-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.js
354 lines (289 loc) · 13.3 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
//Dependencies
const Recursive_Readdir = require("recursive-readdir")
const I2rys = require("./utils/i2rys")
const Request = require("request")
const Delay = require("delay")
const Chalk = require("chalk")
const Path = require("path")
const Fs = require("fs")
//Variables
const Configs = Fs.readdirSync("./configs", "utf8")
const Self_Args = process.argv.slice(2)
var GitSpy_Data = {}
GitSpy_Data.self = ""
GitSpy_Data.self_extra = ""
GitSpy_Data.closing = false
//Function
function close(){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "It looks like the scanning is finished/You decided to exit GitSpy.")
I2rys.log("yellowish", "WARN", "GitSpy Debugger:", "Stopping GitSpy process.")
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Checking if there are any information that have been gathered.")
if(GitSpy_Data.self.length == 0){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "It looks like there are no information that is gathered.")
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Exiting...")
process.exit()
}else{
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "It looks like there are some information that is gathered.")
const results_file_name = `${Self_Args[0]}_${Math.floor(Math.random() * 9999999999)}`
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Saving the results before exiting, please wait.")
Fs.writeFileSync(`./results/${results_file_name}.txt`, GitSpy_Data.self, "utf8")
if(GitSpy_Data.self_extra.length != 0){
Fs.writeFileSync(`./results/${results_file_name}_extra.txt`, GitSpy_Data.self_extra, "utf8")
}else{
Fs.writeFileSync(`./results/${results_file_name}_extra.txt`, "Empty.", "utf8")
}
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `results have been saved to ./results/${results_file_name}.txt`)
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Exiting...")
process.exit()
}
}
function walk(dir, done) { //Not mine :)
var results = [];
Fs.readdir(dir, function(err, list) {
if (err) return done(err);
var pending = list.length;
if (!pending) return done(null, results);
list.forEach(function(file) {
file = Path.resolve(dir, file);
Fs.stat(file, function(err, stat) {
if (stat && stat.isDirectory()) {
walk(file, function(err, res) {
results = results.concat(res);
if (!--pending) done(null, results);
});
} else {
results.push(file);
if (!--pending) done(null, results);
}
});
});
});
};
function get_user_information(body){
Request(`https://api.github.com/users/${Self_Args[0]}/events`, {
headers: {
"User-Agent": "Mozilla/5.0 (Windows NT 5.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2952.5 Safari/537.36"
}
}, function(err, res, body2){
if(err){
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "It looks like Github API is down.")
GitSpy_Data.closing = true
close()
return
}
const temp_emails = body2.match(/[a-zA-Z0-9_.+-]+@[a-zA-Z0-9.-]+/g)
var emails = []
GitSpy_Data.self = "==========+========== Github user information ==========+=========="
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Getting the Github user url.")
GitSpy_Data.self += `\nGithub Url: ${body.items[0].html_url}`
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Getting the Github user name.")
GitSpy_Data.self += `\nName: ${Self_Args[0]}`
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Getting the Github user id.")
GitSpy_Data.self += `\nID: ${body.items[0].id}`
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Getting the Github user avatar.")
GitSpy_Data.self += `\nAvatar: ${body.items[0].avatar_url}`
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Getting the Github user email addresses.")
if(temp_emails != ""){
for( i in temp_emails ){
if(emails.indexOf(temp_emails[i]) == -1){
emails.push(temp_emails[i])
}
}
GitSpy_Data.self += `\nEmail addresses: ${emails}`
}
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Checking if the Github user is an admin.")
GitSpy_Data.self += `\nIs user Github admin: ${body.items[0].site_admin}`
get_user_followers()
})
}
function get_user_followers(){
var followers = ""
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Getting the Github user followers.")
Request(`https://api.github.com/users/${Self_Args[0]}/followers`, {
headers: {
"User-Agent": "Mozilla/5.0 (Windows NT 5.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2952.5 Safari/537.36"
}
}, function(err, res, body){
if(err){
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "It looks like Github API is down.")
GitSpy_Data.closing = true
close()
return
}
body = JSON.parse(body)
if(body.length == 0){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "It looks like the Github user doesn't have any followers, sad.")
download_user_repositories()
return
}else{
for( i in body ){
if(followers.length == 0){
followers = body[i].login
}else{
followers += `, ${body[i].login}`
}
}
GitSpy_Data.self += `\nFollowers: ${followers}`
GitSpy_Data.closing = true
download_user_repositories()
}
})
}
function download_user_repositories(){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Will download the Github user repositories for further checking, this might take a while.")
