-
Notifications
You must be signed in to change notification settings - Fork 25
Expand file tree
/
Copy pathgit.txt
More file actions
115 lines (93 loc) · 3.02 KB
/
git.txt
File metadata and controls
115 lines (93 loc) · 3.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
GIT
https://git-scm.com/docs
git clone https://github.com/owner/repot.git
git update
Versioning With Git:
This is a about commitment!
git add list ./of/new file*s
git add *
--add files to repo prior to commit
git commit -m "description of changes"
--commit changes to repisory version history
git commit --amend
--make changes to most recent commit
Revision History
git log
-lists version history for the current branch
git log --follow [file]
-lists version history for a file, including renames
git diff [first-branch]...[second-branch]
-shows content differences between two branches
git show [commit]
-outputs metadata and content changes of the specified commit
Checkout & Merge Techniques
git log
-list commits with comments
git checkout master
-checkout a git branch
git checkout 77b1f718d19e5cf46e2fab8405a9a0859c9c2889
git checkout -b build_0051
-checkout a commit from reflog
git checkout master
git cherry-pick af32d6
-merge a commit from one branch to another
--useful when unable to merge two branches
--fix a security issue present in both branches
Git Configuration:
.git/config
git config --edit
Repositoiry Enumeration:
SEARCH
git log -S'search string' --oneline --name-status
-find which commits and which files a string was added or removed in
git log -G'search string' --oneline --name-status
-find which commits and which files a regex was added or removed in
git log -S'search string' -p | grep 'search string' -C5
-see the diff of that
git log --all --grep='Build 0051'
-search the commit log (across all branches) for the given text
grep 'Build 0051' $(git rev-list --all)
-search the actual content of commits through a repo's history, use
git log -g --grep='Build 0051'
-search the reflog itself with the -g flag (short for --walk-reflogs)
git reflog
git checkout 77b1f718d19e5cf46e2fab8405a9a0859c9c2889
-To recover your commit from the reflog: do a git checkout of the commit you found
git checkout -b build_0051
git show :/message
.git/ Directory
cat .git/FETCH_HEAD
--check branch git pulls from
cat .git/config
--check branch and remote url git is configured to fetch from and merge with
Configuration Information:
.git/config
git config --edit
Exploitation Tools:
GitLeaks
https://github.com/zricethezav/gitleaks.git
gitleaks --repo=https://github.com/gitleakstest/gronit -v
gitleaks --repo=https://github.com/gitleakstest/gronit --report=gronit_results.csv
gitleaks --github-org=gitleakstestorg
gitleaks --github-user=gitleakstest
gitleaks -l /path/to/repo --report=/home/usr/repo_results.csv
Post-Exploitation git enumeration
git config -l
git config --list
interesting git configuration fields:
user.name
user.email
remote.origin.url
remote.origin.fetch
/*/etc/gitconfig
cat ~/.gitconfig
information:
name
email
cat ~/.git.stor
--contains stored git service login information including username and >>>password<<< for various accounts over various protocols
format:
protocol://UserName:tH3r3!15!No!$ec0ND!PaSswrd@gitlab.com
git config --edit
git config --edit --system
git config --edit --gobal