Git

Tip

AWS ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ:HackTricks Training AWS Red Team Expert (ARTE)
GCP ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training GCP Red Team Expert (GRTE) Azure ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training Azure Red Team Expert (AzRTE)

HackTricks ์ง€์›ํ•˜๊ธฐ

.git ํด๋”๋ฅผ URL์—์„œ ๋คํ”„ํ•˜๋ ค๋ฉด https://github.com/arthaud/git-dumper

๋‚ด์šฉ์„ ๊ฒ€์‚ฌํ•˜๋ ค๋ฉด https://www.gitkraken.com/ ์„ ์‚ฌ์šฉํ•˜์„ธ์š”

์›น ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์—์„œ .git ๋””๋ ‰ํ† ๋ฆฌ๊ฐ€ ๋ฐœ๊ฒฌ๋˜๋ฉด wget -r http://web.com/.git. ๋กœ ๋ชจ๋“  ๋‚ด์šฉ์„ ๋‹ค์šด๋กœ๋“œํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ๊ทธ๋Ÿฐ ๋‹ค์Œ git diff ๋ฅผ ์‚ฌ์šฉํ•ด ๋ณ€๊ฒฝ์‚ฌํ•ญ์„ ํ™•์ธํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๋„๊ตฌ๋“ค: Git-Money, DVCS-Pillage ๋ฐ GitTools ๋Š” git ๋””๋ ‰ํ† ๋ฆฌ์˜ ๋‚ด์šฉ์„ ๋ณต๊ตฌํ•˜๋Š” ๋ฐ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๋„๊ตฌ https://github.com/cve-search/git-vuln-finder ๋Š” ์ปค๋ฐ‹ ๋ฉ”์‹œ์ง€ ๋‚ด์—์„œ CVE ๋ฐ ๋ณด์•ˆ ์ทจ์•ฝ์  ๊ด€๋ จ ๋ฉ”์‹œ์ง€๋ฅผ ๊ฒ€์ƒ‰ํ•˜๋Š” ๋ฐ ์‚ฌ์šฉํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

๋„๊ตฌ https://github.com/michenriksen/gitrob ๋Š” ์กฐ์ง ๋ฐ ํ•ด๋‹น ์ง์›๋“ค์˜ ๋ฆฌํฌ์ง€ํ† ๋ฆฌ์—์„œ ๋ฏผ๊ฐํ•œ ๋ฐ์ดํ„ฐ๋ฅผ ๊ฒ€์ƒ‰ํ•ฉ๋‹ˆ๋‹ค.

Repo security scanner ๋Š” ๋ช…๋ นํ–‰ ๊ธฐ๋ฐ˜ ๋„๊ตฌ๋กœ, ๊ฐœ๋ฐœ์ž๊ฐ€ ๋ฏผ๊ฐํ•œ ๋ฐ์ดํ„ฐ๋ฅผ ํ‘ธ์‹œํ•˜๋ฉด์„œ ์‹ค์ˆ˜๋กœ ๋…ธ์ถœํ•œ GitHub ๋น„๋ฐ€์„ ์ฐพ์•„๋‚ด๋„๋ก ๋•๊ธฐ ์œ„ํ•ด ๋งŒ๋“ค์–ด์กŒ์Šต๋‹ˆ๋‹ค. ๋‹ค๋ฅธ ๋„๊ตฌ๋“ค๊ณผ ๋งˆ์ฐฌ๊ฐ€์ง€๋กœ ๋น„๋ฐ€๋ฒˆํ˜ธ, ๊ฐœ์ธ ํ‚ค, ์‚ฌ์šฉ์ž๋ช…, ํ† ํฐ ๋“ฑ๋„ ์ฐพ์•„์ค๋‹ˆ๋‹ค.

๋‹ค์Œ์—์„œ github dorks์— ๋Œ€ํ•œ ์—ฐ๊ตฌ๋ฅผ ํ™•์ธํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค: https://securitytrails.com/blog/github-dorks

Faster /.git dumping & dirlisting bypass (2024โ€“2026)

  • holly-hacker/git-dumper ๋Š” classic GitTools dumper์˜ 2024๋…„ ๋ฆฌ๋ผ์ดํŠธ๋กœ ๋ณ‘๋ ฌ ํŽ˜์นญ์„ ์‚ฌ์šฉํ•˜์—ฌ (>10x ์†๋„ ํ–ฅ์ƒ). ์˜ˆ: python3 git-dumper.py https://victim/.git/ out && cd out && git checkout -- .
  • Ebryx/GitDump ๋Š” .git/index, packed-refs ๋“ฑ์—์„œ ์˜ค๋ธŒ์ ํŠธ ์ด๋ฆ„์„ ๋ธŒ๋ฃจํŠธํฌ์Šคํ•˜์—ฌ ๋””๋ ‰ํ† ๋ฆฌ ํŠธ๋ž˜๋ฒ„์„ค์ด ๋น„ํ™œ์„ฑํ™”๋œ ๊ฒฝ์šฐ์—๋„ ๋ฆฌํฌ์ง€ํ† ๋ฆฌ๋ฅผ ๋ณต๊ตฌํ•ฉ๋‹ˆ๋‹ค: python3 git-dump.py https://victim/.git/ dump && cd dump && git checkout -- .

๋น ๋ฅธ ๋คํ”„ ํ›„ ๋ถ„๋ฅ˜

cd dumpdir
# reconstruct working tree
git checkout -- .
# show branch/commit map
git log --graph --oneline --decorate --all
# list suspicious config/remotes/hooks
git config -l
ls .git/hooks

๋น„๋ฐ€/์ž๊ฒฉ ์ฆ๋ช… ์ˆ˜์ง‘ (ํ˜„์žฌ ๋„๊ตฌ)

  • TruffleHog v3+: ์—”ํŠธ๋กœํ”ผ+regex๋กœ ์ž๋™ Git ํžˆ์Šคํ† ๋ฆฌ ์ˆœํšŒ๋ฅผ ์ˆ˜ํ–‰ํ•ฉ๋‹ˆ๋‹ค. trufflehog git file://$PWD --only-verified --json > secrets.json
  • Gitleaks (v8+): ๋น ๋ฅธ regex ๊ทœ์น™์…‹์œผ๋กœ, ์••์ถ• ํ•ด์ œ๋œ ํŠธ๋ฆฌ ๋˜๋Š” ์ „์ฒด ํžˆ์Šคํ† ๋ฆฌ๋ฅผ ์Šค์บ”ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. gitleaks detect -v --source . --report-format json --report-path gitleaks.json

์ฐธ๊ณ ์ž๋ฃŒ

Tip

AWS ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ:HackTricks Training AWS Red Team Expert (ARTE)
GCP ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training GCP Red Team Expert (GRTE) Azure ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training Azure Red Team Expert (AzRTE)

HackTricks ์ง€์›ํ•˜๊ธฐ