Exposed git folder

Note: This page is in the web pentest category but it could also be useful in a cloud pentest or other types of pentest.

It can happen during a pentest engagement that you will find a git folder.

Get the git folder in your local machine

From AWS

Say you found an aws bucket and it contains a git folder in rootfolder/.git. You will need to take the root folder locally this way you will be able to use git commands such as git diff

From a web server

wget -r

Explore the content

  • git status see tje status of changes

  • git diff will show the changes

  • cat .git/refs/heads/master will give you a reference to the latest commit.

  • git log -1 master will show commit message

  • git show -s --pretty=raw b64c8dcfa8a39af06521cf4cb7cdce5f0ca9e526 here b64c8dcfa8a39af06521cf4cb7cdce5f0ca9e526 is a reference to the commit you got from git log

  • git checkout -- . reset the local repo to the last commit (to retrieve deleted files for instance)



GitTools by internetwache



Exposed .git Directory Exploitation by Yani

Git - Hacktricks

Last updated