kost/dvcs-ripper kost/dvcs-ripper

  • Stars
    star
    1,583
  • Rank 28,541 (Top 0.6 %)
  • Language
    Perl
  • License
    GNU General Publi...
  • Created over 11 years ago
  • Updated almost 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
kost/dvcs-ripper
github

kost

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

Rawsec's CyberSecurity Inventory GitHub stars GitHub license

dvcs-ripper

Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...

It can rip repositories even when directory browsing is turned off.

Make sure to position yourself in empty directory where you want repositories to be downloaded/cloned.

Requirements

  • Perl
  • Perl modules:
    • required: LWP, IO::Socket::SSL
    • for newer SVN: DBD::SQlite and DBI
    • for faster GIT: Parallel::ForkManager, Redis and Algorithm::Combinatorics
  • (D)VCS client of what you want to rip (cvs, svn, git, hg, bzr, ...)

Requirements on Debian/Ubuntu

You can easily install perl requirements:

sudo apt-get install perl libio-socket-ssl-perl libdbd-sqlite3-perl libclass-dbi-perl libio-all-lwp-perl

Optional requirements (faster git rip): sudo apt-get install libparallel-forkmanager-perl libredis-perl libalgorithm-combinatorics-perl

And if you need all clients supported:

sudo apt-get install cvs subversion git bzr mercurial

Docker

In case you just want docker version, it is here:

https://github.com/kost/docker-webscan/tree/master/alpine-dvcs-ripper

Just say something like:

docker run --rm -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -v -u http://www.example.org/.git

GIT

Example run (for git):

rip-git.pl -v -u http://www.example.com/.git/

It will automatically do git checkout -f

or if you would like to ignore SSL certification verification (with -s):

rip-git.pl -s -v -u http://www.example.com/.git/

Mercurial/HG

Example run (for hg):

rip-hg.pl -v -u http://www.example.com/.hg/

It will automatically do hg revert <file>

or if you would like to ignore SSL certification verification (with -s):

rip-hg.pl -s -v -u http://www.example.com/.hg/

Bazaar/bzr

Example run (for bzr):

rip-bzr.pl -v -u http://www.example.com/.bzr/

It will automatically do bzr revert

or if you would like to ignore SSL certification verification (with -s):

rip-bzr.pl -s -v -u http://www.example.com/.bzr/

SVN

It supports OLDER and NEWER version of svn client formats. Older is with .svn files in every directory, while newer version have single .svn directory and wc.db in .svn directory. It will automatically detect which format is used on the target.

Example run (for SVN):

rip-svn.pl -v -u http://www.example.com/.svn/

It will automatically do svn revert -R .

CVS

Example run (for CVS):

rip-cvs.pl -v -u http://www.example.com/CVS/

This will not rip CVS, but it will display useful info.

Advance usage examples

Some examples how it can be used

Output handling

Download git tree to specific output dir:

rip-git.pl -o /my/previously/made/dir -v -u http://www.example.com/.git/

Download git tree to specific output dir (creating dir http__www.example.com_.git_ for url):

rip-git.pl -m -o /dir -v -u http://www.example.com/.git/

Redis usage with docker

Create Redis docker container:

docker run --rm --name myredis -it -v /my/host/dir/data:/data:rw k0st/alpine-redis

In another terminal, just link redis container and say something like this:

docker run --rm --link=myredis:redis -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -e docker -v -u http://www.example.org/.git -m -o /work

Using redis for resuming work of ripping

Create Redis docker container:

docker run --name redisdvcs -it -v /my/host/dir/data:/data:rw k0st/alpine-redis

In another terminal, just link redis container and say something like this:

docker run --link=redisdvcs:redis -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -n -e docker -v -u http://www.example.org/.git -m -o /work

Abusing redis for massive parallel tasks

Create global NFS and mount /work on each client. Create global Redis docker container:

docker run --name redisdvcs -it -v /my/host/dir/data:/data:rw k0st/alpine-redis

In another terminal, just link redis container and say something like this on 1st client

docker run -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -n -e global.docker.ip -v -u http://www.example.org/.git -t 10 -c -m -o /work

In another terminal, just link redis container and say something like this on 2nd client:

docker run -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -n -e global.docker.ip -v -u http://www.example.org/.git -t 10 -c -m -o /work

and so on...

You need to perform git checkout -f yourself on the end - of course!

