Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/BugScanTeam/GitHack
.git 泄漏利用工具,可还原历史版本
https://github.com/BugScanTeam/GitHack
git vulnerabilities
Last synced: about 1 month ago
JSON representation
.git 泄漏利用工具,可还原历史版本
- Host: GitHub
- URL: https://github.com/BugScanTeam/GitHack
- Owner: BugScanTeam
- License: gpl-3.0
- Archived: true
- Created: 2017-02-24T02:58:50.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2020-02-25T10:15:12.000Z (over 4 years ago)
- Last Synced: 2024-05-20T13:31:34.633Z (4 months ago)
- Topics: git, vulnerabilities
- Language: Python
- Size: 43.9 KB
- Stars: 693
- Watchers: 16
- Forks: 149
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - BugScanTeam/GitHack - .git 泄漏利用工具,可还原历史版本 (Python)
README
# GitHack
> `.git` 泄漏利用工具,可还原历史版本
### 依赖
> 不需要安装其它 Python 库,只需要有 git 命令
* git
* ubuntu/debian: `$ apt-get install git`
* redhat/centos: `$ yum install git`
* windows [git-for-windows下载](https://github.com/git-for-windows/git/releases/latest)
**使用前需确保 git 在 环境变量中**
### 使用方法
```
python GitHack.py http://www.example.com/.git/
```
> 还原后的文件在 `dist/` 目录下
### 工作流程
1. 尝试获取 `packs`克隆
2. 尝试目录遍历克隆
3. 尝试从缓存文件(index)、commit记录中恢复
### 截图
### 相关链接
* [BugScan](http://www.bugscan.net)
* [GitHack - lijiejie](https://github.com/lijiejie/GitHack)