Sensitive Files
Sensitive Files¶
https://medium.com/@_bl4de/hidden-directories-and-files-as-a-source-of-sensitive-information-about-web-application-84e5c534e5ad
Git Folders¶
Object Folder:
Can be
- Commit: is an information about commit, with current tree (folders and files structure) object hash.
- Tree: contains information about folders and files structure — and every single folder or file has its own object hash stored in tree object. It might be another tree (folder which is one level down in the folders structure) or file.
- Blob: is Git object type where files content are saved. In other way — if you know an object hash of the particular file, you can read content of this file using git cat-file command.
Info about commits in the .git/logs/head file
0000000000000000000000000000000000000000 07603070376d63d911f608120eb4b5489b507692
[email protected] <[email protected]> 1452195279 +0000 commit (initial): index.php initial commit
This can be used to get a file
localhost/testapp/.git/objects/07/603070376d63d911f608120eb4b5489b507692
Also have a look at the .gitignore file.
SVN¶
Find Sensitive Data¶
Retrieving putty and RDP history - https://github.com/fireeye/SessionGopher