openresty
tcp/443 tcp/80
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522814a5d7c
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = git@gitlab.com:fortexClient/abong/notif-server.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba91884022e566c8186e4805f
[init] defaultBranch = none [fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:JpmHa_Y3NZrma5W233Bm@gitlab.com/fortexClient/abong/notif-server.git fetch = +refs/heads/*:refs/remotes/origin/*
Severity: critical
Fingerprint: 2580fa947178c883cda65107b6f0882eb5010f354c5d91ec33bd1e39063e61cd
[fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:nd3_JTrpTQBS-cTGrS5Y@gitlab.com/fortexClient/abong/notif-server.git fetch = +refs/heads/*:refs/remotes/origin/*
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Additionally the GIT credentials are present and could give unauthorized access to source code repository of private projects.
Severity: critical
Fingerprint: 2580fa947178c88c8f88f4f64b143e4f192660cba91884022e566c8186e4805f
[init] defaultBranch = none [fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:JpmHa_Y3NZrma5W233Bm@gitlab.com/fortexClient/abong/notif-server.git fetch = +refs/heads/*:refs/remotes/origin/*
Severity: critical
Fingerprint: 2580fa947178c883cda65107b6f0882eb5010f354c5d91ec33bd1e39063e61cd
[fetch] recurseSubmodules = false [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://gitlab-ci-token:nd3_JTrpTQBS-cTGrS5Y@gitlab.com/fortexClient/abong/notif-server.git fetch = +refs/heads/*:refs/remotes/origin/*
Open service 163.47.10.9:80
2024-09-11 17:26
HTTP/1.1 200 OK Server: openresty Date: Wed, 11 Sep 2024 17:26:30 GMT Content-Type: text/html Content-Length: 130 Last-Modified: Fri, 12 Apr 2024 18:14:06 GMT Connection: close ETag: "661979ee-82" Accept-Ranges: bytes Page title: 404 Not Found <html> <head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx</center> </body>
Open service 163.47.10.9:443
2024-09-11 12:19
HTTP/1.1 400 Bad Request Server: openresty Date: Wed, 11 Sep 2024 12:19:03 GMT Content-Type: text/html Content-Length: 654 Connection: close Page title: 400 The plain HTTP request was sent to HTTPS port <html> <head><title>400 The plain HTTP request was sent to HTTPS port</title></head> <body> <center><h1>400 Bad Request</h1></center> <center>The plain HTTP request was sent to HTTPS port</center> <hr><center>openresty</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page -->
Open service 163.47.10.9:22
2024-09-10 18:39