Skip to content

Commit 012fbf7

Browse files
committed
First commit
1 parent 942dce1 commit 012fbf7

File tree

8 files changed

+324
-0
lines changed

8 files changed

+324
-0
lines changed

README.md

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
# debugHunter - Chrome Extension
2+
3+
<p align="center">
4+
<img src="https://i.imgur.com/QEUUM9w.png" width="600" height="150" >
5+
</p>
6+
7+
[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/devploit/dontgo403/issues)
8+
9+
Discover hidden debugging parameters and uncover web application secrets with debugHunter, your ultimate web exploration companion. This Chrome extension intelligently scans websites for debugging parameters and notifies you when it finds a URL with modified responses.
10+
11+
## Features
12+
13+
- Automatically detects URLs with modified responses due to debugging parameters
14+
- Displays a list of URLs with modified responses for easy access
15+
16+
## Installation
17+
18+
### Option 1: Clone the repository
19+
20+
1. Download or clone this repository to your local machine.
21+
2. Open Google Chrome, and go to `chrome://extensions/`.
22+
3. Enable "Developer mode" in the top right corner if it's not already enabled.
23+
4. Click the "Load unpacked" button on the top left corner.
24+
5. Navigate to the directory where you downloaded or cloned the repository, and select the folder.
25+
6. The debugHunter extension should now be installed and ready to use.
26+
27+
### Option 2: Download the release (.zip)
28+
29+
1. Download the latest release `.zip` file from the "Releases" section of this repository.
30+
2. Extract the contents of the `.zip` file to a folder on your local machine.
31+
3. Open Google Chrome, and go to `chrome://extensions/`.
32+
4. Enable "Developer mode" in the top right corner if it's not already enabled.
33+
5. Click the "Load unpacked" button on the top left corner.
34+
6. Navigate to the directory where you extracted the `.zip` file, and select the folder.
35+
7. The debugHunter extension should now be installed and ready to use.
36+
37+
## Usage
38+
39+
It is recommended to pin the extension to the toolbar to check if a new URL is found.
40+
1. Navigate to any website.
41+
2. Click on the debugHunter extension icon in the Chrome toolbar.
42+
3. If the extension detects any URLs with modified responses due to debugging parameters, they will be listed in the popup.
43+
4. Click on any URL in the list to open it in a new tab.
44+
5. To clear the list, click on the trash can icon in the top right corner of the popup.
45+
46+
## Contributing
47+
48+
We welcome contributions! Please feel free to submit pull requests or open issues to improve debugHunter.
49+
50+
## License
51+
52+
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.

