قالب وردپرس درنا توس
Home / Tips and Tricks / How to Use Git to Clone, Compile & Refine Open-Source Hacking Tools «Zero Bytes :: WonderHowTo

How to Use Git to Clone, Compile & Refine Open-Source Hacking Tools «Zero Bytes :: WonderHowTo

With some of the groundwork going out of the way in a Mac set up for hacking, it's time to start looking at toolboxes. Git is currently the most widely used version control system (VCS) in the world, mainly due to GitHub.

Git is currently the most widely used version control system (VCS) in the world. Version control systems record changes to a file or set of files over time so that you can recall specific versions later.

Projects hosted on GitHub, or your own personal remote repositories, are fully mirrored when they are cloned. This means that when you pull back a repository, you get all the files contained in it, you can make changes and commit them back to your own fork of the project, clone different versions, or just clone and compile.

Many open-source projects rely on GitHub, even the Linux kernel. Lots of popular hacking tools so host their source on GitHub. If you do not have an account, you should create one.

Git works perfectly with macOS, and it works on Linux systems. "I'll be covering the bare basics in this article, just getting to the bottom of the page. By using Git, we want to be able to clone popular open-source hacking tools, compile them, and make even bug fixes!

If you do not already have Git, you can download and install the newest version. Also available in the Xcode Developer Tools, which is the latest Xcode software or just the Xcode Developer Tools with:

 xcode-select --install 

Step 1: Clone Some Source Code (git clone)

The git clone command is what we'll use to pull off GitHub. It's probably the most common command you'll use as a pentester unless you do so on the side.

 git clone https://github.com/laramies/theHarvester. [1965924] theHarvester

Cloning into 'theHarvester' ...
remote: Enumerating objects: 96, done.
remote: Counting objects: 100% (96/96), done.
remote: Compressing objects: 100% (50/50), done.
remote: Total 1927 (delta 51), reused 79 (delta 46), pack-reused 1831
Receiving objects: 100% (1927/1927), 3.30 MiB | 6.37 MiB / s, done.
Resolving deltas: 100% (1258/1258), done. 

There we have it. I have a copy of theHarvester for my own use. However, I am missing a required dependency – the Python requests library. Since we are dealing with the code when it comes from GitHub, it's common that dependencies will not be met.

In this case, I simply need to install pip and pull down the appropriate dependencies. [19659013RecommendedonAmazon: "Pro Git" by Scott Chacon & Ben Straub

cd theHarvester , then do a listing ( ls ). You can see I have a few files that came from the original GitHub project.

 ls. If you create your own directory instead of cloning one, then you can build one from scratch, you will not have anything to show up

COPYING discovery tests
Dockerfile lib theHarvester.py
LICENSES parsers wordlists
README.md requirements.txt
changelog.txt stash.py 

Step 2: Initialize a New Repository (git init)

The git init command allows us to initialize a directory as a git repository, allowing us local version control of our projects in development. You can create a new project called "myProject" and create a few files in there. Either way, change into its directory ( cd myProject ), and initialize the directory into a local repo with:

 git init

Initialize empty Git repository in /Users/smokeless/myProjects/.git/

When you initialize a directory, Git will create a .git folder which tracks changes to your project. Use git status to see the status of tracking. At the moment, Git does not track any of the files in my project folder because I have not added them to the tracking list yet. If you just created a new directory for your project, you may not have any files.

 git status

On branch master

Initial commit

Untracked files:
  (use "git add  ..." to include in what will be committed)


If you just do this right after cloning and repeating in your directory, your branch wants to be up to date with the master repo, so you

Step 3: Add Files for Tracking

Now that I have an initialized folder, it's time to add the files for tracking.

 git add * 

You can add one by one using git add filename . For instance, if i just wanted to make git track changes for my hackThePlanet.py file, I would use:

 git add hackThePlanet.py 

Use git status again to make sure everything went okay , We can see that Git is tracking both my files. When I make changes to the files, Git tracks those changes. When I'm happy with the code, I can commit the changes. In the meantime, Git keeps track of what I'm working on.

 git status

On branch master

Initial commit

Changes to be committed:
  (use "git rm --cached  ..." to unstage)

        new file: hackThePlanet.py
        new file: readme.MD 

The lifecycle of a file starts with the addition of the file. It then tracks changes to that file until the file is committed. Once the file has been committed, it returns to an unmodified state. A commit is essentially saying you are happy with code in the file. The cycle then starts again at the unmodified state.

The Git lifecycle. Image via Git

Step 4: Commit the Source Code (git commit)

Once I'm satisfied with the state of my files are in. I want to commit the changes using the command below. The git commit Part is telling Git that the modifications are ready to go. The -a flag git to commit all currently tracked files, while the -m flag is the message to include with these changes.

 git commit -a -m 'changed some core UI components'

[master (root-commit) 39f7557] changed some core UI components
 2 files changed, 3 insertions (+)
 create mode 100755 hackThePlanet.py
 create mode 10064 readme.MD 

Check your status again, and you'll see everything is good.

 git status

On branch master
nothing to commit, working directory clean 

You can just use git commit alone, which should open the document in Vim or another text editor, in which you can add your message directly to the file and

Step 5: See What's Up with Your Repo

Sometimes we leave projects for a long time, and other times it's just difficult to keep track of what's happening. Luckily,

 git status 

I've been using the command in all stages of my repository to show what Git is doing behind the scenes.

Step 6: Add & Test New Features

Branches allow you to add or test new features without making changes to the stable code base. For example, my hackThePlanet.py has been committed, and it's currently stable, but I want to add some new experimental features without breaking anything in the stable version. In this case, I would use the git branch command below, which is the branch you want to use.

 git branch experimental 

This is a new branch of the project. Next, I switch over to my "experimental" branch with:

 git checkout experimental

Switched to branch 'experimental' 

gib checkout -b experimental

 git checkout -b experimental [1965919] I could've done this with the following command, which checks out a new branch that is specified with  -b  flag. 19659011] Now that I have a new branch, I'll add to my experimental features, get everything working, and commit the changes to the branch. If there were some new branches in the stable version - one branch for new UI elements, another branch with bug fixes, and maybe another branch. 

Recommended for Amazon: "Git: Learn Version Control with Git: A Step-by-Step Ultimate Beginners Guide" by Dennis Hutten

Step 7: Add Those Features or Fixed to the Master (git merge)

Since everything went so well with our changes, it's time to merge my branches back together. First, I check out the master branch using:

 git checkout master

Switched to branch 'master' 

Next, I want to merge my master with my experimental branch using the command:

 git merge experimental

Updating 8e38f38..bd5f0c2
 hackThePlanet.py | 1 +
 1 file changed, 1 insertion (+) 

Now my master branch contains the new, no longer experimental code changes.

And That's How You Use Git for Your Repos

This is a very basic intro to working with Git. There are many powerful features that I did not cover here. I only touched on what is necessary to work with your own local repositories on your machine. Git is capable of so much more, especially when used in conjunction with GitHub.

While some may not use these features, they are there. There are times in pen-testing where you want to modify a PoC (proof of concept) or get a piece of code working on your system , As with most commands, git is documented extremely well. Commands like git branch --help wants to open man pages specific to the command.

Coming up, we'll be looking at another toolbox working with RVM, as well as finalizing our setup.

Next Up: How to Set Homebrew to Install & Update Open -Source Tools

Cover photo by Timur Arbaev / 123RF

Source link