Insecure code management¶

Challenge: Get the password (in clear text) from the admin account.

Intercept, send to Repeater and check the (existence and content of) .git directory:

Download the directory:

wget -r http://challenge01.root-me.org/web-serveur/ch61/.git/

Open the directory which contains .git in GitCola (for example), and Undo Commit:

Techniques¶

• Information disclosure

• Surface discovery runbook

Counter moves¶

Insecure code management is the case here. Server-side validation and least privilege are what these reduce to. Seen from the other side, this sits in the blue notes on the application layer as a target.