HTTPS clone URL
Subversion checkout URL
Remote Branch Pruning
- Committer Keys
- Committer Rights
- Common Metasploit Module Coding Mistakes
- Contributing to Metasploit
- Creating Metasploit Framework LoginScanners
- Debugging Dead Meterpreter Sessions
- Decommissioning Redmine
- Downloads by Version
- Evading Anti Virus
- Exploit Ranking
- Git cheatsheet
- Git Gotchas
- Git Reference Sites
- Guidelines for Accepting Modules and Enhancements
- How payloads work
- How to add and update gems in metasploit framework
- How to check Microsoft patch levels for your exploit
- How to clean up files using FileDropper
- How to deprecate a Metasploit module
- How to do reporting or store data in module development
- How to get Oracle Support working with Kali Linux
- How to get started with writing a Meterpreter script
- How to get started with writing a post module
- How to get started with writing an auxiliary module
- How to get started with writing an exploit
- How to log in Metasploit
- How to parse an HTTP response
- How to Send an HTTP Request Using HTTPClient
- How to send an HTTP request using Rex::Proto::Http::Client
- How to use a Metasploit module appropriately
- How to use a reverse shell in Metasploit
- How to use datastore options
- How to use exim_gethostbyname_bof.rb (Exim GHOST Buffer Overflow)
- How to use Msf::Auxiliary::AuthBrute to write a bruteforcer
- How to use msfvenom
- How to use PhpEXE to exploit an arbitrary file upload bug
- How to use Powershell in an exploit
- How to use Railgun for Windows post exploitation
- How to Use the FILEFORMAT mixin to create a file format exploit
- How to use the Msf::Exploit::Remote::Tcp mixin
- How to use the Seh mixin to exploit an exception handler
- How to use WbemExec for a write privilege attack on Windows
- How to write a browser exploit using BrowserExploitServer
- How to write a browser exploit using HttpServer
- How to write a check() method
- How to write a HTTP LoginScanner Module
- How to write a module using HttpServer and HttpClient
- How to zip files with Rex::Zip::Archive
- Indentation Standards
- Information About Unmet Browser Exploit Requirements
- Issue Labels
- Keeping in sync with rapid7 master
- Landing Meterpreter Pull Requests
- Landing Pull Requests
- Loading External Modules
- Metasploit development environment
- Metasploit Loginpalooza
- Metasploit module reference identifiers
- Meterpreter Configuration
- Meterpreter HTTP Communication
- Meterpreter Paranoid Mode
- Meterpreter Reliable Network Communication
- Meterpreter Sleep Control
- Meterpreter Stageless Mode
- Meterpreter Timeout Control
- Meterpreter Transport Control
- Meterpreter Unicode Support
- Meterpreter Wishlist
- Nightly Installers
- Oracle Usage
- Payload Rename Justification
- Payload UUID
- Remote Branch Pruning
- Reporting a Bug
- Resuscitating Dead Pull Requests
- Rolling back merges
- Setting Up a Metasploit Development Environment
- State of Meterpreter
- Style Tips
- The ins and outs of HTTP and HTTPS communications in Meterpreter and Metasploit Stagers
- Unstable Modules
- Using Git
- Using Metasploit
- What does my Rex::Proto::SMB Error mean?
- Home Welcome to Metasploit!
- Using Metasploit A collection of useful links for penetration testers.
Setting Up a Metasploit Development Environment From
- CONTIBUTING.md What should your contributions look like?
- Landing Pull Requests Working with other people's contributions.
- Using Git All about Git and GitHub.
- Contributing to Metasploit Be a part of our open source community.
- Meterpreter All about the Meterpreter payload.
Clone this wiki locally
Since we have a lot of people creating and merging branches on the Metasploit GitHub repository, we need to periodically get rid of old and abandoned branches. Here's my technique:
Clone a new metasploit-framework.git repository:
todb@presto:~/github/todb-r7$ git clone github_r7:rapid7/metasploit-framework.git msf-backup.git
Go there and check out every remote branch we've got. That way, if you screw up and delete something important, you can add it back in later from this backup clone.
todb@presto:~/github/todb-r7$ cd msf-backup.git `todb@presto:~/github/todb-r7/metasploit-framework$ for b in `git branch -r | grep -v "HEAD -> origin" | sed 's/^ origin\///'`; do git checkout -b $b --track origin/$b; done
Tarball it out of the way.
todb@presto:~/github/todb-r7$ cd .. todb@presto:~/github$ tar zxvf msf-backup.git.tar.gz todb@presto:~/github$ rm -rf msf-backup.git
Now, clone metasploit again. I do this because I have like 20 remotes to deal with on my "real" clone and I don't want to have to grep through all my origin vs non-origin stuff.
mazikeen:./rapid7$ git clone github_r7:rapid7/metasploit-framework.git msf-prune
Now start figuring out what branches to delete.
First, wipe out anything that responds to prune. Usually that's not a lot.
mazikeen:./msf-prune$ git prune remote origin
Next, take a look at what's already merged and what's not. We can drop most of the merged stuff right away.
mazikeen:./msf-prune$ git branch -r --merged mazikeen:./msf-prune$ git branch -r --no-merged
That gives a pretty good idea of how many branches we're talking about.
Here's a one-liner, lightly modified from http://stackoverflow.com/questions/2514172/listing-each-branch-and-its-last-revisions-date-in-git#2514279 which lists all remote merged branches in date order.
mazikeen:./msf-prune$ for k in `git branch -r --merged |grep -v "HEAD ->" | sed s/^..//`; do echo -e `git log -1 --pretty=format:"%Cgreen%ci %Cblue%cr%Creset" $k --`\\t"$k";done | sort
Count off how many you want to keep at the end, do the arithmetic, and tack on another couple pipes to catch everything that's more than two weeks old. These are the merged branches that nobody's likely to miss.
mazikeen:./msf-prune$ for k in `git branch -r --merged |grep -v "HEAD ->" | sed s/^..//`; do echo -e `git log -1 --pretty=format:"%Cgreen%ci %Cblue%cr%Creset" $k --`\\t"$k";done | sort | head -45 | sed "s/^.*origin\///" > /tmp/merged_to_delete.txt
Pull the trigger:
mazikeen:./msf-prune$ for b in `cat /tmp/merged_to_delete.txt`; do echo Deleting $b && git push origin :$b; done
Note that we still have our tarball, so if we need to reinstate any of these branches, just need to re-push.
Pretty much the same as above, but use
--no-merged instead of
--merged and allow for older unmerged branches (say, 2 months).
Sometimes, some people may run into sync problems with these missing branches and need to
git remote prune origin themselves. Alternatively, they want to look into these branches again -- especially the unmerged ones. So, let people know that you just did this on the metasploit-hackers list and the Freenode IRC channel. If someone wants an old branch back, just go to your backup clone and push it back up as you would any branch:
git checkout branchname && git push origin branchname. No problem.