfe69916b81fa0 (ERC-20)
ล  LTC: LffRsEacPDGmFGQESpnSSRTECRxXq4txPq
```
ยฉ2025 Bob Marley