mirror of
https://github.com/daffainfo/AllAboutBugBounty.git
synced 2024-12-22 04:16:10 +00:00
1.6 KiB
1.6 KiB
Exposed Source Code
Introduction
Source code intended to be kept server-side can sometimes end up being disclosed to users. Such code may contain sensitive information such as database passwords and secret keys, which may help malicious users formulate attacks against the application.
Where to find
-
How to exploit
- Exposed Git folder
https://site.com/.git
Tools to dump .git
- Exposed Subversion folder
https://site.com/.svn
Tools to dump .svn
- Exposed Mercurial folder
https://site.com/.hg
Tools to dump .hg
- Exposed Bazaar folder
http://target.com/.bzr
Tools to dump .bzr
- Exposed Darcs folder
http://target.com/_darcs
Tools to dump _darcs (Not found)
- Exposed Bitkeeper folder
http://target.com/Bitkeeper
Tools to dump BitKeeper (Not found)