Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Git Mailmap File Disclosure

By kannthu

Low
Vidoc logoVidoc Module
#config#exposure#git#mailmap#files
Description

What is the "Git Mailmap File Disclosure?"

The "Git Mailmap File Disclosure" module is designed to detect a misconfiguration vulnerability in Git repositories. Git is a distributed version control system commonly used for source code management. This module focuses on the exposure of the ".mailmap" file, which contains email aliases for Git authors.

The severity of this vulnerability is classified as low.

Original authors of this module are geeknik and DhiyaneshDK.

Impact

If the ".mailmap" file is exposed, it can potentially reveal sensitive information such as email addresses associated with Git authors. This information could be used for social engineering attacks or targeted phishing attempts.

How does the module work?

The "Git Mailmap File Disclosure" module sends an HTTP GET request to the "/.mailmap" path of a Git repository. It then applies a series of matching conditions to determine if the vulnerability is present.

The matching conditions for this module are as follows:

- The response body must not contain the phrase "# Theresa O'Connor:" - The response headers must include the word "application/octet-stream" - The response status code must be 200 - The response body must match the regular expression for email addresses

If all of these conditions are met, the module reports a vulnerability.

It is important to note that this module does not provide any remediation steps. If a vulnerability is detected, it is recommended to secure the ".mailmap" file by restricting access to authorized users only.

For more information, you can refer to the official Git documentation on the .mailmap file.

Metadata:

- Verified: true - Shodan query: html:mailmap

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.mailmap
Matching conditions
regex: (?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z...and
word: application/octet-streamand
NOT word: # Theresa O'Connor:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability