Skip to main content

A pure python implemented .git/ folder disclosure exploit

Project description

https://badge.fury.io/gh/owenchia%2Fgithack.svg https://travis-ci.com/OwenChia/githack.svg?branch=master https://badge.fury.io/py/githack.svg PyPI - Python Version GitHub

Basically it an py3k version with own implemented Git objects parser for GitHack:

GitHack is a `.git` folder disclosure exploit.

Why another git dumper tool?

  • python 3.6+ support
  • pure-Python implementation without third-party dependencies
  • git database crawling support
  • zipapp mode support

How it works?

  • step 1: fetch metadata (eg. .git/{HEAD,index,config})
  • step 2: using commit objects as seed, crawling whole git database
  • step 3: parse index, then restore objects to source code

Usage:

  • portable standalone

    > make zipapp

    > python githack.pyz http://example.com/.git

  • pip

    > pip install githack

    > githack http://example.com/.git

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for githack, version 0.0.4.post1
Filename, size File type Python version Upload date Hashes
Filename, size githack-0.0.4.post1-py3-none-any.whl (54.2 kB) File type Wheel Python version py3 Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring DigiCert DigiCert EV certificate Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page