Skip to main content

一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏

Project description

Dump all

dumpall是一款信息泄漏/源代码泄漏利用工具,适用于以下场景:

  • .git源代码泄漏
  • .svn源代码泄漏
  • .DS_Store信息泄漏

特点

  • 支持多种泄漏情况利用
  • 请求失败时自动重发请求
  • 基于Python3,使用asyncio
  • 多进程+多协程,速度超快

在macOS下的Python 3.7中测试通过,建议使用Python 3.7+

Quickstart

# pip安装
pip install dumpall
# 查看版本
dumpall --version
# 手动下载使用
git clone https://github.com/0xHJK/dumpall
cd dumpall
查看版本
python3 dumpall.py --version
# 下载文件(源代码)
dumpall -u <url> [-o <outdir>]

# 示例
dumpall -u http://example.com/.git/
dumpall -u http://example.com/.svn/
dumpall -u http://example.com/.DS_Store

参数说明

Options:
  --version          Show the version and exit.
  -u, --url TEXT     指定目标URL,支持.git/.svn/.DS_Store
  -o, --outdir TEXT  指定保存目录,默认目录名为主机名
  --help             Show this message and exit.

.git源代码泄漏利用

0xHJK dumpall gitdumper

.svn源代码泄漏利用

0xHJK dumpall svndumper

Credit

本项目参考或使用了以下项目,在此感谢相关开发者

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dumpall-0.1.0.tar.gz (7.9 kB view hashes)

Uploaded Source

Built Distribution

dumpall-0.1.0-py3-none-any.whl (11.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page