background.js

Lines changed: 128 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,128 @@
1+
// List of query parameters to append
2+
const queryParams = [
3+
{ key: "_debug", value: "1" },
4+
{ key: "test", value: "1" },
5+
{ key: "admin", value: "1" },
6+
{ key: "debug", value: "1" },
7+
{ key: "env", value: "pre" },
8+
{ key: "env", value: "debug" },
9+
{ key: "dev", value: "1" },
10+
{ key: "staging", value: "1" },
11+
{ key: "console", value: "1" },
12+
{ key: "trace", value: "1" },
13+
{ key: "log", value: "1" },
14+
{ key: "verbose", value: "1" },
15+
{ key: "diagnostic", value: "1" },
16+
{ key: "mode", value: "debug" },
17+
{ key: "profiler", value: "1" },
18+
{ key: "debug_mode", value: "1" },
19+
{ key: "debuglevel", value: "1" },
20+
{ key: "error_reporting", value: "1" },
21+
{ key: "show_errors", value: "1" },
22+
{ key: "performance", value: "1" },
23+
{ key: "sandbox", value: "1" },
24+
{ key: "beta", value: "1" },
25+
{ key: "qa", value: "1" },
26+
{ key: "dev_mode", value: "1" },
27+
{ key: "validate", value: "1" },
28+
{ key: "analysis", value: "1" },
29+
{ key: "experiment", value: "1" },
30+
{ key: "test_mode", value: "1" },
31+
{ key: "debug_flag", value: "1" },
32+
{ key: "development", value: "1" },
33+
{ key: "debuginfo", value: "1" },
34+
{ key: "monitoring", value: "1" },
35+
{ key: "internal", value: "1" },
36+
{ key: "debug_status", value: "1" },
37+
{ key: "debug_output", value: "1" },
38+
{ key: "testing", value: "1" },
39+
];
40+
41+
// Counter for the number of modified URLs
42+
let count = 0;
43+
44+
// Function to increment the counter and update the badge text
45+
function incrementCount() {
46+
count += 1;
47+
chrome.browserAction.setBadgeText({ text: count.toString() });
48+
chrome.browserAction.setBadgeBackgroundColor({ color: 'red' });
49+
}
50+
51+
// Function to append a specific query parameter to a URL
52+
function appendQueryParam(url, param) {
53+
const urlObj = new URL(url);
54+
urlObj.searchParams.set(param.key, param.value);
55+
return urlObj.href;
56+
}
57+
58+
// Store modified URLs
59+
const modifiedUrls = new Set();
60+
61+
// Function to add a modified URL
62+
function addModifiedUrl(url) {
63+
modifiedUrls.add(url);
64+
incrementCount(); // Increment the counter and update the badge text when a new URL is added
65+
}
66+
67+
// Function to get modified URLs
68+
function getModifiedUrls() {
69+
return Array.from(modifiedUrls);
70+
}
71+
72+
// Function to clear modified URLs
73+
function clearModifiedUrls() {
74+
modifiedUrls.clear();
75+
count = 0; // Reset the counter when the modified URLs are cleared
76+
chrome.browserAction.setBadgeText({ text: '' }); // Clear the badge text
77+
}
78+
79+
// Expose getModifiedUrls and clearModifiedUrls functions to popup
80+
window.getModifiedUrls = getModifiedUrls;
81+
window.clearModifiedUrls = clearModifiedUrls;
82+
83+
// Function to check if two responses are meaningfully different
84+
function isDifferentResponse(originalText, modifiedText) {
85+
// Calculate the similarity between the two responses
86+
const similarity = stringSimilarity.compareTwoStrings(originalText, modifiedText);
87+
88+
// Set a threshold for similarity; responses with similarity below this threshold are considered different
89+
const similarityThreshold = 0.90;
90+
91+
// Return true if the similarity is below the threshold
92+
return similarity < similarityThreshold;
93+
}
94+
95+
// Function to fetch URL and compare responses with and without each parameter
96+
async function checkUrlWithParameters(url) {
97+
const originalResponse = await fetch(url);
98+
const originalText = await originalResponse.text();
99+
100+
// Check all parameters combined
101+
const combinedUrl = queryParams.reduce((currentUrl, param) => {
102+
return appendQueryParam(currentUrl, param);
103+
}, url);
104+
105+
const combinedResponse = await fetch(combinedUrl);
106+
const combinedText = await combinedResponse.text();
107+
108+
if (isDifferentResponse(originalText, combinedText)) {
109+
// Check each parameter individually
110+
for (const param of queryParams) {
111+
const modifiedUrl = appendQueryParam(url, param);
112+
const modifiedResponse = await fetch(modifiedUrl);
113+
const modifiedText = await modifiedResponse.text();
114+
115+
if (isDifferentResponse(originalText, modifiedText)) {
116+
addModifiedUrl(modifiedUrl);
117+
}
118+
}
119+
}
120+
}
121+
122+
// Listen for tab updates to perform background checks
123+
chrome.tabs.onUpdated.addListener(async (tabId, changeInfo, tab) => {
124+
if (changeInfo.status === "complete") {
125+
checkUrlWithParameters(tab.url);
126+
}
127+
});
128+

images/banner.png

81.2 KB
Loading

images/icon.png

30.2 KB
Loading

manifest.json

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
{
2+
"manifest_version": 2,
3+
"name": "debugHunter",
4+
"version": "1.0",
5+
"description": "Discover hidden debugging parameters and uncover web application traces.",
6+
"icons": {
7+
"48": "images/icon.png"
8+
},
9+
"permissions": [
10+
"webRequest",
11+
"webRequestBlocking",
12+
"<all_urls>"
13+
],
14+
"background": {
15+
"scripts": ["similarity.min.js", "background.js"],
16+
"persistent": true
17+
},
18+
"browser_action": {
19+
"default_icon": "images/icon.png",
20+
"default_popup": "popup.html"
21+
}
22+
}
23+

popup.html

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
<!DOCTYPE html>
2+
<html>
3+
<head>
4+
<meta charset="UTF-8">
5+
<link href="https://fonts.googleapis.com/css?family=Anonymous+Pro&display=swap" rel="stylesheet" />
6+
<style>
7+
body {
8+
font-family: "Anonymous Pro", monospace;
9+
background-color: #585858;
10+
color: white;
11+
width: 500px;
12+
max-height: 2000px;
13+
padding: 15px;
14+
}
15+
16+
h2 {
17+
font-size: 14px;
18+
margin-bottom: 12px;
19+
margin-top: 50px;
20+
}
21+
22+
a {
23+
color: white;
24+
text-decoration: none;
25+
}
26+
27+
a:hover {
28+
text-decoration: underline;
29+
}
30+
31+
ul {
32+
list-style-type: none;
33+
padding: 0;
34+
}
35+
36+
li {
37+
background-color: #333;
38+
margin-bottom: 5px;
39+
padding: 5px;
40+
border-radius: 3px;
41+
}
42+
43+
button {
44+
background-color: rgb(130, 0, 0);
45+
font-family: "Anonymous Pro", monospace;
46+
border: none;
47+
color: white;
48+
padding: 5px 10px;
49+
text-align: center;
50+
text-decoration: none;
51+
display: inline-block;
52+
font-size: 12px;
53+
margin: 5px 2px;
54+
cursor: pointer;
55+
border-radius: 2px;
56+
}
57+
58+
button:hover {
59+
background-color: #555;
60+
}
61+
62+
.banner {
63+
position: absolute;
64+
top: 15px;
65+
left: 20px;
66+
}
67+
68+
.info-container {
69+
position: absolute;
70+
top: 20px;
71+
right: 20px;
72+
}
73+
74+
#info-icon {
75+
font-size: 18px;
76+
color: rgb(255, 255, 255);
77+
text-decoration: none;
78+
}
79+
</style>
80+
</head>
81+
<body>
82+
<div class="banner"><img src="images/banner.png" width="150" height="40" ></div>
83+
<div class="info-container"><a href="#" id="info-icon">ℹ️</a></div>
84+
<div class="window">
85+
<h2>Modified Response URLs</h2>
86+
<ul id="modifiedUrls"></ul>
87+
<button id="clearUrls">Clear URLs</button>
88+
<script src="popup.js"></script>
89+
</div>
90+
</body>
91+
</html>

popup.js

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
function updateModifiedUrlsList() {
2+
const modifiedUrls = chrome.extension.getBackgroundPage().getModifiedUrls();
3+
const list = document.getElementById("modifiedUrls");
4+
5+
list.innerHTML = "";
6+
7+
for (const url of modifiedUrls) {
8+
const listItem = document.createElement("li");
9+
const link = document.createElement("a");
10+
11+
link.href = url;
12+
link.target = "_blank";
13+
link.textContent = url;
14+
15+
listItem.appendChild(link);
16+
list.appendChild(listItem);
17+
}
18+
}
19+
20+
document.addEventListener("DOMContentLoaded", updateModifiedUrlsList);
21+
22+
document.getElementById("clearUrls").addEventListener("click", () => {
23+
chrome.extension.getBackgroundPage().clearModifiedUrls();
24+
updateModifiedUrlsList();
25+
});
26+
27+
document.getElementById('info-icon').addEventListener('click', () => {
28+
chrome.tabs.create({ url: 'https://github.com/devploit/debugHunter' });
29+
});

similarity.min.js

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)