gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-30 22:50:27 -08:00
Code Issues Packages Projects Releases Wiki Activity

Attacks details + Summary JWT + XXE adjustments

Browse Source
This commit is contained in:
Swissky
2018-11-26 00:25:06 +01:00
parent 928a454531
commit 521d61d956
4 changed files with 47 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Insecure source code management/README.md
View File

@@ -16,10 +16,16 @@
The following examples will create either a copy of the .git or a copy of the current commit.
Check for the following files, if they exist you can extract the .git folder.
- .git/config
- .git/HEAD
- .git/logs/HEAD
### Github example with a .git
1. Check 403 error (Forbidden) for .git or even better : directory listing
2. Git saves all informations in log file .git/logs/HEAD (try 'head' too)
1. Check 403 error (Forbidden) for .git or even better : a directory listing
2. Git saves all informations in log file .git/logs/HEAD (try 'head' in lowercase too)
```powershell
0000000000000000000000000000000000000000 15ca375e54f056a576905b41a417b413c57df6eb root <root@dfc2eabdf236.(none)> 1455532500 +0000 clone: from https://github.com/fermayo/hello-world-lamp.git
15ca375e54f056a576905b41a417b413c57df6eb 26e35470d38c4d6815bc4426a862d5399f04865c Michael <michael@easyctf.com> 1489390329 +0000 commit: Initial.