Skip to content

plur1bu5/RocketMine

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.gitignore
.gitignore
 
 
README.md
README.md
 
 
rocketmine.py
rocketmine.py
 
 
rocketminer.png
rocketminer.png
 
 

Repository files navigation

RocketMine

RocketMine Logo

RocketChat pillaging tool — dump users, channels, groups, DMs, messages, and all uploaded files in one shot.

Features

  • Authenticate via API token or username/password
  • Dump public channels, private groups, and direct messages
  • Extract and download all file attachments automatically
  • Enumerate users with detailed profiles
  • List all accessible rooms
  • Dump server settings and integrations (admin)
  • Fully paginated — never misses messages in large rooms
  • Output organized into clean subdirectories

Installation

git clone https://github.com/Plur1bu5/RocketMine
cd RocketMine
pip install requests

Usage

usage: rocketmine.py [-h] -u URL [-o DIR] [--token TOKEN] [--user-id USER_ID]
                     [--username USERNAME] [--password PASSWORD] [--all]
                     [--users] [--channels] [--groups] [--dms] [--rooms]
                     [--integrations] [--settings]

connection:
  -u, --url URL        RocketChat base URL  e.g. http://10.0.0.1:3000
  -o, --output DIR     Output directory (default: rocketmine_out)

authentication (use one method):
  --token TOKEN        X-Auth-Token
  --user-id USER_ID    X-User-Id  (required with --token)
  --username USERNAME  Username for password login
  --password PASSWORD  Password for password login

pillage options:
  --all                Pillage everything (recommended)
  --users              Enumerate users + detailed profiles
  --channels           Dump public channels + messages + files
  --groups             Dump private groups + messages + files
  --dms                Dump direct messages + files
  --rooms              List all accessible rooms
  --integrations       Dump webhooks/integrations (admin)
  --settings           Dump server settings (admin)

Examples

# Dump everything using API token
python3 rocketmine.py -u http://10.0.0.1:3000 --token TOKEN --user-id USERID --all

# Dump everything using username/password
python3 rocketmine.py -u http://10.0.0.1:3000 --username admin --password pass --all

# Selective pillaging
python3 rocketmine.py -u http://10.0.0.1:3000 --token TOKEN --user-id USERID --users --groups --dms

# Custom output directory
python3 rocketmine.py -u http://10.0.0.1:3000 --token TOKEN --user-id USERID --all -o /tmp/loot

Output Structure

rocketmine_out/
├── users/
│   ├── users.json
│   └── users_detailed.json
├── rooms/
│   └── all_rooms.json
├── channels/
│   ├── channels.json
│   ├── general_messages.txt
│   └── general_files/
│       └── uploaded_file.png
├── groups/
│   ├── groups.json
│   ├── developers_chat_messages.txt
│   └── developers_chat_files/
│       └── key.txt
├── dms/
│   ├── dms.json
│   └── user1_user2_messages.txt
├── integrations/
│   └── integrations.json
└── settings/
    └── settings.json

Author

Plur1bu5

License

MIT

About

RocketChat pillaging tool, dumps users, channels, groups, DMs and files via API. Originally built for a pentest, now open source.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages