ofarukcaki / dataleaks Goto Github PK

View Code? Open in Web Editor NEW

151.0 8.0 51.0 6.53 MB

Leakedsource like "Data Breach Search Engine" with cool Material UI

PHP 82.46% CSS 11.58% JavaScript 0.40% TSQL 5.56%

data-breaches database dataleaks leakedsource

dataleaks's Introduction

Data Breach Search Engine

Read the announcement

I developed this website once and decided to open source it.

Features

Search data by email, password, ip address, etc.
Subscription based user system (Only subscribed members can view the whole data)
Cookie based Referral system see*
PHP (backend)
SQL (database)
Materialize (front-end)

Screnshoots

Main Page(visitor)
Data Search Example
Login/Register
Referral System
Others

Requirements

PHP 7.x
MySQL
PHP PDO extension

Install

First, clone the repo to your server's main directory. Or download the zip and extract

git clone https://github.com/ofarukcaki/dataleaks.git

Enter necessary database credentials:

There are 2 databases, one for data breaches and other for users' data.

./config.php line:2: -> Database settings for data breaches

create a database and enter your credentials, this will be the database which stores the datas(aka breaches). Import the exampleSite_com.sql file located on /databases/ folder to your database and use the same format for your next tables.

$db = new PDO('mysql:host=<HOST_IP>;dbname=<DATABASE_NAME>','<DB_USER_NAME>','<DB_PASSWORD>');

./connection.php line2: Authentication database

Create a "auth" database and enter credentials on connection.php file. This database is for authentication and user related stuff. aAfter creating the database import the sample users.sql file located on /databases/users.sql and use the same structure.

$db_site = new PDO('mysql:host=localhost;dbname=auth','root','');

F.A.Q

How do I import new databases?

You can simply create new tables under dataleaks database, every unique table represents databases -breaches-

I imported the sample table but when I make a search there is no results?

Searching is case sensitive. If your data on your table is "User123" and you can searhc for "user123" there will be no result show up

Can I import new breaches usin admin panel?

There is no admin panel or so. This requires a basic sql knowledge. You can import using cli interface of mysql or use tools like navicat.

I receive an error and its not working?

Check the requirements again on top of this page

I need help/ I have aquestion?

Create an issue here. So others may help

This repository isn't maintained and I won't provide any support from now on. If you read everything carefully I explained how to install it, you won't face any problems if you do everything as should be.

And please do not send me an email related to support. Create an issue here instead, that also doesn't mean I'll take care of them

Logo by @omergulen.
Dataleaks logo can not be used for neither commercial or personal.

Disclaimer

Use this script for legal purposes only.

dataleaks's People

Contributors

Stargazers

Watchers

dataleaks's Issues

Database adding

Well I got users to work but how do I add database leaks?
do need one table as
username>email>password>ip
or something?

Good but vulnerable to SQL injection.

Hello there !

This is a good project but its vulnerable to SQL Injection, be careful !!! (' OR '1'='1)

Add badges

Add badges on top of the readme file for php, MySql and materialize

If I import tables that are missing columns that other tables have, for example I import a table with only emails and passwords but no usernames, if I try to search for a username the page crashes. How can I resolve this? What would I need to change and how?

No databases

You forgot to add the databases to add databases, and login

not very smart

not a good idea uploading to github, this can be used for very bad purposes :/
just pray @github doesn't crack down on this repo :kek:

XSS spotted

Hey to every people who want to use this project, and to creator (great project)

I spotted some XSS on the Data Result, not a big vuln because it's pretty rare to have that type of username, but should be fixed. It happend when the database contains some code that can be executed.

Vulnerability Preview

How to fix ?

Simply use htmlspecialchars() or htmlentities() on the result variable $value like below.

This fix is the simplest, i also suggest to block any special characters in the search field.

Fatal error: Uncaught Error: Call to a member function fetchALL() on bool in C:\xampp\htdocs\test\index.php:127 Stack trace: #0 {main} thrown in C:\xampp\htdocs\test\index.php on line 127

Please help, been stuck for hours.

Generally can't log-in or sign-up or search, db imported perfectly & credentials work.

help

unable to login and register also unable to save in DB