Description
Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and attack module to use, along with specifying valid credentials (username/password or API key) to the respective SCM system. Currently, the SCM systems that SCMKit supports are GitHub Enterprise, GitLab Enterprise and Bitbucket Server. The attack modules supported include reconnaissance, privilege escalation and persistence. SCMKit was built in a modular approach, so that new modules and SCM systems can be added in the future by the information security community.Release
- Version 1.2 of SCMKit can be found in Releases
Table of Contents
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
You must be registered for see links
-
-
You must be registered for see links
-
You must be registered for see links
Installation/Building
Libraries Used
The below 3rd party libraries are used in this project.| Library | URL | License |
|---|---|---|
| Octokit |
You must be registered for see links
| MIT License |
| Fody |
You must be registered for see links
| MIT License |
| GitLabApiClient |
You must be registered for see links
| MIT License |
| Newtonsoft.Json |
You must be registered for see links
| MIT License |
Pre-Compiled
- Use the pre-compiled binary in Releases
Building Yourself
Take the below steps to setup Visual Studio in order to compile the project yourself. This requires a .NET library that can be installed from the NuGet package manager.- Load the Visual Studio project up and go to “Tools” → “NuGet Package Manager” → “Package Manager Settings”
- Go to “NuGet Package Manager” → “Package Sources”
- Add a package source with the URL
You must be registered for see links
- Install the below NuGet packages
- Install-Package Costura.Fody -Version 3.3.3
- Install-Package Octokit
- Install-Package GitLabApiClient
- Install-Package Newtonsoft.Json
- You can now build the project yourself!
Usage
Arguments/Options
- -c, -credential - credential for authentication (username
assword or apiKey) - -s, -system - system to attack (github,gitlab,bitbucket)
- -u, -url - URL for GitHub Enterprise, GitLab Enterprise or Bitbucket Server
- -m, -module - module to run
- -o, -option - options (when applicable)
Systems (-s, -system)
- github: GitHub Enterprise
- gitlab: GitLab Enterprise
- bitbucket: Bitbucket Server
Modules (-m, -module)
- listrepo: list all repos the current user can see
- searchrepo: search for a given repo
- searchcode: search for code containing keyword search term
- searchfile: search for filename containing keyword search term
- listsnippet: list all snippets of current user
- listrunner: list all GitLab runners available to current user
- listgist: list all gists of current user
- listorg: list all orgs current user belongs to
- privs: get privs of current API token
- addadmin: promote given user to admin role
- removeadmin: demote given user from admin role
- createpat: create personal access token for target user
- listpat: list personal access tokens for a target user
- removepat: remove personal access token for a target user
- createsshkey: create SSH key for current user
- listsshkey: list SSH keys for current user
- removesshkey: remove SSH key for current user
- adminstats: get admin stats (users, repos, orgs, gists)
- protection: get branch protection settings
Module Details Table
The below table shows where each module is supported| Attack Scenario | Module | Requires Admin? | GitHub Enterprise | GitLab Enterprise | Bitbucket Server |
|---|---|---|---|---|---|
| Reconnaissance | listrepo | No | X | X | X |
| Reconnaissance | searchrepo | No | X | X | X |
| Reconnaissance | searchcode | No | X | X | X |
| Reconnaissance | searchfile | No | X | X | X |
| Reconnaissance | listsnippet | No | X | ||
| Reconnaissance | listrunner | No | X | ||
| Reconnaissance | listgist | No | X | ||
| Reconnaissance | listorg | No | X | ||
| Reconnaissance | privs | No | X | X | |
| Reconnaissance | protection | No | X | ||
| Persistence | listsshkey | No | X | X | X |
| Persistence | removesshkey | No | X | X | X |
| Persistence | createsshkey | No | X | X | X |
| Persistence | listpat | No | X | X | |
| Persistence | removepat | No | X | X | |
| Persistence | createpat | Yes (GitLab Enterprise only) | X | X | |
| Privilege Escalation | addadmin | Yes | X | X | X |
| Privilege Escalation | removeadmin | Yes | X | X | X |
| Reconnaissance | adminstats | Yes | X |
Examples
List Repos
Use Case
Syntax
Provide the listrepo module, along with any relevant authentication information and URL. This will output the repository name and URL.GitHub Enterprise
This will list all repositories that a user can see.SCMKit.exe -s github -m listrepo -c userName
assword -u
You must be registered for see links
SCMKit.exe -s github -m listrepo -c apiKey -u
You must be registered for see links
GitLab Enterprise
