Hacking/Security
Published in

Hacking/Security

How to install (and use) BBRF

First, you need to Install Couch DB with SSL.

Next step is creating the database and an user/password pair. You need to set your domain, admin password and the user (bbrf) password in this script.

Careful using special characters in the password value.

Download the config script using the following command:

> wget https://gist.githubusercontent.com/pdelteil/ba005609789ae14862f023da4191826d/raw/29b05bade330a5bd4c28cba19d33475d3c618b52/configbbrf.sh

2. Open configbbrf.sh and edit PASS_ADMIN and USER_ADMIN values.

3. Set execution privileges to script

chmod +x configbbrf.sh

4. Run the script and pray to your God/s or Goddess/es.

./configbbrf.sh 

The output should be (if all outputs are true you are very lucky):

> ./createdb.sh 
{"ok":true}
{"ok":true,"id":"org.couchdb.user:bbrf","rev":"1-f9812f073762cbXXXX72e2cb3a"}
{"ok":true}
{"ok":true}
{"ok":true,"id":"_design/bbrf","rev":"1-efe335e4XXXXXb2ee68ddffa"}
"https://bbrf.me"

Test the Dashboard

To test the dashboard you need to go to this URL, fill the values:

If it doesn't load check the browsers console, you might get a CORS error. Also try doing a F5 on the dashboard.

Installing the client

pip install bbrf 

Test that it worked

> bbrf -v
1.1.10

In some occasions you might find this error:

bbrf command not found 

The error is due to the path $HOME/.local/bin not correctly added to the PATH variable. Try:

source .bashrc 

If the problem persists just add this line to the end of your .bashrc file. (Don't forget to source .bashrc)

export PATH="$HOME/.local/bin:$PATH"

Configure the client

Now we need to create the config file:

mkdir ~/.bbrfcat > ~/.bbrf/config.json << EOF
{
"username": "bbrf",
"password": "your_password",
"couchdb": "https://<your-bbrf-server>/bbrf",
"slack_token": "<a slack token to receive notifications>",
"discord_webhook": "<your discord webhook if you want one>",
"ignore_ssl_errors": true
}
EOF

Testing it

Let's see if everything is working correctly, run this command:

bbrf programs 

If everything is OK you will receive an empty message.

Let's create a program (using tags with the -t flag)

> bbrf new "Fintual" -t reward:money -t site:self -t url:https://fintual.com
/security-policy.txt
-t android:true -t recon:true

The tags will help me to categorize the programs according to reward type, type of program [hackerOne, BugCrowd, Self hosted, etc], if the program has mobile apps and with the URL tag is easy to go to the program definition to find information to send the report or program details.

Now let's define the IN Scope and OUT Scope:

bbrf inscope add *.fintual.com *.fintual.cl *.fintual.co 

Similarly

bbrf outscope add *.fintualist.com  

Let's check the program now:

> bbrf show Fintual{"_id":"Fintual","_rev":"3-1e23e3fbd2c7bfce9aae56e9c8b4b9c7","type":"program","disabled":false,"passive_only":false,"inscope":["*.fintual.com","*.fintual.cl","*.fintual.co"],"outscope":["*.fintualist.com"],"tags":{"reward":"money","site":"self","url":"https://fintual.com/security-policy.txt","android":"true","recon":"true"}}

But still we don't have any domains nor URLs. Let's add them:

For the first step you new subfinder installed and configured:

bbrf scope in|subfinder -t 60 -silent |bbrf domain add - -s subfinder --show-new

For the second method you need assetfinder:

bbrf scope in|assetfinder|bbrf domain add - -s assetfinder --show-new

Notice that I'm using the -s flag to store the 'source' of the domains.

Now, let's add some URLs.

You need httpx installed:

bbrf domains|httpx -silent -threads 100 |bbrf url add - -s httpx --show-new

For this one you need httprobe installed:

bbrf domains|httprobe -c 50 -prefer-https |bbrf url add - -s httprobe --show-new

Let's count the data we gather for this program:

# of domains

bbrf domains -p Fintual | wc -l 
5580

# of URLs

bbrf urls -p Fintual | wc -l 
258

That's the basic use of BBRF.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store