Skip to content
HackAndStuff

Tryhackme - Git Happens Room WriteUp

Tryhackme1 min read

banner

Git Happens in an easy category room developed by hydragyrum. This is a simple room exploiting a silly mistake of making the git directory publicly accessible . Check out the room here.

Let's start with the nmap.

nmap -sC -sV -v -oA nmap/initial IP

1PORT STATE SERVICE VERSION
280/tcp open http nginx 1.14.0 (Ubuntu)
3| http-git:
4| 10.10.47.160:80/.git/
5| Git repository found!
6|_ Repository description: Unnamed repository; edit this file 'description' to name the...
7|_http-server-header: nginx/1.14.0 (Ubuntu)
8|_http-title: Super Awesome Site!
9Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

We have a web server . The default nmap scripts also found a git directory publicy available to us on web server at /.git. Let's confirm this by visiting in browser and indeed we have a lot of stuff here . Now , you can manually download all the files via wget or curl , but that would be tedious. So, I used this Git-Dumper from Github which is a python script that can dump an entire git repo from web easily .

Now , to scan through the downloaded git directory , we can use the cool git commands.Normally , in the initial stages of the development of a website , the developers usually leave stuff like credentials , API keys, sensitive comments for convenience in development. As the project grows ,we move to more secure coding practices (hopefully!) and get rid of that sensitive stuff. So , let's see what this website looks like in its early days .

git log

This command shows all the commits ever made during the life of this website . Let's see the early commits.

git_log

To see what changes each individual commit does , we can use the command

git show commit_hash

The initial commit was not interesting , so moving on to second one . The commit message says Made the Login Page , maybe it has something juicy.

creds

And we have the creds for the login page. We are done for this room . No seriously , this is it. Duhh!

hacked

Hope you learned something new and thanks for reading .

CHAO !

© 2021 by Jatin Malik. All rights reserved.