This will list all repositories that a user can see.SCMKit.exe -s gitlab -m listrepo -c userName
assword -u
You must be registered for see links
SCMKit.exe -s gitlab -m listrepo -c apiKey -u
You must be registered for see links
Bitbucket Server
This will list all repositories that a user can see.SCMKit.exe -s bitbucket -m listrepo -c userName
assword -u
You must be registered for see links
SCMKit.exe -s bitbucket -m listrepo -c apiKey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s gitlab -m listrepo -c usernameassword -u
You must be registered for see links
==================================================
Module: listrepo
System: gitlab
Auth Type: Username/Password
Options:
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 8:30:47 PM
==================================================
Name | Visibility | URL
----------------------------------------------------------------------------------------------------------
MaraudersMap | Private |
You must be registered for see links
testingStuff | Internal |
You must be registered for see links
Spellbook | Internal |
You must be registered for see links
findShortestPathToGryffindorSword | Internal |
You must be registered for see links
charms | Public |
You must be registered for see links
Secret-Spells | Internal |
You must be registered for see links
Monitoring | Internal |
You must be registered for see links
Search Repos
Use Case
Syntax
Provide the searchrepo module and your search criteria in the -o command-line switch, along with any relevant authentication information and URL. This will output the matching repository name and URL.GitHub Enterprise
The GitHub repo search is a “contains” search where the string you enter it will search for repos with names that contain your search term.SCMKit.exe -s github -m searchrepo -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s github -m searchrepo -c apikey -u
You must be registered for see links
-o "some search term"GitLab Enterprise
The GitLab repo search is a “contains” search where the string you enter it will search for repos with names that contain your search term.SCMKit.exe -s gitlab -m searchrepo -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s gitlab -m searchrepo -c apikey -u
You must be registered for see links
-o "some search term"Bitbucket Server
The Bitbucket repo search is a “starts with” search where the string you enter it will search for repos with names that start with your search term.SCMKit.exe -s bitbucket -m searchrepo -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s bitbucket -m searchrepo -c apikey -u
You must be registered for see links
-o "some search term"Example Output
C:\>SCMKit.exe -s gitlab -m searchrepo -c apiKey -u
You must be registered for see links
-o "spell"==================================================
Module: searchrepo
System: gitlab
Auth Type: API Key
Options: spell
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 8:32:30 PM
==================================================
Name | Visibility | URL
----------------------------------------------------------------------------------------------------------
Spellbook | Internal |
You must be registered for see links
Secret-Spells | Internal |
You must be registered for see links
Search Code
Use Case
Syntax
Provide the searchcode module and your search criteria in the -o command-line switch, along with any relevant authentication information and URL. This will output the URL to the matching code file, along with the line in the code that matched.GitHub Enterprise
The GitHub code search is a “contains” search where the string you enter it will search for code that contains your search term in any line.SCMKit.exe -s github -m searchcode -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s github -m searchcode -c apikey -u
You must be registered for see links
-o "some search term"GitLab Enterprise
The GitLab code search is a “contains” search where the string you enter it will search for code that contains your search term in any line.SCMKit.exe -s gitlab -m searchcode -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s gitlab -m searchcode -c apikey -u
You must be registered for see links
-o "some search term"Bitbucket Server
The Bitbucket code search is a “contains” search where the string you enter it will search for code that contains your search term in any line.SCMKit.exe -s bitbucket -m searchcode -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s bitbucket -m searchcode -c apikey -u
You must be registered for see links
-o "some search term"Example Output
C:\>SCMKit.exe -s gitlab -m searchcode -c usernameassword -u
You must be registered for see links
-o "api_key"==================================================
Module: searchcode
System: gitlab
Auth Type: Username/Password
Options: api_key
