H3-2022-0066¶

Git Repo Exposed on a Web Server

Description¶

The web server is exposing a Git repository in the web root folder. Git is a version control system that developers use to manage and store code. When the .git directory, which contains all the information about the repository, is exposed publicly, an attacker can navigate to this directory through a web browser and access the repository's content. Specifically, the attacker can utilize tools like wget or manual downloading to retrieve all the files from the .git directory.

Impact¶

By exploiting this misconfiguration, an attacker could gain access to the application’s source code, which may contain sensitive information such as API keys, credentials, and developer comments. This access could allow the attacker to understand the application’s architecture, identify potential weaknesses, and craft specific exploits to target the application further.

References¶

• Hacking Git Directories
• GitDumper Tool
• MITRE ATT&CK Technique: T1213.003: Data from Information Repositories: Code Repositories