Git Happens — TryHackMe

0xsanz
3 min readAug 26, 2020

Git is everywhere these days and so is the danger of accidentally exposing the git repositories publicly. This write-up is based on TryHackme’s room named Git Happens which highlights this issue and the possible dangers and exposure this mistake can cause to any company if they are not careful. This room can be found here:-

https://tryhackme.com/room/githappens

This is kind of a easy room if you are familiar with git version control system and few basic git commands.The task is simple and we have to find a super secret password.

Running NMAP results in the following:

nmap -sC -sV 10.10.38.53

That is - we have a Git Repository exposed via Port 80! Lets browse this:

We can manually go through each of these directories or we can use some tool to get this repo locally and try to find out the password . I found a tool named GitTools on github which was super useful:

https://github.com/internetwache/GitTools

Clone this tool locally using:

git clone https://github.com/internetwache/GitTools.git /

Now run the following command to get the repo locally, assuming that GitTools are in /opt/tools directory:

/opt/tools/GitTools/Dumper/gitdumper.sh http://10.10.38.53/.git/ clone

Change directory to “clone” and check the status of the repo using the command:

git status

Explore more and check the logs using:

git log

--

--

0xsanz

Software Developer having keen interest in Security, Privacy and Pen-testing. Certs:- Security+,PenTest+,AZ900,AZ204,AZ500