Inicio Explorar Axuda
Iniciar sesión
LBP
/
gitleaks
réplica de https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Ficheiros Incidencias 0 Wiki
Árbore: e1a58935ea
Ramas Etiquetas
gitleaks
/
main.go

main.go 2.2 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. package main
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	_ "fmt"
    6. 

  6. 	"log"
    7. 

  7. 	"os"
    8. 

  8. 	"os/exec"
    9. 

  9. 	"strings"
    10. 

  10. )
    11. 

  11. 

  12. // go get hunt is a github secret key hunter written in go. target organizations, users, and remote/local repos
    13. 

  13. // gotta be fast
    14. 

  14. 

  15. type Repo struct {
    16. 

  16. 	url      string
    17. 

  17. 	name     string
    18. 

  18. 	path     string
    19. 

  19. 	branches *Branch
    20. 

  20. }
    21. 

  21. 

  22. type Branch struct {
    23. 

  23. 	name string
    24. 

  24. }
    25. 

  25. 

  26. var appRoot string
    27. 

  27. 

  28. func init() {
    29. 

  29. 	appRoot, _ = os.Getwd()
    30. 

  30. }
    31. 

  31. 

  32. func main() {
    33. 

  33. 	args := os.Args[1:]
    34. 

  34. 	opts := parseOptions(args)
    35. 

  35. 	start(opts)
    36. 

  36. }
    37. 

  37. 

  38. func start(opts *Options) {
    39. 

  39. 	if opts.Repo != "" {
    40. 

  40. 		repoStart(opts.Repo)
    41. 

  41. 	}
    42. 

  42. }
    43. 

  43. 

  44. func repoStart(repo_url string) {
    45. 

  45. 	err := exec.Command("git", "clone", repo_url).Run()
    46. 

  46. 	if err != nil {
    47. 

  47. 		log.Fatalf("failed to clone repo %v", err)
    48. 

  48. 	}
    49. 

  49. 	repo_name := strings.Split(repo_url, "/")[4]
    50. 

  50. 	if err := os.Chdir(repo_name); err != nil {
    51. 

  51. 		log.Fatal(err)
    52. 

  52. 	}
    53. 

  53. 

  54. 	repo := Repo{repo_url, repo_name, "", nil}
    55. 

  55. 	repo.audit()
    56. 

  56. 	repo.cleanup()
    57. 

  57. }
    58. 

  58. 

  59. // cleanup changes to app root and recursive rms target repo
    60. 

  60. func (repo Repo) cleanup() {
    61. 

  61. 	if err := os.Chdir(appRoot); err != nil {
    62. 

  62. 		log.Fatalf("failed cleaning up repo %v", err)
    63. 

  63. 	}
    64. 

  64. 	err := exec.Command("rm", "-rf", repo.name).Run()
    65. 

  65. 	if err != nil {
    66. 

  66. 		log.Fatal(err)
    67. 

  67. 	}
    68. 

  68. }
    69. 

  69. 

  70. // (Repo) audit parses git branch --all to audit remote branches
    71. 

  71. func (repo Repo) audit() {
    72. 

  72. 	var out []byte
    73. 

  73. 	var err error
    74. 

  74. 	var branch string
    75. 

  75. 	var commits [][]byte
    76. 

  76. 

  77. 	out, err = exec.Command("git", "branch", "--all").Output()
    78. 

  78. 	if err != nil {
    79. 

  79. 		log.Fatalf("error retrieving branches %v\n", err)
    80. 

  80. 	}
    81. 

  81. 

  82. 	// iterate through branches, git rev-list <branch>
    83. 

  83. 	branches := bytes.Split(out, []byte("\n"))
    84. 

  84. 	for i, branchB := range branches {
    85. 

  85. 		if i < 2 || i == len(branches)-1 {
    86. 

  86. 			continue
    87. 

  87. 		}
    88. 

  88. 		branch = string(bytes.Trim(branchB, " "))
    89. 

  89. 		out, err = exec.Command("git", "rev-list", branch).Output()
    90. 

  90. 		if err != nil {
    91. 

  91. 			log.Fatalf("error retrieving commits %v\n", err)
    92. 

  92. 		}
    93. 

  93. 		// iterate through commits
    94. 

  94. 		commits = bytes.Split(out, []byte("\n"))
    95. 

  95. 		for j, commitB := range commits {
    96. 

  96. 			if j == len(commits)-2 {
    97. 

  97. 				break
    98. 

  98. 			}
    99. 

  99. 			diff(string(commitB), string(commits[j+1]))
    100. 

  100. 		}
    101. 

  101. 	}
    102. 

  102. }
    103. 

  103. 

  104. func diff(commit1 string, commit2 string) {
    105. 

  105. 	// fmt.Println(commit1, commit2)
    106. 

  106. 	_, err := exec.Command("git", "diff", commit1, commit2).Output()
    107. 

  107. 	if err != nil {
    108. 

  108. 		log.Fatalf("error retrieving commits %v\n", err)
    109. 

  109. 	}
    110. 

  110. 	//fmt.Printf("%s\n", out)
    111. 

  111. }
    112.