The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652277f423a0
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [user] name = Replit user email = <> [remote "origin"] url = https://github.com/GikitSRC/bio fetch = +refs/heads/*:refs/remotes/origin/* [branch "main"] remote = origin merge = refs/heads/main
A JSON configuration file has been found at config.json
.
It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
Fingerprint: b18befd9dd6536aa30550de56d5f0da4b62aa5f0fe2f7af93afa888ec139db98
{ "api": { "id": null, "worker-id": null }, "http": { "enabled": false, "host": "127.0.0.1", "port": 0, "access-token": null, "restricted": true }, "autosave": true, "background": false, "colors": true, "title": true, "randomx": { "init": -1, "init-avx2": -1, "mode": "auto", "1gb-pages": false, "rdmsr": true, "wrmsr": true, "cache_qos": false, "numa": true, "scratchpad_prefetch_mode": 1 }, "cpu": { "enabled": true, "huge-pages": true, "huge-pages-jit": false, "hw-aes": null, "priority": null, "memory-pool": false, "yield": true, "max-threads-hint": 100, "asm": true, "argon2-impl": null, "cn/0": false, "cn-lite/0": false }, "opencl": { "enabled": false, "cache": true, "loader": null, "platform": "AMD", "adl": true, "cn/0": false, "cn-lite/0": false }, "cuda": { "enabled": false, "loader": null, "nvml": true, "cn/0": false, "cn-lite/0": false }, "donate-level": 1, "donate-over-proxy": 1, "log-file": null, "pools": [ { "algo": null, "coin": null, "url": "rx.unmineable.com:3333", "user": "XMR:44hYetJtWVGMvfiU4UxdzxVmJi8KmrVVu2gkiwG1YPe89hxcL9hbT5PDf3xYpXjv44jV5FDpoU2AvK2TKj8PXCpTFP4Kh2b.RPI", "pass": "x", "rig-id": null, "nicehash": false, "keepalive": false, "enabled": true, "tls": false, "tls-fingerprint": null, "daemon": false, "socks5": null, "self-select": null, "submit-to-origin": false } ], "print-time": 60, "health-print-time": 60, "dmi": true, "retries": 5, "retry-pause": 5, "syslog": false, "tls": { "enabled": false, "protocols": null, "cert": null, "cert_key": null, "ciphers": null, "ciphersuites": null, "dhparam": null }, "dns": { "ipv6": false, "ttl": 30 }, "user-agent": null, "verbose": 0, "watch": true, "pause-on-battery": false, "pause-on-active": false }