Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Git Logs Disclosure

By kannthu

Informative
Vidoc logoVidoc Module
#logs#git#exposure
Description

What is the "Git Logs Disclosure?"

The "Git Logs Disclosure" module is designed to detect the exposure of Git logs files and passed URLs. It targets websites or applications that utilize Git for version control. This module is considered informative in terms of severity.

Impact

The exposure of Git logs can potentially reveal sensitive information about the repository, such as commit history, file changes, and even credentials. This information can be exploited by attackers to gain unauthorized access or perform further attacks on the system.

How the module works?

The module sends an HTTP GET request to the /.git/logs/HEAD path, which is a common location for Git logs. It then applies several matching conditions to determine if the response indicates the presence of Git logs:

- The response body does not contain the HTML tags <html> or <body>. - The response header contains the word application/octet-stream. - The response body matches the regular expression ^([a-z0-9]+) , indicating the presence of a commit hash. - The response status is 200, indicating a successful request.

If all of these conditions are met, the module reports a vulnerability, indicating that Git logs are exposed.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.git/logs/HEAD
Matching conditions
dsl: !contains(toLower(body), `<html`), !cont...and
word: application/octet-streamand
regex: ^([a-z0-9]+) and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability