Doxing usuarios de mercadolibre mediante google

Iniciado por Rootkit_Pentester, Abril 27, 2017, 08:51:30 PM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario
Abril 27, 2017, 08:51:30 PM
Hola Gente. Les paso esta busqueda que te permite hacer doxing a los usuarios de Mercado libre.



Es mediante la url de: You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login. Que da un monton de info acerca del manejo de esa web.
Esta es la busqueda en google que te da info muy interesante :D

site:api.mercadolibre.com/ -items -pictures inurl:users

Espero que les interese.
Saludos Rootkit.
Abril 28, 2017, 08:48:41 AM #1
Código: text
#!/usr/bin/env bash

URL="http://perfil.mercadolibre.cl"
LOG="/tmp/perfil"
LOG2="/tmp/site"
LOG3="/tmp/site2"
RE1="https://api.mercadolibre.com/users"


die(){
	echo >&2 "$@"
}

	if (("$#" == 1 )); then
		curl --silent $URL/$1 | grep "showProfile" | grep -o '[0-9]*' > $LOG
		if (( $(wc -l $LOG | awk '{print $1}') == 0 )); then 	
			printf "User $1 not found...\n"	
			rm $LOG
		else
			curl --silent $RE1/$(head -n 1 $LOG) > $LOG2
			cat $LOG2 | grep -Po '"site_id":.*?[^\\]",' | grep -o '[A-Z]*' > $LOG3
			curl --silent https://api.mercadolibre.com/sites/$(cat $LOG3)/search?nickname=$1 >> $LOG2

			#cat $LOG2
		       	id=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^"id"/ {print $2}')
		       	nickname=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^nickname/ {print $2}' | tr -d '""')
			registration_date=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^registration_date/ {print $2,$3,$4,$5}' | tr -d '""')
			country=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^country_id/ {print $2}' | tr -d '""')
			state=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/"state"/ {print $3}' | tr -d '""')
			city=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^city/ {print $2}' | tr -d '""' | head -n 1 )
			user_type=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/user_type/ {print $2}' |  tr -d '""')
			points=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/points/ {print $2}')
			permalink=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/permalink/ {print $3}'  | sed 's/^.\{2\}//' | tr -d '""' | head -n 1)
			printf "id : $id\nnickname: $nickname\nregistration_date: $registration_date \
			\ncountry: $country\nstate: $state\ncity: $city\nuser type: $user_type\npoints : $points\npermalink: $permalink\nMore User info in $LOG2\n"
			rm $LOG
			rm $LOG3
		fi	
	
	elif (("$#" > 1 )); then
		printf "Error...\n"
	else
		die "Usage : bash mercadolibre.sh NAME_PERFIL"
	fi
Abril 28, 2017, 02:17:01 PM #2
You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login
Código: text
#!/usr/bin/env bash

URL="http://perfil.mercadolibre.cl"
LOG="/tmp/perfil"
LOG2="/tmp/site"
LOG3="/tmp/site2"
RE1="https://api.mercadolibre.com/users"


die(){
	echo >&2 "$@"
}

	if (("$#" == 1 )); then
		curl --silent $URL/$1 | grep "showProfile" | grep -o '[0-9]*' > $LOG
		if (( $(wc -l $LOG | awk '{print $1}') == 0 )); then 	
			printf "User $1 not found...\n"	
			rm $LOG
		else
			curl --silent $RE1/$(head -n 1 $LOG) > $LOG2
			cat $LOG2 | grep -Po '"site_id":.*?[^\\]",' | grep -o '[A-Z]*' > $LOG3
			curl --silent https://api.mercadolibre.com/sites/$(cat $LOG3)/search?nickname=$1 >> $LOG2

			#cat $LOG2
		       	id=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^"id"/ {print $2}')
		       	nickname=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^nickname/ {print $2}' | tr -d '""')
			registration_date=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^registration_date/ {print $2,$3,$4,$5}' | tr -d '""')
			country=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^country_id/ {print $2}' | tr -d '""')
			state=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/"state"/ {print $3}' | tr -d '""')
			city=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/^city/ {print $2}' | tr -d '""' | head -n 1 )
			user_type=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/user_type/ {print $2}' |  tr -d '""')
			points=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/points/ {print $2}')
			permalink=$(cat $LOG2 | sed -e 's/[{}]/''/g' | awk -v RS=',"' -F: '/permalink/ {print $3}'  | sed 's/^.\{2\}//' | tr -d '""' | head -n 1)
			printf "id : $id\nnickname: $nickname\nregistration_date: $registration_date \
			\ncountry: $country\nstate: $state\ncity: $city\nuser type: $user_type\npoints : $points\npermalink: $permalink\nMore User info in $LOG2\n"
			rm $LOG
			rm $LOG3
		fi	
	
	elif (("$#" > 1 )); then
		printf "Error...\n"
	else
		die "Usage : bash mercadolibre.sh NAME_PERFIL"
	fi



Vaya muchisimas gracias por el codigo!!!.
Saludos  :D
Imprimir
Ir Arriba Páginas1
Acciones del Usuario