Domain enginetrade.bond
United States
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
First seen 2022-10-04 14:27
Last seen 2023-02-07 19:32
Open for 126 days-
Severity: critical
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652259958e83[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://qpapi: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@github.com/landingqp/enginetrade.bond fetch = +refs/heads/*:refs/remotes/origin/* [branch "main"] remote = origin merge = refs/heads/main
Found on 2022-10-04 14:27313 Bytes
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2022-10-04 14:27
Last seen 2023-02-07 19:32
Open for 126 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcbef89d5c598630bca44c96bfbd122b73Found 22 files trough .DS_Store spidering: /css /favicon.ico /fonts /images /images/2.jpg /images/4.jpg /images/5.jpg /images/6.jpg /images/background.jpg /images/depo.png /images/loading1.gif /images/logo.png /images/logo_gimini.png /images/man-1.png /images/man-2.jpg /images/overlay.png /images/profit.png /images/success.png /images/uptime.png /index.html /js /privacy
Found on 2022-10-04 14:27
-