Git Information Leak II

This exercise details how to retrieve information from an exposed .git directory on a web server. This time, the directly listing is disabled

PRO
Tier
Medium
< 1 Hr.
2351
Blue Badge

Course


In this exercise, we will delve into the exploitation of a website that leaks its `.git` repository at the root. Although such issues are less common with modern URL mapping, it's crucial to remain vigilant.

We will begin by accessing the `.git` directory, even if directory listing is disabled. By retrieving files such as `.git/config` and `.git/HEAD`, we can trace the commit history and access specific objects within the repository. Using tools like `gzip` or `ruby`, we will decompress these objects and identify the source files. By recreating the repository structure locally, we will piece together the source code, leading us to the key hidden in a PHP comment.

Want to learn more? Get started with PentesterLab Pro! GO PRO