• Creation
  • Validation
  • Communication & fix
  • Disclosure

Lockerbox / Source leak through exposed git directory

reported 2021-10-08

The following URL is publicly accessible and is leaking source code :

https://80.87.201.100/.git/config

IP:
80.87.201.100
Port:
443
Detected protocol:
https
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[remote "origin"]
	url = https://bitbucket.org/lockerbox_ru/lockers_web
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
Found by GitConfigPlugin 2021-07-26
Report created by    linkks  2021-10-08
Report edited by    BloodyShell  2021-10-08
Report approved by    BloodyShell  2021-10-08
New PDF report generated by system 2021-10-08
Report dispatched to ...@... by system 2021-10-08
Report marked as fixed by    BloodyShell  2021-10-12
Report closed by    BloodyShell  2021-10-12
New PDF report generated by system 2021-10-12
Information
Owner Lockerbox
Created 2021-10-08 07:36
Updated 2021-10-12 18:58
Fixed true

Contacts
i...@lockerbox.ru

Status
Status closed
Hosting contacted false
CERT contacted false

Download report