Detecting exposed source code control systems
Source code control systems are sometimes exposed in misconfigured web servers. They present a great risk to organizations as they store sensitive information such as source code and, sometimes, even credentials.
This recipe shows how to detect exposed source code control systems on web servers with Nmap.
How to do it...
Use the following Nmap command to detect exposed git
repositories in web servers:
$nmap -sV --script http-git <target>
If a .git
directory is found, information about the repository will be returned:
PORT STATE SERVICE REASON 80/tcp     open http syn-ack | http-git: |    127.0.0.1:80/.git/ |    Git repository found! |    .git/config matched patterns 'passw' |    Repository description: Unnamed repository; edit this file 'description' to name the... |    ...