قالب وردپرس درنا توس
Home / Tips and Tricks / How to Use Git to Clone, Compile and Refine Open Source Hacking Tools «Zero Byte :: WonderHowTo

How to Use Git to Clone, Compile and Refine Open Source Hacking Tools «Zero Byte :: WonderHowTo



With some of the basics for getting a Mac set up for hacking, it's time to start looking at toolboxes. Our first toolbox is Git, which will be used during future tutoring.

Git is currently the most widely used version control system (VCS) in the world, mainly due to GitHub. Version control system records changes to a file or set of files over time so that you can recall specific versions later. Git is a distributed form of version control where each system, not just a central location, has a full storage space.

Projects found on GitHub or your own personal remote repositories are fully reflected when cloned. This means that when you pull down a repository, you get all the files in it, you can make changes and put them back to your own fork of the project, clone different versions or just clone and compile. You can even drive your changes in staging for the main project.

Many open source projects are dependent on GitHub, also the Linux kernel. Lots of popular hack tools are also hosting their source at GitHub. If you do not already have an account, create one.

Git works perfectly with macOS, and it works the same way on Linux systems. I will cover the bare basics of this article, just enough to get us off the ground to change some code and keep our own local archives. By using Git we can clone popular open source hack tools, compile them, and even make changes or push bug fixes!

If you do not already have Git you can download and install the newest version. Git is also available in Xcode Developer Tools, which can be obtained by either installing the latest Xcode software or just Xcode Developer Tools with:

  xcode-select - install 

Step 1: Clone Any source code (git clone) [19659009] The command given clone is what we should use to draw the source of GitHub. It is probably the most common command you should use as a pentester if you do not do development on the page either. To use this command, find a repo (I chose theHarvester) and run the following command, replace the repo I chose with what you chose.

  gon cloned https://github.com/laramies/theHarvester

Cloning in "theHarvester" ...
remote control: enumeration of objects: 96, done.
remote control: counting objects: 100% (96/96), done.
remote control: Compress objects: 100% (50/50), done.
remote control: Total 1927 (delta 51), reused 79 (delta 46), pack reuse 1831
Receiving item: 100% (1927/1927), 3.30 MiB | 6.37 MiB / s, done.
Participant solution: 100% (1258/1258), ready. 

There we have it. I now have a copy of Harvester for my own use. However, I lack a necessary dependence – Python requests the library. Since we handle source code when cloning from GitHub, it is common for dependencies not to be met. If we pull this off from a package manager like Homebrew, the package would include dependencies.

In this case, I just need to install pip (a Python library package manager) and pull down appropriate dependencies. [19659013] Recommended on Amazon: "Pro Git" by Scott Chacon & Ben Straub

To view all files contained in the directory, switch to the directory (in my case cd theHarvester ), then make a list ( ls ). You can see that I have some files that came from the original GitHub project. If you created your own directory instead of cloning one, so that you can build one from the beginning, then you will not show anything in the list until you add files to it.

  ls

COPY DISCOVERY TEST
Dockerfile lib theHarvester.py
LICENSES parse word lists
README.md requirements.txt
changelog.txt stash.py 

Step 2: Initiate a new archive (git init)

The command git init allows us to initiate a directory as a Git archive, which allows we can locate version control of our projects in development. You can use the same as created above, but I created a new project called "myProject" and threw some files in there. Anyway, switch to their directory ( cd myProject ) and initiate the directory to a local repo with:

  git init

Initialize even Git archive in /Users/smokeless/myProjects/.git/

When you initiate a directory, Git creates a .git folder that changes tracks to your project. Use given status to see the status of tracking. At the moment, Git will not track any files in my project folder because I have not added them to the tracking list yet. If you just created a new directory for your project, you cannot have any files, so it will not be able to track anything until there is something to trace.

  git status

On the branch master

Initial commit

Untracked files:
(use "git add  ..." to include in what will be committed)

hackThePlanet.py
readme.MD

nothing added to commit but uncontested files exist (use "git add" to track) 

If you just do it directly after cloning a repo and switch to their directory, your branch will be updated with the master repo so that you will not see any files listed individually as above.

