├── icon.png
├── popup.html
├── popup.js
├── manifest.json
├── README.md
└── req.js


/icon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/5alt/ZeroLeak/master/icon.png


--------------------------------------------------------------------------------
/popup.html:
--------------------------------------------------------------------------------
1 | <script src="popup.js"></script>
2 | <!-- by md5_salt -->


--------------------------------------------------------------------------------
/popup.js:
--------------------------------------------------------------------------------
1 | //by md5_salt
2 | document.addEventListener('DOMContentLoaded', function() {
3 |   chrome.tabs.executeScript(null, {file: "req.js"});
4 | });
5 | 


--------------------------------------------------------------------------------
/manifest.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "manifest_version": 2,
 3 | 
 4 |   "name": "ZeroLeak 0.1",
 5 |   "description": "ZeroLeak",
 6 |   "version": "0.1",
 7 |   "author": "md5_salt",
 8 | 
 9 |   "browser_action": {
10 |     "default_icon": "icon.png",
11 |     "default_popup": "popup.html"
12 |   },
13 |   "permissions": [
14 |     "http://*/*",
15 |     "https://*/*"
16 |   ]
17 | }
18 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | #ZeroLeak
 2 | ZeroLeak is a Chrome extension to check sensitive files.
 3 | 
 4 | check for backup file:
 5 | 
 6 | * web.(zip|rar|tar.gz...)
 7 | * wwwroot.(zip|rar|tar.gz...)
 8 | * %hostname%.(zip|rar|tar.gz...)
 9 | 
10 | recursively check(depth is 3):
11 | 
12 | * .svn/entries
13 | * .git/config
14 | * robots.txt
15 | * .DS_Store
16 | * %folder%.(zip|rar|tar.gz...)
17 | 
18 | You need to pack it yourself.
19 | 


--------------------------------------------------------------------------------
/req.js:
--------------------------------------------------------------------------------
 1 | //by md5_salt
 2 | function isEffective(url) {
 3 |    try {
 4 |      var xmlhttp;
 5 |      if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari
 6 |        xmlhttp = new XMLHttpRequest();
 7 |      } else { // code for IE6, IE5
 8 |        xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
 9 |      }
10 |      xmlhttp.open("get", url, false);
11 |      xmlhttp.send();
12 |      if (xmlhttp.status/100 == 2) {//2xx
13 |        return true;
14 |      } else {
15 |        return false;
16 |      }
17 |    } catch (e) {
18 |      return false;
19 |    }
20 |  }
21 | 
22 | path = window.location.pathname
23 | base_url = window.location.href.slice(0,window.location.href.indexOf(window.location.hostname)+window.location.hostname.length) + '/'
24 | 
25 | package_ext = new Array('.rar', '.zip', '.tar', '.tar.gz', '.tgz')
26 | backup_filename = new Array('web', 'wwwroot', window.location.hostname)
27 | recursive_check_list = new Array('.svn/entries', '.git/config', 'robots.txt', '.DS_Store')
28 | 
29 | urls = Array('/server-status', '/jmx-console/', '/sub/.%252e/jmx-console')
30 | 
31 | for(p in package_ext){
32 |   for(b in backup_filename){
33 |     urls.push(base_url + backup_filename[b] + package_ext[p])
34 |   }
35 | }
36 | 
37 | paths_full = window.location.pathname.split('/')
38 | for(i=1; i<paths_full.length; i++){
39 |   paths_full[i] = paths_full[i-1] + '/' + paths_full[i]
40 | }
41 | paths_full.pop()
42 | 
43 | paths_part = window.location.pathname.split('/')
44 | 
45 | for( p=0; p< (paths_full.length >3 ? 3: paths_full.length); p++){
46 |   for (l in recursive_check_list){
47 |     urls.push(base_url + paths_full[p] + '/' + recursive_check_list[l]) 
48 |   }
49 |   if(paths_full[p]){
50 |     for(ext in package_ext){
51 |       urls.push(base_url + paths_full[p] + '/' + paths_part[p] + package_ext[ext])
52 |     } 
53 |   }
54 | }
55 | 
56 | document.open();
57 | document.clear();
58 | document.close();
59 | 
60 | result = document.createElement("div")
61 | result.setAttribute('id', 'result')
62 | document.body.appendChild(result)
63 | 
64 | for(u in urls){
65 |   if(isEffective(urls[u])){
66 |       p = document.createElement("p");
67 |       node = document.createElement("a")
68 |       node.innerHTML = urls[u]
69 |       node.setAttribute('href', urls[u])
70 |       node.setAttribute('target', '_blank')
71 |       p.appendChild(node)
72 |       document.getElementById('result').appendChild(p)
73 |   }
74 | }
75 | alert(window.location.hostname+' done!')
76 | 
77 | 
78 | 


--------------------------------------------------------------------------------