Enumerate Firebase Databases
- Search for firebase references in the code.
-
Download firebaseEnum and run it:
python3 firebaseEnum.py -k app_name -
If the tool doesn't find anything, try to guess the
subdomain with curl:
https://subdomain.firebaseio.com -
Try the console firebase url to see if it is password
protected. Also check /.json (e.g.
https://subdomain.firebaseio.com/json). If both are protected, enumerate for directories and try them with ./json as well. Note: Some paths might require authorization.