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 8:34:14 PM
==================================================
[>] URL:
You must be registered for see links
|_ API_KEY=abc123
Total number of items matching code search: 1
Search Files
Use Case
Syntax
Provide the searchfile module and your search criteria in the -o command-line switch, along with any relevant authentication information and URL. This will output the URL to the matching file in its respective repository.GitHub Enterprise
The GitLab file search is a “contains” search where the string you enter it will search for files that contains your search term in the file name.SCMKit.exe -s github -m searchfile -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s github -m searchfile -c apikey -u
You must be registered for see links
-o "some search term"GitLab Enterprise
The GitLab file search is a “contains” search where the string you enter it will search for files that contains your search term in the file name.SCMKit.exe -s gitlab -m searchfile -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s gitlab -m searchfile -c apikey -u
You must be registered for see links
-o "some search term"Bitbucket Server
The Bitbucket file search is a “contains” search where the string you enter it will search for files that contains your search term in the file name.SCMKit.exe -s bitbucket -m searchfile -c userName
assword -u
You must be registered for see links
-o "some search term"SCMKit.exe -s bitbucket -m searchfile -c apikey -u
You must be registered for see links
-o "some search term"Example Output
C:\source\SCMKit\SCMKit\bin\Release>SCMKit.exe -s bitbucket -m searchfile -c apikey -u
You must be registered for see links
-o jenkinsfile==================================================
Module: searchfile
System: bitbucket
Auth Type: API Key
Options: jenkinsfile
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 10:17:59 PM
==================================================
[>] REPO:
You must be registered for see links
[>] FILE: Jenkinsfile
[>] REPO:
You must be registered for see links
[>] FILE: subDir/Jenkinsfile
Total matching results: 2
List Snippets
Use Case
Syntax
Provide the listsnippet module, along with any relevant authentication information and URL.GitLab Enterprise
SCMKit.exe -s gitlab -m listsnippet -c userNameassword -u
You must be registered for see links
SCMKit.exe -s gitlab -m listsnippet -c apikey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s gitlab -m listsnippet -c usernameassword -u
You must be registered for see links
==================================================
Module: listsnippet
System: gitlab
Auth Type: Username/Password
Options:
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:17:36 PM
==================================================
Title | Raw URL
---------------------------------------------------------------------------------------------
spell-script |
You must be registered for see links
List Runners
Use Case
Syntax
Provide the listrunner module, along with any relevant authentication information and URL. If the user is an administrator, you will be able to list all runners within the GitLab Enterprise instance, which includes shared and group runners.GitLab Enterprise
SCMKit.exe -s gitlab -m listrunner -c userNameassword -u
You must be registered for see links
SCMKit.exe -s gitlab -m listrunner -c apikey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s gitlab -m listrunner -c usernameassword -u
You must be registered for see links
==================================================
Module: listrunner
System: gitlab
Auth Type: Username/Password
Options:
Target URL:
You must be registered for see links
Timestamp: 1/25/2022 11:40:08 AM
==================================================
ID | Name | Repo Assigned
---------------------------------------------------------------------------------
2 | gitlab-runner |
You must be registered for see links
3 | gitlab-runner |
You must be registered for see links
List Gists
Use Case
Syntax
Provide the listgist module, along with any relevant authentication information and URL.GitHub Enterprise
SCMKit.exe -s github -m listgist -c userNameassword -u
You must be registered for see links
SCMKit.exe -s github -m listgist -c apikey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s github -m listgist -c usernameassword -u
You must be registered for see links
==================================================
Module: listgist
System: github
Auth Type: Username/Password
Options:
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:43:23 PM
==================================================
Description | Visibility | URL
----------------------------------------------------------------------------------------------------------
Shell Script to Decode Spell | public |
You must be registered for see links
List Orgs
Use Case
