Version Control is a system that records changes to a file or set of files over time so that they can recall specific versions later.
Some developers also includes Git Repository in their staging environment. However, they sometimes neglect removing the Git Repository after uploading the website to the internet or restricting unauthenticated users from accessing it.
By using Google Dork which filters results from Google, it allows other user to identify websites with publicly visible and accessible Git Repository. Like the screenshot of the website with a publicly visible Git Repository below.
After locating a target, I started downloading the files in the Git Repository using wget.
wget lets you download files from the internet or even mirror entire websites for offline viewing.
Then, I went to objects folder and randomly chose a folder and checked it.
I chose folder 64 and found 2 files inside.
Then I have to concatenate 64(Folder) and 5f8669cf5704ae8d96c938c49d4b26b7466f9e(File) to get the Hash.
Hash = 645f8669cf5704ae8d96c938c49d4b26b7466f9e
Then, I used git cat-file command to show the contents of the hashed file.
git cat-file provides content or type and size information for repository objects
I found lot of files, directories, and 2 SQL Files(2 Databases). Without further ado, I immediately downloaded an SQL File.
But there’s a problem. The database is so huge and I can’t open it using XAMPP. So, I decided to use my premium hosting on GoDaddy to view the database.
As I mentioned above, you may remove the Git Repository or restrict unauthenticated user from accessing it. Below is one way to deny user’s requests to access the Git Repository.
<Directory ~ “\.git”>
Deny from all
That is all folks! I hope you learned something with this blog post.
Note: This bug has already been reported.