Hi bro,
Attempt 1:
Here is the command that I run
docker run wangyihang/githacker --brute --url https://example.com/.git/ --output-folder result
The tool runs around 10 mins
2024-01-06 22:16:15 INFO 1 urls to be exploited
2024-01-06 22:16:15 INFO Exploiting https://example.com/.git/ into result/2c3addf32fa248db42a1ee6cbb5fc923
/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
2024-01-06 22:16:15 INFO Downloading basic files...
/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
2024-01-06 22:16:16 ERROR FileExistsError(17, 'File exists')
2024-01-06 22:16:16 ERROR [0 bytes] 404 .git/COMMIT_EDITMSG
2024-01-06 22:16:16 INFO [73 bytes] 200 .git/description
2024-01-06 22:16:16 ERROR FileExistsError(17, 'File exists')
2024-01-06 22:16:16 INFO [23 bytes] 200 .git/HEAD
2024-01-06 22:16:16 ERROR FileExistsError(17, 'File exists')
2024-01-06 22:16:16 ERROR [0 bytes] 404 .git/FETCH_HEAD
/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
And it stops right here
/usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1045: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
warnings.warn(
2024-01-06 22:38:05 ERROR FileExistsError(17, 'File exists')
2024-01-06 22:38:05 ERROR [0 bytes] 404 .git/objects/cc/69db0bd9630502abab59915b137914c04db66b
2024-01-06 22:38:05 ERROR FileExistsError(17, 'File exists')
2024-01-06 22:38:05 ERROR [0 bytes] 404 .git/objects/f2/117923e6f8507f0947fe70a2a81aa5e35bf64a
2024-01-06 22:38:05 INFO Running git fsck files...
Traceback (most recent call last):
File "/usr/local/bin/githacker", line 8, in <module>
sys.exit(main())
^^^^^^
File "/usr/local/lib/python3.11/site-packages/GitHacker/__init__.py", line 520, in main
).start()
^^^^^^^
File "/usr/local/lib/python3.11/site-packages/GitHacker/__init__.py", line 93, in start
return self.blind()
^^^^^^^^^^^^
File "/usr/local/lib/python3.11/site-packages/GitHacker/__init__.py", line 172, in blind
process = subprocess.run(
^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/subprocess.py", line 548, in run
with Popen(*popenargs, **kwargs) as process:
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/subprocess.py", line 1024, in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
File "/usr/local/lib/python3.11/subprocess.py", line 1901, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'git'
root@1bytedemo:~/Desktop/GitHacker# ls
Dockerfile figure GitHacker Makefile README.md requirements.txt setup.py templates test utils
I did not see the directory result
. So what's wrong? I confirmed that site got block access to directory ./git
, but allow to download files inside such as .git/config
, .git/index
, ...etc
Attempt 2:
This time I run at local, I did not run from docker. Here is the command at local
githacker --url https://example.com/.git/ --brute --threads 1 --output-folder /root/Desktop/result
And the tool did work, did bruteforce
2024-01-07 05:59:53 INFO 1 urls to be exploited
2024-01-07 05:59:53 INFO Exploiting https://example.com/.git/ into /root/Desktop/result/2c3addf32fa248db42a1ee6cbb5fc923
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
2024-01-07 05:59:54 INFO Downloading basic files...