Syntax
Provide the listorg module, along with any relevant authentication information and URL.GitHub Enterprise
SCMKit.exe -s github -m listorg -c userNameassword -u
You must be registered for see links
SCMKit.exe -s github -m listorg -c apiKey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s github -m listorg -c usernameassword -u
You must be registered for see links
==================================================
Module: listorg
System: github
Auth Type: Username/Password
Options:
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:44:48 PM
==================================================
Name | URL
-----------------------------------------------------------------------------------
Hogwarts |
You must be registered for see links
Get Privileges of API Token
Use Case
Syntax
Provide the privs module, along with an API key and URL.GitHub Enterprise
SCMKit.exe -s github -m privs -c apiKey -u
You must be registered for see links
GitLab Enterprise
SCMKit.exe -s gitlab -m privs -c apiKey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s gitlab -m privs -c apikey -u
You must be registered for see links
==================================================
Module: privs
System: gitlab
Auth Type: API Key
Options:
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:18:27 PM
==================================================
Token Name | Active? | Privilege | Description
---------------------------------------------------------------------------------------------------------------------------------
hgranger-api-token | True | api | Read-write for the complete API, including all groups and projects, the Container Registry, and the Package Registry.
hgranger-api-token | True | read_user | Read-only for endpoints under /users. Essentially, access to any of the GET requests in the Users API.
hgranger-api-token | True | read_api | Read-only for the complete API, including all groups and projects, the Container Registry, and the Package Registry.
hgranger-api-token | True | read_repository | Read-only (pull) for the repository through git clone.
hgranger-api-token | True | write_repository | Read-write (pull, push) for the repository through git clone. Required for accessing Git repositories over HTTP when 2FA is enabled.
Add Admin
Use Case
Syntax
Provide the addadmin module, along with any relevant authentication information and URL. Additionally, provide the target user you would like to add an administrative role to.GitHub Enterprise
SCMKit.exe -s github -m addadmin -c userNameassword -u
You must be registered for see links
-o targetUserNameSCMKit.exe -s github -m addadmin -c apikey -u
You must be registered for see links
-o targetUserNameGitLab Enterprise
SCMKit.exe -s gitlab -m addadmin -c userNameassword -u
You must be registered for see links
-o targetUserNameSCMKit.exe -s gitlab -m addadmin -c apikey -u
You must be registered for see links
-o targetUserNameBitbucket Server
Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket.SCMKit.exe -s bitbucket -m addadmin -c userName
assword -u
You must be registered for see links
-o targetUserNameExample Output
C:\>SCMKit.exe -s gitlab -m addadmin -c apikey -u
You must be registered for see links
-o hgranger==================================================
Module: addadmin
System: gitlab
Auth Type: API Key
Options: hgranger
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:19:32 PM
==================================================
[+] SUCCESS: The hgranger user was successfully added to the admin role.
Remove Admin
Use Case
Syntax
Provide the removeadmin module, along with any relevant authentication information and URL. Additionally, provide the target user you would like to remove an administrative role from.GitHub Enterprise
SCMKit.exe -s github -m removeadmin -c userNameassword -u
You must be registered for see links
-o targetUserNameSCMKit.exe -s github -m removeadmin -c apikey -u
You must be registered for see links
-o targetUserNameGitLab Enterprise
SCMKit.exe -s gitlab -m removeadmin -c userNameassword -u
You must be registered for see links
-o targetUserNameSCMKit.exe -s gitlab -m removeadmin -c apikey -u
You must be registered for see links
-o targetUserNameBitbucket Server
Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket.SCMKit.exe -s bitbucket -m removeadmin -c userName
assword -u
You must be registered for see links
-o targetUserNameExample Output
C:\>SCMKit.exe -s gitlab -m removeadmin -c usernameassword -u
You must be registered for see links
-o hgranger==================================================
Module: removeadmin
System: gitlab
Auth Type: Username/Password
Options: hgranger
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:20:12 PM
==================================================
[+] SUCCESS: The hgranger user was successfully removed from the admin role.
