Information disclosure in version control history

https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-in-version-control-history

Level: Practitioner

  • Practitioner level, we need to get the admin password this time.

  • To automate a little recon, I used dirsearch and found a /.git exposed.

  • So, let's make recursive wget on the directory and make some git recon.

  • Now in the image below I enumerate the git a little bit and one of the commits contains the admin password.

  • Just Login with the credentials and delete the user, Carlos.

PreviousPractitionerNextDirectory Traversal

Last updated