Giter VIP home page Giter VIP logo

ginger's Introduction

Ginger

Ginger is an open source security assessment tool that helps in assessing the security of a given Pentaho BA application instance.

Please keep in mind that this project is still a work in progress, and not all features might be present or work as intended.

Usage

Ginger has only one mandatory parameter, the URL of the target Pentaho installation:

user@host:~$ python gynger.py http://localhost:8080/pentaho

Note: do not include a trailing slash (/)

Doing that will start Ginger in Anonymous mode, with limited funcionality. If valid credentials are known, those should be provided:

user@host:~$ python gynger.py http://localhost:8080/pentaho -u admin -p password

When Ginger establishes a connection with Pentaho BA, it will prompt and wait for commands. The complete list of available commands can be seen by typing help.

Command Reference
api try to list available API calls, even as Anonymous user
dbs list all connected db credentials
files list all available files in repository
usernames list all valid usernames
userroles list all valid usernames and valid roles
shell upload a reverse shell
version show Pentaho Version

Warning!

Ginger comes with absolutely NO WARRANTY, and shall not be used at any system where prior approval has not been granted. Use at your own risk.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.