Create Access Token
Use Case
Syntax
Provide the createpat module, along with any relevant authentication information and URL. Additionally, provide the target user you would like to create an access token for.GitLab Enterprise
This can only be performed as an administrator. You will provide the username that you would like to create a PAT for.SCMKit.exe -s gitlab -m createpat -c userName
assword -u
You must be registered for see links
-o targetUserNameSCMKit.exe -s gitlab -m createpat -c apikey -u
You must be registered for see links
-o targetUserNameBitbucket Server
Creates PAT for the current user authenticating as. In Bitbucket you cannot create a PAT for another user, even as an admin. Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket. Take note of the PAT ID that is shown after being created. You will need this when you need to remove the PAT in the future.SCMKit.exe -s bitbucket -m createpat -c userName
assword -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s gitlab -m createpat -c usernameassword -u
You must be registered for see links
-o hgranger==================================================
Module: createpat
System: gitlab
Auth Type: Username/Password
Options: hgranger
Target URL:
You must be registered for see links
Timestamp: 1/20/2022 1:51:23 PM
==================================================
ID | Name | Token
-----------------------------------------------------
59 | SCMKIT-AaCND | R3ySx_8HUn6UQ_6onETx
[+] SUCCESS: The hgranger user personal access token was successfully added.
List Access Tokens
Use Case
Syntax
Provide the listpat module, along with any relevant authentication information and URL.GitLab Enterprise
Only requires admin if you want to list another user’s PAT’s. A regular user can list their own PAT’s.SCMKit.exe -s gitlab -m listpat -c userName
assword -u
You must be registered for see links
-o targetUserSCMKit.exe -s gitlab -m listpat -c apikey -u
You must be registered for see links
-o targetUserBitbucket Server
List access tokens for current user. Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket.SCMKit.exe -s bitbucket -m listpat -c userName
assword -u
You must be registered for see links
List access tokens for another user (requires admin). Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket.
SCMKit.exe -s bitbucket -m listpat -c userName
assword -u
You must be registered for see links
-o targetUserExample Output
C:\>SCMKit.exe -s gitlab -m listpat -c usernameassword -u
You must be registered for see links
-o hgranger==================================================
Module: listpat
System: gitlab
Auth Type: Username/Password
Options: hgranger
Target URL:
You must be registered for see links
Timestamp: 1/20/2022 1:54:41 PM
==================================================
ID | Name | Active? | Scopes
----------------------------------------------------------------------------------------------
59 | SCMKIT-AaCND | True | api, read_repository, write_repository
Remove Access Token
Use Case
Syntax
Provide the removepat module, along with any relevant authentication information and URL. Additionally, provide the target user PAT ID you would like to remove an access token for.GitLab Enterprise
Only requires admin if you want to remove another user’s PAT. A regular user can remove their own PAT. You have to provide the PAT ID to remove. This ID was shown whenever you created the PAT and also when you listed the PAT.SCMKit.exe -s gitlab -m removepat -c userName
assword -u
You must be registered for see links
-o patIDSCMKit.exe -s gitlab -m removepat -c apikey -u
You must be registered for see links
-o patIDBitbucket Server
Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket. You have to provide the PAT ID to remove. This ID was shown whenever you created the PAT.SCMKit.exe -s bitbucket -m removepat -c userName
assword -u
You must be registered for see links
-o patIDExample Output
C:\>SCMKit.exe -s gitlab -m removepat -c apikey -u
You must be registered for see links
-o 58==================================================
Module: removepat
System: gitlab
Auth Type: API Key
Options: 59
Target URL:
You must be registered for see links
Timestamp: 1/20/2022 1:56:47 PM
==================================================
[*] INFO: Revoking personal access token of ID: 59
[+] SUCCESS: The personal access token of ID 59 was successfully revoked.