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
2024-01-07 05:59:54 ERROR [0 bytes] 404 .git/COMMIT_EDITMSG
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
2024-01-07 05:59:54 ERROR FileExistsError(17, 'File exists')
2024-01-07 05:59:54 INFO [73 bytes] 200 .git/description
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
2024-01-07 05:59:54 ERROR FileExistsError(17, 'File exists')
2024-01-07 05:59:54 ERROR [0 bytes] 404 .git/FETCH_HEAD
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
2024-01-07 05:59:54 ERROR FileExistsError(17, 'File exists')
2024-01-07 05:59:54 INFO [23 bytes] 200 .git/HEAD
/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py:988: InsecureRequestWarning: Unverified HTTPS request is being made to host 'example.com'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning,
And it stops right here
2024-01-07 06:07:37 WARNING .git/objects/8f/3deef92bbb1d69cea0668e27392ff187210267 does not exist
2024-01-07 06:07:37 WARNING .git/objects/3d/3ae5d49a12dd4a6eb718adb0d4b7d39d3864f1 does not exist
2024-01-07 06:07:37 WARNING .git/objects/c1/5faa5eeecd2922ba2d03ae67aa913b2f300f99 does not exist
2024-01-07 06:07:37 WARNING .git/objects/c7/2e9015ccb53c4947da4b641da2beae894bd3cf does not exist
2024-01-07 06:07:37 WARNING .git/objects/c8/29c1fc0954f2656bf7710a28bede56e8a1f0dc does not exist
2024-01-07 06:07:37 WARNING .git/objects/47/723dc9144cfec31c03717f961926cbf8d10c0d does not exist
2024-01-07 06:07:37 WARNING .git/objects/3d/3b64a5a9b7f99823c7aa50925befa3f62589a8 does not exist
2024-01-07 06:07:37 WARNING .git/objects/2b/74668b32aa5349ed4fcb0b6d678e32f9cd5098 does not exist
2024-01-07 06:07:37 WARNING .git/objects/f6/492632825b6a96aabf4569d951665f3c154ecc does not exist
2024-01-07 06:07:37 WARNING .git/objects/a3/dd1c123791905de8c64ae6d1e845abc126d9e1 does not exist
2024-01-07 06:07:37 WARNING .git/objects/db/9f1a4438b9b73687d554c38b582c4c58053baf does not exist
2024-01-07 06:07:37 WARNING .git/objects/25/ad2609a207ca211ef774d5fba0aa1f5aa2981a does not exist
2024-01-07 06:07:37 WARNING .git/objects/46/05ec9dbc49fbfb1da639f1b0df318b9431be5a does not exist
2024-01-07 06:07:37 WARNING .git/objects/86/5daab6aa70d1f594f4de1eea7fb1d4df14c2ed does not exist
2024-01-07 06:07:37 WARNING .git/objects/38/8f6f03f385c221cc298b66e950d6a00c1d7b54 does not exist
2024-01-07 06:07:37 WARNING .git/objects/2f/a25b968e0f299c755b71401c8c51080f297793 does not exist
2024-01-07 06:07:37 WARNING .git/objects/41/66406dc41aed8f3d4444cf1a6979c7ebc2306f does not exist
2024-01-07 06:07:37 WARNING .git/objects/c4/69cd57ff9630907ef3c461652eff78d3ddee74 does not exist
2024-01-07 06:07:37 INFO Cloning downloaded repo from /tmp/tmpdvdjwn96 to /root/Desktop/result/2c3addf32fa248db42a1ee6cbb5fc923
2024-01-07 06:07:37 ERROR Cloning into '/root/Desktop/result/2c3addf32fa248db42a1ee6cbb5fc923'...
error: refs/heads/master does not point to a valid object!
error: refs/remotes/origin/HEAD does not point to a valid object!
error: refs/remotes/origin/dev-michael does not point to a valid object!
error: refs/remotes/origin/master does not point to a valid object!
error: refs/remotes/origin/staging does not point to a valid object!
done.
fatal: update_ref failed for ref 'HEAD': cannot update ref 'HEAD': trying to write ref 'HEAD' with nonexistent object 180b519b5599fdbfd3f00cf608130d71540eb506
fatal: The remote end hung up unexpectedly
2024-01-07 06:07:37 INFO 0 / 1 were exploited successfully
This time it has the output result
directory. But when I check the contents inside the output, it does not show the file in the servers
root@1bytedemo:~/Desktop/result# tree -a
.
โโโ 2c3addf32fa248db42a1ee6cbb5fc923
โโโ .git
โโโ logs
โโโ HEAD
โโโ refs
โโโ heads
โย ย โโโ master
โโโ remotes
โโโ origin
โโโ HEAD
7 directories, 3 files
root@1bytedemo:~/Desktop/result#
Does not have config
, index
, ...etc which can download directly on website
While I test other tools like git-dumper
, githack
it can shows...
Regards!