Future

Feel free to implement something and send pull request. Feel free to suggest any feature. Lot of features actually were implemented by request

ToDo

  • Recognize 404 pages which return 200 in SVN/CVS
  • Try to repeat each trick after previous trick was successful
  • Progress bars

Done

More Repositories

1

nmap-android

Nmap on Android - Makefile/diff/scripts to build it with Android NDK
Makefile
247
star
2

dockscan

dockscan is security vulnerability and audit scanner for Docker installations
Ruby
214
star
3

revsocks

Reverse SOCKS5 implementation in Go
Go
203
star
4

android-elf-cleaner

Android ELF cleaner
C
126
star
5

docker-alpine

Alpine based images for Docker - Fundamental ones
Shell
99
star
6

mikrotik-npk

Python tools for manipulating Mikrotik NPK format
Python
73
star
7

tty2web

Share your terminal as a web application in bind/reverse mode
Go
70
star
8

docker-webscan

Dockerized versions of various web security scanning tools and utilities
67
star
9

NetworkMapper

Android frontend for Nmap Security Scanner
Java
62
star
10

Croatian-US-mac

Croatian US keyboard for Mac OS X
35
star
11

fujprog

FPGA ULX2/3 JTAG programmer
C
34
star
12

nmap-nse

NMAP NSE scripts - (not all)) my contributions before merging to nmap svn
Lua
34
star
13

rdpcmd

script/execute commands over RDP connection (elevated cmd.exe)
AutoIt
34
star
14

vulnscan-pwcrack

Password guessers for popular vulnerability scanners and frameworks: Find the password for your favourite vulnscanners: OpenVAS, Nessus, NeXpose or Metasploit
Perl
28
star
15

nanomet

Nano meterpreter shell based on TinyMet
C
27
star
16

docker-moloch

A Docker container for Moloch based on minimal Debian
Shell
26
star
17

dcled

Dream Cheeky USB Message Board
C
26
star
18

httpexec

RESTful interface to your operating system shell
Go
18
star
19

logdns

Simple DNS logging server
Go
16
star
20

scexec

Portable utility to execute in memory a sequence of opcodes
C
16
star
21

sqlc

sqlc - Universal DBMS/SQL client with exfiltration features :)
Go
15
star
22

docker-security

Security oriented images for Docker
Shell
15
star
23

webrepl-python

Handle micropython web_repl in Python
Python
14
star
24

lantronix-witchcraft

Perl utilities to retrieve and/or set basic and enhanced telnet passwords (amongst others)
Perl
14
star
25

jtr-stuff

John The Ripper (JtR) - various stuff
13
star
26

slirp

Software program that emulates a PPP, SLIP, or CSLIP connection to the Internet via a shell account
C
12
star
27

webshell-portlet

Web shell as Portlet (useful for Websphere Portal, JBoss Portal, etc.)
Java
12
star
28

ulx3s-ghdl-examples

ulx3s ghdl examples
VHDL
12
star
29

rdpcmd-ruby

Run commands over RDP on massive number of hosts
Ruby
11
star
30

docker-sift

Docker container of SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3
Shell
11
star
31

Croatian-US-windows

CroUS keyboard for Windows
11
star
32

libwmiclient

WMI client library - useful for monitoring/commanding Windows from other OSes
C
11
star
33

tc-guesser

TrueCrypt password guesser/cracker
Perl
9
star
34

docker-cowrie

A Docker container for Cowrie - SSH honeypot based on kippo
Shell
9
star
35

Croatian-US-linux

Croatian US keyboard for Linux
9
star
36

nmapxml

Convert nmap xml files to various formats: list of URLS, freemind mindmap, html (without XSL), etc..
Perl
9
star
37

singlepython

Building Python interpreter as Single Fat Binary
Makefile
8
star
38

smtp2mqtt

Simple SMTP to MQTT relay/forwarder
Go
8
star
39

massws

Mass Web Screenshot Tool - command line based
C++
8
star
40

memdump

System Memory dump
C
8
star
41

docker-zcash

Zcash inside docker container
8
star
42

wall-of-sheep

Wall of Sheep/Shame implemented in Perl with different modes: HTML, CGI and standalone web server
Perl
8
star
43

keepassz

Keepassz is improved Keepassx 0.x/1.x
C++
8
star
44

nessus_rest-ruby

Communicate with Nessus Scanner (version 6+) over REST/JSON interface
Ruby
7
star
45

external-ip

Android application to display IP addresses of device for easy copy&paste
Java
6
star
46

