.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcccfaf1be70ec9c91edaefa9dbddb5fa6
Found 22 files trough .DS_Store spidering: /bin /composer.json /composer.lock /config /docker-compose.override.yml /docker-compose.yml /migrations /phpunit.xml.dist /public /public/assets /public/index.html /public/index.php /public/license.txt /public/product-details.html /public/ups /src /symfony.lock /templates /tests /translations /var /vendor
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb05014251
[core] repositoryformatversion = 0 filemode = false bare = false logallrefupdates = true symlinks = false ignorecase = true [gui] wmstate = normal geometry = 893x435+26+26 175 196 [lfs] repositoryformatversion = 0 [remote "origin"] url = https://github.com/itachi2230/dyalon.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcccfaf1be70ec9c91edaefa9dbddb5fa6
Found 22 files trough .DS_Store spidering: /bin /composer.json /composer.lock /config /docker-compose.override.yml /docker-compose.yml /migrations /phpunit.xml.dist /public /public/assets /public/index.html /public/index.php /public/license.txt /public/product-details.html /public/ups /src /symfony.lock /templates /tests /translations /var /vendor
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb05014251
[core] repositoryformatversion = 0 filemode = false bare = false logallrefupdates = true symlinks = false ignorecase = true [gui] wmstate = normal geometry = 893x435+26+26 175 196 [lfs] repositoryformatversion = 0 [remote "origin"] url = https://github.com/itachi2230/dyalon.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master