New plugins for FOCA: HaveIBeenPwned and SQLi

Monday, March 19, 2018

Following the publication of Foca OpenSource, a lot of people are now enthusiatic about the idea of adding new plugins or improving existing ones. On this occasion, we present two new plugins to get even more out of FOCA.

In a joint effort between the Laboratory team and CSAs team, mainly, at the hands of José Sperk and Carlos Ávila, we have set to work to improve a plugin  which has been in high demand: the one of SQLinjection. To do this, we have decided to interact with one of the most utilised hacking tools in the market, the famous SQLMap. From this, we have advanced with the development of a plugin which allows us to detect and exploit SQL injection vulnerabilities in web applications, using REST-JSON API of SQLMap, but from a friendlier and more well-known graphic environment, such as that of the FOCA.

The following video shows you how to download and utilise the SQLI plugin in FOCA, taking into account that previously you must download and install SQLMap on your computer to launch the scans from there.


If you prefer or you have installed SQLMap on another computer, you can also select "Remote Server API" and connect from the FOCA OpenSource to launch scans remotely

As if that was not enough, we have also created another new haveibeenpwned plugin for Foca which interacts through the https://haveibeenpwned.com/ APIs and with http://hesidohackeado.es/. In this way, the email addresses which you find whilst analyzing the metadata with FOCA OpenSource, can be directly consulted from the application against those two data bases. Likewise, if you have a file with an address list which you want to verify, you can do it directly from this plugin. The following video shows how it works.


Finally, we have released the source code for PluginApi.dll, in charge of communicating the plugins with FOCA, providing different options to make the most of the results of the analyses of which we carry out.

Remember that if you want to add new plugins, we have provided several examples that contain everything you need to develop a new one. All of this is available in our FOCA market, where you are welcome to participate with your proposals.




Claudio Caracciolo
Team Leader of the CSA and the Bs. As. Research Office at ElevenPaths
Innovation and Laboratory

No comments:

Post a Comment