Create SSH Key
Use Case
Syntax
Provide the createsshkey module, along with any relevant authentication information and URL.GitHub Enterprise
Creates SSH key for the current user authenticating as.SCMKit.exe -s github -m createsshkey -c userName
assword -u
You must be registered for see links
-o "ssh public key"SCMKit.exe -s github -m createsshkey -c apiToken -u
You must be registered for see links
-o "ssh public key"GitLab Enterprise
Creates SSH key for the current user authenticating as. Take note of the SSH key ID that is shown after being created. You will need this when you need to remove the SSH key in the future.SCMKit.exe -s gitlab -m createsshkey -c userName
assword -u
You must be registered for see links
-o "ssh public key"SCMKit.exe -s gitlab -m createsshkey -c apiToken -u
You must be registered for see links
-o "ssh public key"Bitbucket Server
Creates SSH key for the current user authenticating as. Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket. Take note of the SSH key ID that is shown after being created. You will need this when you need to remove the SSH key in the future.SCMKit.exe -s bitbucket -m createsshkey -c userName
assword -u
You must be registered for see links
-o "ssh public key"Example Output
C:\>SCMKit.exe -s bitbucket -m createsshkey -c usernameassword -u
You must be registered for see links
-o "ssh-rsa..."==================================================
Module: createsshkey
System: bitbucket
Auth Type: Username/Password
Options: ssh-rsa ...
Target URL:
You must be registered for see links
Timestamp: 2/7/2022 1:02:31 PM
==================================================
SSH Key ID
------------
16
[+] SUCCESS: The hpotter user SSH key was successfully added.
List SSH Keys
Use Case
Syntax
Provide the listsshkey module, along with any relevant authentication information and URL.GitHub Enterprise
List SSH keys for current user. This will include SSH key ID’s, which is needed when you would want to remove an SSH key.SCMKit.exe -s github -m listsshkey -c userName
assword -u
You must be registered for see links
SCMKit.exe -s github -m listsshkey -c apiToken -u
You must be registered for see links
GitLab Enterprise
List SSH keys for current user.SCMKit.exe -s gitlab -m listsshkey -c userName
assword -u
You must be registered for see links
SCMKit.exe -s gitlab -m listsshkey -c apiToken -u
You must be registered for see links
Bitbucket Server
List SSH keys for current user. Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket.SCMKit.exe -s bitbucket -m listsshkey -c userName
assword -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s gitlab -m listsshkey -u
You must be registered for see links
-c apiToken==================================================
Module: listsshkey
System: gitlab
Auth Type: API Key
Options:
Target URL:
You must be registered for see links
Timestamp: 2/7/2022 4:09:40 PM
==================================================
SSH Key ID | SSH Key Value | Title
---------------------------------------------------------------
9 | .....p50edigBAF4lipVZkAM= | SCMKIT-RLzie
10 | .....vGJLPGHiTwIxW9i+xAs= | SCMKIT-muFGU
Remove SSH Key
Use Case
Syntax
Provide the removesshkey module, along with any relevant authentication information and URL. Additionally, provide the target user SSH key ID to remove.GitHub Enterprise
You have to provide the SSH key ID to remove. This ID was shown whenever you list SSH keys.SCMKit.exe -s github -m removesshkey -c userName
assword -u
You must be registered for see links
-o sshKeyIDSCMKit.exe -s github -m removesshkey -c apiToken -u
You must be registered for see links
-o sshKeyIDGitLab Enterprise
You have to provide the SSH key ID to remove. This ID was shown whenever you created the SSH key and is also shown when listing SSH keys.SCMKit.exe -s gitlab -m removesshkey -c userName
assword -u
You must be registered for see links
-o sshKeyIDSCMKit.exe -s gitlab -m removesshkey -c apiToken -u
You must be registered for see links
-o sshKeyIDBitbucket Server
Only username/password auth is supported to perform actions not related to repos or projects in Bitbucket. You have to provide the SSH key ID to remove. This ID was shown whenever you created the SSH key and is also shown when listing SSH keys.SCMKit.exe -s bitbucket -m removesshkey -c userName
assword -u
You must be registered for see links
-o sshKeyIDExample Output
C:\>SCMKit.exe -s bitbucket -m removesshkey -u
You must be registered for see links
-c usernameassword -o 16==================================================
Module: removesshkey
System: bitbucket
Auth Type: Username/Password
Options: 16
Target URL:
You must be registered for see links
Timestamp: 2/7/2022 1:48:03 PM
==================================================
[+] SUCCESS: The SSH key of ID 16 was successfully revoked.
