.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf02a719fba72269ac0ec68e593f464f625a
Found 24 files trough .DS_Store spidering: /.git /.vscode /888 /app-download /app-download/images /app-download/js /check.html /index.html /m /qphtml /qphtml/active /qphtml/css /qphtml/img /qphtml/js /qphtml/mp4 /robots.txt /static /static-tccp /ts-download /ts-download/css /ts-download/images /ts-download/js /ts-download/muse-ui /tsnew-download
Severity: low
Fingerprint: 5f32cf5d6962f09c3838040e3838040e7ad6bceb561dd3921d235eeb1c2bf373
Found 20 files trough .DS_Store spidering: /.git /.vscode /888 /app-download /app-download/images /app-download/js /check.html /index.html /m /qphtml /qphtml/active /qphtml/css /qphtml/img /qphtml/js /qphtml/mp4 /robots.txt /static /static-tccp /ts-download /tsnew-download
Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbe626f729b199cedc206e898fb9876c4bf
Found 15 files trough .DS_Store spidering: /.git /.vscode /888 /app-download /app-download/images /app-download/js /check.html /index.html /m /qphtml /robots.txt /static /static-tccp /ts-download /tsnew-download
Severity: low
Fingerprint: 5f32cf5d6962f09c11d3744d11d3744d9930cc46c0a50fa3a2807c7ac11d5508
Found 12 files trough .DS_Store spidering: /.git /.vscode /888 /app-download /app-download/images /app-download/js /m /qphtml /static /static-tccp /ts-download /tsnew-download
Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa544751bf49c0f7025fade1f1516096878ee6
Found 18 files trough .DS_Store spidering: /.git /.vscode /888 /app-download /app-download/images /app-download/js /m /m/css /m/font /m/img /m/js /m/media /m/static /qphtml /static /static-tccp /ts-download /tsnew-download
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a652241148f2e
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = root@6669786.com:lottery-site/lottery-repo-tccp fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master