Date: Fri, 7 May 2021 03:44:08 GMT From: Yuri Victorovich <yuri@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: c6bfc1a00217 - main - New port: security/gitjacker: Leak git repositories from misconfigured websites Message-ID: <202105070344.1473i8un092271@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by yuri: URL: https://cgit.FreeBSD.org/ports/commit/?id=c6bfc1a002178b1c26623aa58775edd22b5b20dd commit c6bfc1a002178b1c26623aa58775edd22b5b20dd Author: Yuri Victorovich <yuri@FreeBSD.org> AuthorDate: 2021-05-07 03:27:53 +0000 Commit: Yuri Victorovich <yuri@FreeBSD.org> CommitDate: 2021-05-07 03:44:02 +0000 New port: security/gitjacker: Leak git repositories from misconfigured websites --- security/Makefile | 1 + security/gitjacker/Makefile | 19 +++++++++++++++++++ security/gitjacker/distinfo | 5 +++++ security/gitjacker/pkg-descr | 8 ++++++++ 4 files changed, 33 insertions(+) diff --git a/security/Makefile b/security/Makefile index 3459b62abf2b..3b7a39ce0043 100644 --- a/security/Makefile +++ b/security/Makefile @@ -173,6 +173,7 @@ SUBDIR += git-crypt SUBDIR += git-remote-gcrypt SUBDIR += git-secret + SUBDIR += gitjacker SUBDIR += gnome-keyring SUBDIR += gnome-keyring-sharp SUBDIR += gnome-ssh-askpass diff --git a/security/gitjacker/Makefile b/security/gitjacker/Makefile new file mode 100644 index 000000000000..972d2697b7c2 --- /dev/null +++ b/security/gitjacker/Makefile @@ -0,0 +1,19 @@ +PORTNAME= gitjacker +DISTVERSIONPREFIX= v +DISTVERSION= 0.1.0 +CATEGORIES= security + +MAINTAINER= yuri@FreeBSD.org +COMMENT= Leak git repositories from misconfigured websites + +LICENSE= PD +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= go:modules + +GO_MODULE= github.com/liamg/gitjacker +GO_TARGET= ./cmd/${PORTNAME} + +PLIST_FILES= bin/${PORTNAME} + +.include <bsd.port.mk> diff --git a/security/gitjacker/distinfo b/security/gitjacker/distinfo new file mode 100644 index 000000000000..6d6c6bfe902e --- /dev/null +++ b/security/gitjacker/distinfo @@ -0,0 +1,5 @@ +TIMESTAMP = 1620355103 +SHA256 (go/security_gitjacker/gitjacker-v0.1.0/v0.1.0.mod) = b3db6be3fc30d6f4246b98b62a9a1aaeeb4baf56813250be44bc31d1346faebf +SIZE (go/security_gitjacker/gitjacker-v0.1.0/v0.1.0.mod) = 341 +SHA256 (go/security_gitjacker/gitjacker-v0.1.0/v0.1.0.zip) = 850de0ee593d0292c248275b1bd3aec2ec98f6336329aab516087544a1f345dc +SIZE (go/security_gitjacker/gitjacker-v0.1.0/v0.1.0.zip) = 239095 diff --git a/security/gitjacker/pkg-descr b/security/gitjacker/pkg-descr new file mode 100644 index 000000000000..889db1202ee6 --- /dev/null +++ b/security/gitjacker/pkg-descr @@ -0,0 +1,8 @@ +Gitjacker downloads git repositories and extracts their contents from sites +where the .git directory has been mistakenly uploaded. It will still manage +to recover a significant portion of a repository even where directory listings +are disabled. + +For educational/penetration testing use only. + +WWW: https://github.com/liamg/gitjacker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105070344.1473i8un092271>