drcrack

drcrack - Matt Weir version - my patches
C++
5
star
47

micropython-socks

MicroPython library implementing SOCKS server.
Python
5
star
48

go-MemoryModule

Go binding example for MemoryModule
C
5
star
49

docker-nmap

A Docker container for Nmap
5
star
50

homebrew-ulx3s

Homebrew repo of ULX3S open source toolchain
Ruby
5
star
51

walletexplorer

Wallet Explorer for wallets of different cryptocurrencies (bitcoin, litecoin, ...)
Ruby
5
star
52

nessus-xmlrpc-ruby

Ruby gem/library for Nessus XMLRPC interface and Nessus command line example
Ruby
4
star
53

js-zynpass

ZyNOS Password/Secret generator - Node npm module
JavaScript
4
star
54

http-padawan

Basic (perl) tools for playing with HTTP protocol: basic HTTP server, proxy, etc.
Perl
4
star
55

dnstun

DNS tunnel library in Go
Go
4
star
56

SensorsWebLogger

Android application - Sensors Web Logger
Java
4
star
57

docker-kf

Docker containter for handling known files (goodware, badware) - usually by use of hashes
Shell
4
star
58

owasp-favicon-crawl

OWASP favicon crawl scripts
Perl
4
star
59

offrep

Offensive Reporting
Ruby
4
star
60

crotax-utils

Few utils for Croatian Tax payers
Ruby
4
star
61

ansible-galaxy.ubuntu.virtualbox

Ansible Galaxy role for installing VirtualBox on Ubuntu
4
star
62

docker-av

Anti-virus images for Docker
3
star
63

gosc

Go Shellcode
Go
3
star
64

http-get-methods

Enumeration of HTTP methods
Perl
3
star
65

rapid7-nexpose-api-perl

CPAN module - Rapid7::NeXpose::API - perl library for communication with NeXpose via API
Perl
3
star
66

DroidMeter

Android Application for multi meter - UNI-T UT61C
Java
3
star
67

regeorgo

Implementation of regeorg tunnel in golang (victim side).
Go
3
star
68

nessus-xmlrpc-perl

CPAN Module Net::Nessus::XMLRPC - perl library for communication with Nessus scanner(v4.2+) via XMLRPC
Perl
3
star
69

babushkafs

Pluggable filesystem containers
Perl
3
star
70

openvas-omp-ruby

This Ruby gem is used for communication with OpenVAS manager over OMP. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc.
Ruby
3
star
71

pcap-utils

Basic tools for analyzing pcap traffic
Perl
3
star
72

openwrt-usb-modeswitch

OpenWRT packages for switching USB devices
Shell
2
star
73

metasploit-openvas-bridge

OpenVAS bridge for Metasploit
Ruby
2
star
74

dotfiles

General, public and basic dotfiles
Python
2
star
75

m-whitelist

Whitelist 1.0 for Redline mirror
2
star
76

fuzzy_time_hr

Croatian fuzzy time Pebble Watchface
C
2
star
77

ulx3s-next186

Automated Next186 builds for ulx3s
Shell
2
star
78

ulx3s-passthru

Automated Passthru builds for ulx3s
Shell
2
star
79

libsimplebloom

Small bloom filter implementation in plain C with utils
C
2
star
80

bt-customise

BackTrack customizing/remastering scripts
2
star
81

libk8055-perl

CPAN Module Device::Velleman::K8055::libk8055
C
2
star
82

httpexecute

Go library for HTTP execute system commands handler
Go
1
star
83

SPSpyGhost

Open source SP Spy Ghost Controller
Java
1
star
84

TextWatch-hr

Croatian Pebble TextWatch Watchface
C
1
star
85

tcom-hr-dsl

T-Com DSL utilities
Perl
1
star
86

remmina-ruby

Ruby support classes for Remmina
Ruby
1
star
87

kost.github.com

Homepage
JavaScript
1
star
88

witi

C
1
star
89

neohub-python

Python module to control Neohub supported thermostats
Python
1
star
90

ulx3s-oberon

Automated build for ulx3s-oberon from https://github.com/emard/oberon
Shell
1
star
91

SpitEvents

Useful scripts to parse various events/logs including Windows Events
Perl
1
star
92

nanoweblog

logs every web/http request
C
1
star
93

ansible-galaxy.ubuntu.chef

Ansible Galaxy role for installing Chef on Ubuntu
1
star
94

ansible-galaxy.ubuntu.docker

Ansible Galaxy role for installing Docker on Ubuntu
1
star
95

language-nse

NSE/Lua language support in Atom https://atom.io/packages/language-nse
CoffeeScript
1
star
96

gpp-decrypt-ruby

Group Policy Preferences (GPP) password decryption
Ruby
1
star