Step 3: Add Files for Tracking (git add)

Now that I have an initialized folder, it is time to add the files for tracking. You can add any file currently in the project directory with a simple command:

  git add * 

Alternatively, you can add files one by one with git add filename . For example, if I just wanted Git track changes for my hackThePlanet.py file I would use:

  git add hackThePlanet.py 

Use given status again to make sure everything went okay . We can see that Git tracks both my files. When I make changes to the files, Git follows these changes. When I am satisfied with the code, I can make the changes (see the next step). Meanwhile, Git keeps track of what I work with.

  git status

On the branch master

Initial commit

Changes to be made:
(use "git rm - cached  ..." to unstage)

new file: hackThePlanet.py
new file: readme.MD 

The life cycle of a Git file begins by adding the file. It then tracks changes to that file until the file is gifted. Once the file is in progress, it returns to an unmodified state. A commitment essentially says that you are satisfied with the code in the file. The cycle then starts again in unmodified state.

Git life cycle. Image via Git

Step 4: Request the source code (git commit)

Once I am satisfied with the fact that my files are in, I will make the changes with the command below. git commit part tells Git that the changes to the files are ready to go. The flag -a tells Git to commit all current tracked files, while the -m flag is the message to include with these changes.

  git commit -a -m & # 39; changed some basic UI components "

[master (root-commit) 39f7557] changed some core UI components
2 files changed, 3 insertiions (+)
create the 100755 hackThePlanet.py mode
create the mode 10064 readme.MD 

Check your status again so you see everything is good.

  git status

On the branch master
nothing to commit, work directory clean 

You can also only use git commit alone, which should open the document in Vim or another text editor, where you can add your message directly to the file and review any changes that will be done.

Step 5: See what happens to your Repo (git-status)

Sometimes we leave projects for a long time, and other times it's just hard to keep track of what's happening. Fortunately, we can find out the status of the repository with the following code.

  git status 

I've used the command in all stages of my repository to show what Git is doing behind the scenes. The command shows me unsaved files, files that have been changed but have not been committed and my work branch.

Step 6: Add and test new features (git branch)

Industries allow you to add or test new features without making changes to the stable code base. For example, my hackThePlanet.py has been committed, and it is currently stable, but I want to add some new experimental features without breaking anything in the stable version. In that case, I would use the git branch command below and replace the file name with whatever you want.

  git branch experiment 

This creates a new branch of the project. Then I switch over to my "experimental" branch with:

  git checkout experimental

I could also have done so with the following command, which controls a new branch indicated by the -b flag.

  git checkout -b experimental [19659011] Now that I have a new file, I add to my experimental functions, get everything to work and make the changes to the branch. If I worked with a team it is possible that there are several branches of the stable version - a branch for new UI elements, another file with bug fixes and perhaps another branch where there is a new function. 

Recommended on Amazon: "Git: Learn Version Control with Git: One Step by Step Ultimate Beginners Guide" by Dennis Hutten

Step 7: Add these features or fix to the master (git merge) [19659009] Since everything went so well with our changes, it is time to merge my branches again. First, I check on the main branch with:

  git checkout master

Switched to branch "master" 

Next, I will merge my master with my experimental branch with the command:

  git merge experimental

Update 8e38f38..bd5f0c2
fast
hackThePlanet.py | 1 +
1 file changed, 1 insert (+) 

Now my main branch contains the new, no longer experimental code changes. I can always go back and check out the experimental branch and continue adding new features - or creating new branches.

And then you use Git for your scratches

This guide was a very basic intro to work with Git. There are many powerful features that I didn't cover here. I just touched what was necessary to work with your own local archives on your machine. Git can do so much more, especially when used with GitHub.

While some of you may never use these features, it is important to know that they are there. There are times in pen testing where you have to change a PoC (proof of concept) or get some code that works on your system. If you think you are doing this type of work, these basics help keep your workflow organized. As with most commands, is extremely well documented. Commands that git industry - help open man pages specific to the command. I suggest that you read through these.

Will we look at another toolbox that works with RVM, as well as completing our setup.

Next Up: How to set up Homebrew to install and update Open-Source Tools

Cover photo by Timur Arbaev / 123RF

Source link