Skip to main content

Interactive pentest toolkit for Bubble.io applications

Project description

bubblepwn

Offensive security toolkit for Bubble.io applications — 12 modules covering reconnaissance, configuration audit, and data extraction, driven from a single interactive CLI. Includes a working implementation of the Elasticsearch crypto bypass publicly disclosed in April 2025.

Author: @Siin0pe · License: MIT

Features

Reconnaissance (read-only, passive)

  • fingerprint — detect Bubble.io, extract appname, session tokens, API keys, CDN/infra
  • plugins — enumerate Bubble plugins (first-party + marketplace), optionally enrich from the Bubble plugin store
  • datatypes — list every custom data type and its fields from static.js + /init/data
  • pages — enumerate Bubble pages via wordlist (live + /version-test/)
  • elements — rebuild the UI element tree from dynamic.js
  • secrets — scan HTML + bundles for tokens, API keys, URL secrets; verify exposed Google keys

Audit (active, read-only probing)

  • config-audit — security headers, public-editor check, live vs /version-test/ diff
  • plugin-audit — flag deprecated / leak-prone plugins, detect third-party data-leak hosts
  • api-probe — map the Data API and Workflow API surface (meta, obj, wf, swagger)
  • files — enumerate S3/CDN URLs, test anon access, probe /fileupload, optional type-fuzz

Exploit

  • es-audit — Elasticsearch crypto bypass: probe, analyze, dump, forge, encrypt/decrypt
  • workflows — audit workflow API, detect anon-reachable and temp-password-leaking workflows

Reporting

  • One Context collects findings across every module
  • Export as Markdown, HTML, or JSON from a single report command
  • Optional --checkpoint snapshots after each step

Install

Requires Python 3.11+.

pipx install bubblepwn

Verify:

bubblepwn --version
bubblepwn modules

Reports and dumps land under ./out/ by default, so run bubblepwn from the directory you want the artefacts written to.

Usage

Three paths, from simplest to most complete.

1. Quick fingerprint

Single module, one-shot, no state to manage. Good for confirming a target is a Bubble.io app and grabbing the appname, session tokens, keys, and infra:

bubblepwn run fingerprint https://app.example.com

2. Full audit + report

Run every module (recon → audit → exploit) in the right order and export a structured report:

bubblepwn flow full https://app.example.com --export out/report.html

.md, .html, and .json are all supported — the extension picks the format. Add --open to pop the report in your browser when the flow finishes.

Shorter variants:

bubblepwn flow recon   https://app.example.com    # passive only
bubblepwn flow audit   https://app.example.com    # + active probing
bubblepwn flow crypto  https://app.example.com    # ES bypass end-to-end
bubblepwn report       https://app.example.com out/report.html   # alias for `flow full --export`

3. Interactive shell

For iterative work — pick modules, inspect findings, export at the end:

bubblepwn                                  # launches the REPL
bubblepwn ❯ target https://app.example.com
bubblepwn ❯ session load session.json          # optional, authenticated session
bubblepwn ❯ modules                             # list modules by phase
bubblepwn ❯ help es-audit                       # module-specific help
bubblepwn ❯ flow recon                          # chain modules
bubblepwn ❯ run es-audit analyze --field-leak   # single module with flags
bubblepwn ❯ findings                            # review what was captured
bubblepwn ❯ report out/session.html

Tab-completion works on commands, modules, and targets. History persists to ~/.bubblepwn_history.

Flow presets

Preset Chain
recon fingerprint → plugins → pages → datatypes → elements → secrets
audit fingerprint → plugins → config-audit → plugin-audit → api-probe → files (enumerate / test-public / upload-probe)
crypto fingerprint → datatypes → es-audit probe → es-audit analyze --field-leak
exploit fingerprint → datatypes → es-audit analyze → workflows analyze
full recon + audit + exploit (deduplicated)

Every preset accepts --export <path>, --open, and --checkpoint.

Environment

Variable Effect
BUBBLEPWN_LOCAL_DUMP=<dir> Offline mode. HTTP fetches fall back to files in that directory when a matching path exists. Useful for regression tests against a cached mirror.
BUBBLEPWN_CACHE_DIR=<dir> Override the default bundle cache location (~/.cache/bubblepwn/bundles).
BUBBLEPWN_NO_UPDATE_CHECK=1 Disable the passive PyPI update check at startup (also auto-skipped when stdout is not a TTY).

