{"id":13545491,"url":"https://github.com/0xHJK/dumpall","last_synced_at":"2025-04-02T15:31:15.208Z","repository":{"id":38430505,"uuid":"216212738","full_name":"0xHJK/dumpall","owner":"0xHJK","description":"一款信息泄漏利用工具，适用于.git/.svn/.DS_Store泄漏和目录列出","archived":false,"fork":false,"pushed_at":"2022-12-27T15:37:11.000Z","size":1392,"stargazers_count":1447,"open_issues_count":22,"forks_count":149,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-03-31T03:07:28.966Z","etag":null,"topics":["bug-bounty","dumpall","githack","hacking","pentesting","python3","scanner","security","spider","svn","tools"],"latest_commit_sha":null,"homepage":"https://github.com/0xHJK/dumpall","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xHJK.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-10-19T13:42:55.000Z","updated_at":"2025-03-31T01:05:03.000Z","dependencies_parsed_at":"2023-01-31T04:45:13.679Z","dependency_job_id":null,"html_url":"https://github.com/0xHJK/dumpall","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2Fdumpall","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2Fdumpall/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2Fdumpall/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2Fdumpall/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xHJK","download_url":"https://codeload.github.com/0xHJK/dumpall/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246408098,"owners_count":20772230,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bug-bounty","dumpall","githack","hacking","pentesting","python3","scanner","security","spider","svn","tools"],"created_at":"2024-08-01T11:01:03.901Z","updated_at":"2025-04-02T15:31:10.199Z","avatar_url":"https://github.com/0xHJK.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# Dump all: 多种泄漏形式，一种利用方式\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/0xHJK/dumpall\"\u003e\n    \u003cimg src=\"https://github.com/0xHJK/dumpall/raw/master/static/dumpall.png\" alt=\"dumpall\"\u003e\n  \u003c/a\u003e\n  \u003cspan\u003edumpall 是一款信息泄漏/源代码泄漏利用工具\u003c/span\u003e\u003cbr\u003e\n\u003cp\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca\u003e\u003cimg src=\"https://img.shields.io/pypi/pyversions/dumpall.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/0xHJK/dumpall/releases\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/v/release/0xHJK/dumpall?include_prereleases\"\u003e\n  \u003c/a\u003e\n  \u003ca\u003e\u003cimg src=\"https://img.shields.io/github/license/0xHJK/dumpall\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/0xHJK/dumpall\"\u003ehttps://github.com/0xHJK/dumpall\u003c/a\u003e\n\u003c/p\u003e\n\n\u003chr\u003e\n\n\u003e ⚠️ **警告：本工具仅用于授权测试，不得用于非法用途，否则后果自负！**\n\u003e \n\u003e ⚠️ **WARNING：FOR LEGAL PURPOSES ONLY!**\n\n\n## 🤘 Features\n\n- 支持多种泄漏情况利用\n- Dumpall使用方式简单\n- 使用asyncio异步处理速度快\n\n适用于以下场景：\n\n- [x] `.git`源代码泄漏\n- [x] `.svn`源代码泄漏\n- [x] `.DS_Store`信息泄漏\n- [x] 目录列出信息泄漏\n\nTODO:\n\n- [ ] 支持更多利用方式\n- [ ] 优化大文件下载\n- [ ] 增强绕过功能\n\n项目地址：\u003chttps://github.com/0xHJK/dumpall\u003e\n\n\u003e 在macOS下的Python 3.7中测试通过，建议使用Python 3.7+\n\n\n## 🚀 QuickStart\n\n```bash\n# pip安装\npip install dumpall\n# 查看版本\ndumpall --version\n```\n\n```bash\n# 手动下载使用\ngit clone https://github.com/0xHJK/dumpall\ncd dumpall\n# 查看版本\npython3 dumpall.py --version\n```\n\n## 💫 Usage\n\n```bash\n# 下载文件（源代码）\ndumpall -u \u003curl\u003e [-o \u003coutdir\u003e]\n\n# 示例\ndumpall -u http://example.com/.git/\ndumpall -u http://example.com/.svn/\ndumpall -u http://example.com/.DS_Store\ndumpall -u http://example.com/\n```\n\n帮助\n\n```bash\n$ dumpall --help\nUsage: dumpall.py [OPTIONS]\n\n  信息泄漏利用工具，适用于.git/.svn/.DS_Store，以及目录列出下载\n\n  Example: dumpall -u http://example.com/.git\n\nOptions:\n  --version          Show the version and exit.\n  -u, --url TEXT     指定目标URL，支持.git/.svn/.DS_Store，以及类index页面\n  -o, --outdir TEXT  指定下载目录，默认目录名为主机名\n  -p, --proxy TEXT   指定代理 scheme://[user:pass@]hostname:port\n  -f, --force        强制下载（可能会有蜜罐风险）\n  -d, --debug        调试模式\n  --help             Show this message and exit.\n```\n\n`.git`源代码泄漏利用\n\n![0xHJK dumpall gitdumper](https://github.com/0xHJK/dumpall/raw/master/static/gitdumper.png)\n\n`.svn`源代码泄漏利用\n\n![0xHJK dumpall svndumper](https://github.com/0xHJK/dumpall/raw/master/static/svndumper.png)\n\n`.DS_Store`信息泄漏利用\n\n![0xHJK dumpall dsdumper](https://github.com/0xHJK/dumpall/raw/master/static/dsdumper.png)\n\n## 🙋 FAQ\n\n1. `OSError(24, 'Too many open files'))`\n\n手动修改系统打开文件最大数量限制，如 `ulimit -n 65535`\n\n2. 旧版本SVN无法利用\n\n先用idxdumper凑合，等有空补充\n\n## 📜 History\n\n- 2022-05-09 v0.4.0\n  - 优化基础功能，修复BUG\n  - 增加调试模式\n  - 优化多任务调度\n  - 支持代理\n  - 支持随机UserAgent\n- 2022-03-01 v0.3.2\n  - 修复URL编码问题\n- 2021-08-09 v0.3.1\n  - 修复任意位置存储漏洞、增加蜜罐警告\n- 2020-05-22 v0.3.0\n  - 完成目录列出信息泄漏利用功能\n- 2019-10-27 v0.2.0\n  - 优化下载方法\n  - 完成`.DS_Store`信息泄漏利用功能\n- 2019-10-24 v0.1.0\n  - 项目架构优化\n  - 完成`.svn`源代码泄漏利用功能\n- 2019-10-23\n  - 完成`.git`源代码泄漏利用功能\n- 2019-10-19 项目启动\n\n## 🤝 Contributions\n\n本项目参考或使用了以下项目，在此感谢相关开发者\n\n- https://github.com/lijiejie/GitHack\n- https://github.com/admintony/svnExploit\n- https://github.com/sbp/gin\n- https://github.com/gehaxelt/Python-dsstore\n- https://github.com/aio-libs/aiohttp\n- https://github.com/jreese/aiomultiprocess\n- https://github.com/pallets/click\n\n感谢以下开发者的贡献\n\n- @k0ngfei\n- @nian-hua\n- @fabaff\n\n如有意愿参与项目开发，请遵循以下规范\n\n- 使用下划线命名法命名\n- 使用 \u003chttps://github.com/psf/black\u003e 做代码格式化\n\n## 📄 License\n\n[MIT License](https://github.com/0xHJK/TotalPass/blob/master/LICENSE)\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=0xHJK/dumpall\u0026type=Date)](https://star-history.com/#0xHJK/dumpall\u0026Date)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xHJK%2Fdumpall","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xHJK%2Fdumpall","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xHJK%2Fdumpall/lists"}