Skip to main content

A pure python implemented .git/ folder disclosure exploit

Project description

https://badge.fury.io/gh/owenchia%2Fgithack.svg https://travis-ci.com/OwenChia/githack.svg?branch=master https://badge.fury.io/py/githack.svg PyPI - Python Version GitHub

Basically it an py3k version with own implemented Git objects parser for GitHack:

GitHack is a `.git` folder disclosure exploit.

Why another git dumper tool?

  • python 3.6+ support

  • pure-Python implementation without third-party dependencies

  • git database crawling support

  • zipapp mode support

How it works?

  • step 1: fetch metadata (eg. .git/{HEAD,index,config})

  • step 2: using commit objects as seed, crawling whole git database

  • step 3: parse index, then restore objects to source code

Usage:

  • portable standalone

    > make zipapp

    > python githack.pyz http://example.com/.git

  • pip

    > pip install githack

    > githack http://example.com/.git

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release. See tutorial on generating distribution archives.

Built Distribution

githack-0.0.4.post1-py3-none-any.whl (54.2 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page