Documentation

Elasticsearch crypto bypass

Short version: every Bubble SPA encrypts its Elasticsearch requests into a three-part envelope {x, y, z} before sending them, but the entire derivation hinges on a value every client receives in plaintext — the appname slug. The scheme was reverse-engineered and published in April 2025 by Lucca & Pedro (demon-i386/pop_n_bubble, GBHackers coverage).

  • Cipher: AES-256-CBC + PKCS7
  • KDF: PBKDF2-HMAC-MD5 with 7 iterations, appname as salt
  • Constant IV seeds po9 / fl1, identical across every Bubble app
  • No authentication on the endpoint itself — Bubble has not issued a patch

bubblepwn re-implements the primitives from scratch (no upstream code) and exposes them through es-audit: probe, analyze, dumpone, dumpall, query, encrypt, decrypt. See docs/crypto.md for the full protocol spec and docs/modules.md#es-audit for the subcommand reference.

Contributing

Ideas, bug reports, and new modules are very welcome.

  • Bug reports / feature requests: open an issue with the (anonymised) target context, the command you ran, and the output.
  • New modules: follow the short guide in docs/architecture.md. Anything dropped into bubblepwn/modules/ is auto-discovered.
  • Pull requests: keep them focused, match existing patterns, and add a one-line entry to the relevant docs/*.md when user-visible.

The project is intentionally small — reading three or four modules is enough to get the conventions.

Disclaimer & authorized use

bubblepwn is an offensive security research tool. Running it implies acceptance of the terms below.

  • Authorized testing only. Use bubblepwn only against systems you own or that you have prior written authorization to test (formal engagement, bug-bounty scope, CTF, training lab).
  • Unauthorized use is prohibited and is the sole responsibility of the end user. The author accepts no liability for it.
  • Public disclosure. The Elasticsearch bypass targets a Bubble.io flaw that was publicly disclosed in April 2025 by Lucca & Pedro; this project re-implements the primitives from the public specification independently.
  • No affiliation. bubblepwn is not affiliated with, endorsed by, or sponsored by Bubble Group, Inc.
  • No warranty. Software provided "as is" per the MIT LICENSE.

Responsible disclosure

  • Vulnerability in a Bubble.io app you discover with this tool: report it privately to the application owner with a reasonable fix window (typically 90 days) before any public disclosure.

Credits

  • Tool design and implementation: @Siin0pe.
  • Cryptographic scheme research: Pablo and Lucca, published April 2025 via demon-i386/pop_n_bubble with coverage from GBHackers, Cyberpress, SecurityOnline, and TechNADU. bubblepwn re-implements the primitives independently and wraps them in eleven additional modules covering the rest of the Bubble.io attack surface.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

bubblepwn-0.2.21.tar.gz (122.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

bubblepwn-0.2.21-py3-none-any.whl (132.5 kB view details)

Uploaded Python 3

File details

Details for the file bubblepwn-0.2.21.tar.gz.

File metadata

  • Download URL: bubblepwn-0.2.21.tar.gz
  • Upload date:
  • Size: 122.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for bubblepwn-0.2.21.tar.gz
Algorithm Hash digest
SHA256 2bed7a391267bcb87794970eaa5a5bd43dae82fe87b3b2e347a388f8a1042864
MD5 7e5b2c49d390cb3ec5d569dc73570898
BLAKE2b-256 d395627cc3f97c54fa6c3785cbc049f77106c13b3f433d782db865b1b1668828

See more details on using hashes here.

Provenance

The following attestation bundles were made for bubblepwn-0.2.21.tar.gz:

Publisher: publish.yml on Siin0pe/bubblepwn

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file bubblepwn-0.2.21-py3-none-any.whl.

File metadata

  • Download URL: bubblepwn-0.2.21-py3-none-any.whl
  • Upload date:
  • Size: 132.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for bubblepwn-0.2.21-py3-none-any.whl
Algorithm Hash digest
SHA256 494dd868ff7a1c1257e40e07add7f8a6b96ad4a6f0064342cf423c313a4529d8
MD5 59e8e067ac9b6af701c4e1e4cb49b7a7
BLAKE2b-256 a9b6757d2470a2964b0c5d3217c70ad4f1fd829ecd2e4249564914913470d855

See more details on using hashes here.

Provenance

The following attestation bundles were made for bubblepwn-0.2.21-py3-none-any.whl:

Publisher: publish.yml on Siin0pe/bubblepwn

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page