Skip to main content

A pure python implemented .git/ folder disclosure exploit

Project description

https://badge.fury.io/gh/owenchia%2Fgithack.svg https://travis-ci.com/OwenChia/githack.svg?branch=master https://badge.fury.io/py/githack.svg PyPI - Python Version GitHub

Basically it an py3k version with own implemented Git objects parser for GitHack:

GitHack is a `.git` folder disclosure exploit.

Why another git dumper tool?

  • python 3.6+ support
  • pure-Python implementation without third-party dependencies
  • git database crawling support
  • zipapp mode support

How it works?

  • step 1: fetch metadata (eg. .git/{HEAD,index,config})
  • step 2: using commit objects as seed, crawling whole git database
  • step 3: parse index, then restore objects to source code

Usage:

  • portable standalone

    > make zipapp

    > python githack.pyz http://example.com/.git

  • pip

    > pip install githack

    > githack http://example.com/.git

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
githack-0.0.4.post1-py3-none-any.whl (54.2 kB) Copy SHA256 hash SHA256 Wheel py3

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page