List Admin Stats
Use Case
Syntax
Provide the adminstats module, along with any relevant authentication information and URL. Site admin access in GitHub Enterprise is required to use this moduleGitHub Enterprise
SCMKit.exe -s github -m adminstats -c userNameassword -u
You must be registered for see links
SCMKit.exe -s github -m adminstats -c apikey -u
You must be registered for see links
Example Output
C:\>SCMKit.exe -s github -m adminstats -c usernameassword -u
You must be registered for see links
==================================================
Module: adminstats
System: github
Auth Type: Username/Password
Options:
Target URL:
You must be registered for see links
Timestamp: 1/14/2022 9:45:50 PM
==================================================
Admin Users | Suspended Users | Total Users
------------------------------------------------------
1 | 0 | 5
Total Repos | Total Wikis
-----------------------------------
4 | 0
Total Orgs | Total Team Members | Total Teams
----------------------------------------------------------
1 | 0 | 0
Private Gists | Public Gists
-----------------------------------
0 | 1
List Branch Protection
Use Case
Syntax
Provide the protection module, along with any relevant authentication information and URL. Optionally, supply a string in the options parameter to return matching results contained in repo namesGitHub Enterprise
SCMKit.exe -s github -m protection -c userNameassword -u
You must be registered for see links
SCMKit.exe -s github -m protection -c apikey -u
You must be registered for see links
SCMKit.exe -s github -m protection -c apikey -u
You must be registered for see links
-o reponameExample Output
C:\>.\SCMKit.exe -u
You must be registered for see links
-s github -c apiToken -m protection -o public-r==================================================
Module: protection
System: github
Auth Type: API Key
Options: public-r
Target URL:
You must be registered for see links
Timestamp: 8/29/2022 2:02:42 PM
==================================================
Repo | Branch | Protection
----------------------------------------------------------------------------------------------------------
public-repo | dev | Protected: True
Status checks must pass before merge:
Branch must be up-to-date before merge: True
Owner review required before merge: True
Approvals required before merge: 2
Protections apply to repo admins: True
public-repo | main | Protected: False
Detection
Below are static signatures for the specific usage of this tool in its default state:- Project GUID - {266C644A-69B1-426B-A47C-1CF32B211F80}
- See
You must be registered for see linksin this repo.
- See
- User Agent String - SCMKIT-5dc493ada400c79dd318abbe770dac7c
- See
You must be registered for see linksin this repo.
- See
- Access Token & SSH Key Names - Access tokens and SSH keys that are created using the tool are prepended with SCMKIT- for the name.
You must be registered for see links
.References
- Bitbucket API Documentation
-
You must be registered for see links
-
- Octokit Documentation
-
You must be registered for see links
-
You must be registered for see links
-
- GitHub API Documentation
-
You must be registered for see links
-
- GitLab API Documentation
-
You must be registered for see links
-
- GitLabApiClient Nuget Package Documentation
-
You must be registered for see links
-
GitHub:
You must be registered for see images
You must be registered for see links
