GitHub is an extremely popular site that allows developers to store source code and interact with other users about their projects. Anyone can download public, open-source files on GitHub manually or with Git, and anyone can fork off someone's project to expand or improve it into its own project. It's a really great site for programmers, developers, and even inspiring hackers.
However, in the push to get their source code out quickly, users sometimes forget to remove sensitive information from their projects. GitHub is a publicly accessible site, and this means that hackers and security professionals can scour for credentials fairly easy on it.
Manually scouring for credentials on GitHub could take some time, but that's where Gitrob comes in. It's an open-source intelligence (OSINT) tool created by Michael Henriksen that speeds up the process exponentially.
Gitrob is a command line tool that can help organizations and security professionals find such sensitive information. The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information.
In this tutorial, I will go over the installation of Gitrob. Since Gitrob is a Ruby gem, the installation procedure is slightly different from a normal GitHub repository.
Open a terminal in Kali Linux and execute the command:
- gem update --system
As you can see, my system is currently up to date.
In Kali Linux, you already have PostgreSQL installed, which is an open-source object-relational database system. Simply ensure that it is running by executing:
- service postgresql start
You may need to install an additional dependancy:
- apt-get install libpq-dev
Now we need to set up a database for Gitrob. To start, if you are running Kali Linux, simply enter the following command to change your user to the Postgres user.
- sudo su postgres
Or if you are running Kali as root:
- su postgres
Next, enter the following command create a new database user. After this command, you will be prompted for a password.
- createuser -s gitrob --pwprompt
Finally, the following command will create new database specifying gitrob as the owner.
- createdb -O gitrob gitrob
You now have a new PostgreSQL user with the name gitrob, and with the password you typed into the prompt. You also created a database with the name gitrob which is owned by the gitrob user.
Since Gitrob works by querying GitHub, we'll need an access token. Without one, Gitrob's queries will be limited by GitHub's servers, so it's important that you have one so the limit is removed.
First, visit github.com/setttings/tokens, then add a token by clicking on the "Generate token button" button.
Next, you will be asked to name your token and select access privileges. Since we will only be scanning public repos, we don't need to give Gitrob any additional access to our own repos. Once you have named and accepted your token, you will be presented with a page showing the token. Leave this open because you will not be able to access it again—but you will need the token in a later step.
Next, we install the Gitrob gem with the terminal command:
- gem install gitrob
With the gems out of our way, we're getting closer!
The current release of Gitrob doesn't play well with the bundled GitHub API gem. You will need to remove it and install a previous version. Execute the command:
- gem uninstall github_api
Followed by the command:
- gem install github_api -v 13
Next, we will configure Girtob with the following command.
- gitrob configure
I already had an existing configuration file, which I chose to overwrite. The default values should be fine if you followed the steps in configuring PostgreSQL. The password will be the one that you set earlier, and you will need to paste in your GitHub access token.
The install process would've been a lot easier if there weren't issues with the bundled GitHub API. Hopefully, it will be fixed in a later version. In future guides, I will demonstrate some of the uses of this tool for OSINT gathering, so stay tuned.
Start your White-Hat Hacker journey with Null Byte's Beginner's Guide to Linux Course.