.png)
4 years ago
167 BOOK THIS SPACE FOR AD
ARTICLE ADOk, I have not been concrete yet, what is webpaste doing? It basically consists of saving your Dorking results on the terminal. Said in this manner, it does not sound cool as in the introduction, right? However, before skipping this article, you definitely have to try it out.
I discovered this tool in a Nahamcon video on Yt(Minute 12.45), and since then I have been using it a lot.
Instead of saving all the URLs manually after Dorking, you can use webpaste, it will save them for you! Haven’t this tool caught your attention yet? Let me tell you this tool is fully customizable, you can adapt it for Google Dorking, Github Dorking, etc …
This tool was not designed to be publicized on Github(I guess), so Tom did not make the installation really straightforward. However, I will be teaching you how to install webpaste pretty easily.
Clone the repoSet up webpaste on TerminalSet up the chrome extensionUse webpasteFor first, we need to clone the hacks repo:
git clone https://github.com/tomnomnom/hacksNow, go to webpaste directory( hacks/webpaste), and execute: go build . This will create the webpaste binary.
Now, we need to add something to the bash configuration file:
alias webpaste='webpaste direcory here'export WEBPASTE_TOKEN=iloveweb
Here we are creating an alias for the webpaste binary, and then we are exporting the token.
Update your bash configs: source .bashrc or source .bash_profile on macOS.
Now we need to install the Chrome extension. Open chrome://extensions/ on Chrome, if you haven’t yet, enable developer mode. Now click Load Unpacked on the top left, and select the extension folder in webpaste’s folder
The extension is now loaded, however, it won’t work for now … Right-click on the extension, and then options. You will see something looking like this:
Now, as in the screenshot, you have to enter the iloveweb token in the Token filed. Now we have to add some snippets, for example for Google and Github Dorking. Click on add snippet, and fill the parameters like this:
Name >>> Google URLsCode (should return an array of strings): >>> [...document.querySelectorAll('div.r>a:first-child')].map(n=>n.href)On Success (code to run after data has been sent):>>>document.location=document.querySelectorAll('a#pnnext')[0].href;Now save snippet. To create the Github snippet, click again on add snippet, and fill the parameters like this:
Name >>> GitHub Code ResultsCode (should return an array of strings): >>>[...document.querySelectorAll('#code_search_results a.text-bold')].map(n=>n.href)On Success (code to run after data has been sent):>>>document.location=document.querySelectorAll('a.next_page')[0].href;Ok so this is the flow, you can also add Yandex for example:
Name >>> YandexCode (should return an array of strings): >>>[...document.querySelectorAll('div.organic__path a.link[href]')].map(el => el.href)On Success (code to run after data has been sent):>>>document.location=document.querySelector('a.pager__item_kind_next').hrefAs you can see you can set up your own snippets by inspecting elements and taking inspiration from the default ones.
The options tab should sook similar to this:
Enough set-up, it is time to see webpaste in action.
After saving your configuration, go back to the terminal and simply type: webpaste (I assume you have edited the bash configs as I told you before). Now, go to chrome and search on Google for example:
site:google.com ext:phpNow, click on the webpaste icon on chrome, and click Google URLs. This will take you to the next results page, and on the terminal, you will see all the URLs that were in the search results. To see it in action before installing it, I suggest you watch this video at minute 12.45:
Bengali (Bangladesh) · 
English (United States) ·