Request(`https://api.github.com/users/${Self_Args[0]}/repos`, {
headers: {
"User-Agent": "Mozilla/5.0 (Windows NT 5.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2952.5 Safari/537.36"
}
}, function(err, res, body){
if(err){
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "It looks like Github API is down.")
GitSpy_Data.closing = true
close()
return
}
body = JSON.parse(body)
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Checking if the Github user have repositories.")
if(body.length == 0){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "It looks like the Github user doesn't have any repositories")
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Finished.")
GitSpy_Data.closing = true
close()
return
}else{
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `It looks like the Github user have ${body.length} repositories.`)
var max_repository = 0
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Downloading has started.")
Loop()
async function Loop(){
await Delay(100)
if(max_repository == body.length){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Downloading is finished")
I2rys.log("yellowish", "WARN", "GitSpy Debugger:", "Please wait 5 seconds to avoid unloaded packages not getting scanned.")
await Delay(5000)
repositories_checking()
return
}
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `Downloading repository ${body[max_repository].html_url}`)
require("child_process").exec(`cd temp && git clone ${body[max_repository].html_url}.git`, function(err, stdout, stderr){
if(err){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `Unable to download repository ${body[max_repository].html_url}`)
max_repository += 1
Loop()
return
}
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `Repository ${body[max_repository].html_url} successfully downloaded`)
max_repository += 1
Loop()
return
})
}
}
})
}
function repositories_checking(){
var files = []
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Scanning download repositories files.")
walk("./temp", function(err, temp_files){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `${temp_files.length} files found.`)
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Purging useless files on the list, please wait.")
for( i in temp_files ){
if(temp_files[i].indexOf(".git") == -1){
files.push(temp_files[i])
}
}
var file_index = 0
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Purging is done")
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `Now ${files.length} files left & not useless.`)
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `${Configs.length} configs found.`)
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Files leaks scanning has started.")
Loop()
async function Loop(){
await Delay(100)
if(file_index == files.length){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Github user repositories scanning is finished.")
GitSpy_Data.closing = true
close()
return
}
const file_data = Fs.readFileSync(files[file_index], "utf8")
const file_path = files[file_index].slice(files[file_index].indexOf("GitSpy"), files[file_index].length)
for( i in Configs ){
const config = require(`./configs/${Configs[i]}`)
const config_regex = new RegExp(config.regex, config.regex_extra)
const config_regex_results = file_data.match(config_regex)
if(Self_Args[1] == "true"){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `[${file_path}] ${config.description}`)
}
if(config_regex_results != [] && config_regex_results != "" && config_regex_results != null){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `[${file_path}] ${config.found}${config_regex_results}`)
if(GitSpy_Data.self_extra.length == 0){
GitSpy_Data.self_extra = `[${file_path}] ${config.found}${config_regex_results}`
}else{
GitSpy_Data.self_extra += `\n[${file_path}] ${config.found}${config_regex_results}`
}
}else{
if(Self_Args[1] == "true"){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", `[${file_path}] ${config.no_found}`)
}
}
}
file_index += 1
Loop()
return
}
})
}
//Main
if(Self_Args.length == 0){
console.log(`node index.js <github_username> <aggressive_logging>
Example: node index.js I2rys false`)
process.exit()
}
if(Self_Args[0] == ""){
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "It looks like the Github user you specified is invalid.")
GitSpy_Data.closing = true
close()
return
}
if(Self_Args[1] == "" || Self_Args[1] == null){
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "Invalid true/false aggressive_logging option.")
GitSpy_Data.closing = true
close()
return
}
I2rys.log("yellowish", "WARN", "GitSpy Debugger:", "Purging temp folder, please wait.")
require("child_process").execSync("rm -r temp")
Fs.mkdirSync("./temp")
I2rys.log("yellowish", "WARN", "GitSpy Debugger:", "temp folder has been purged.")
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Checking if the Github user exist, please wait.")
Request(`https://api.github.com/search/users?q=${Self_Args[0]}`, {
headers: {
"User-Agent": "Mozilla/5.0 (Windows NT 5.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2952.5 Safari/537.36"
}
}, function(err, res, body){
if(err){
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "It looks like Github API is down.")
GitSpy_Data.closing = true
close()
return
}
body = JSON.parse(body)
if(body.total_count == 1){
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Github user exist.")
I2rys.log("yellowish", "INFO", "GitSpy Debugger:", "Scanning the Github user information & repositories for any leaks specified.")
get_user_information(body)
return
}else{
I2rys.log("yellowish", "CRITICAL", "GitSpy Debugger:", "It looks like the Github user you specified is invalid.")
GitSpy_Data.closing = true
close()
return
}
})
process.on("SIGINT", function(){
if(!GitSpy_Data.closing){
GitSpy_Data.closing = true
close()
}
})