Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Exploiting publically exposed Version Control System

2,081 views

Published on

This Demo / talk was focused on exploiting publicly exposed version control system.

Published in: Technology
  • Be the first to comment

Exploiting publically exposed Version Control System

  1. 1. EXPLOITING VERSION CONTROL SYSTEMS PILLAGING FOR FUN AND PROFIT   BY ANANT SHRIVASTAVA
  2. 2. ANANT SHRIVASTAVA Information Security Consultant Admin - Dev - Security null + OWASP + G4H and @anantshri Trainer : Blackhat USA, NullCon, g0s, c0c0n, RootConf Speaker : Nullcon, c0c0n, ClubHack, RootConf http://anantshri.info        
  3. 3. WHAT IS VCS Version Control System The hip / developers way of deploying code Supports Auto-Deployment on commit
  4. 4. WHY EXPLOIT Coz its fun Its like a golden ticket Auto-deployment if available makes it more hip.
  5. 5. VCS 101 Type FOLDER GIT .git SVN .svn Mercurial .hg
  6. 6. PREDICATABLE FILES .git/HEAD .hg/requires .bzr/README
  7. 7. ROBOTS.TXT OF VCS .gitignore
  8. 8. TOOLS 1. SVN-extractor (Only SVN) (on top coz i wrote it) 2. DVCS-pillage (lacks SVN support) 3. dvcs-ripper (alternative implementation covers svn too)
  9. 9. DEMO TIME NOTE: ALL DEMO's are prepared while in sleep deprived state.
  10. 10. DIRECTORY LISTING ENABLED
  11. 11. DIRECTORY LISTING DISABLED
  12. 12. SVN
  13. 13. PHEW DEMO DONE
  14. 14. QUICK CHECKS while read p; do echo "Input: "$p echo "CHECK: SVN entries http" curl -I echo "CHECK: SVN entries https" curl -k -I echo "CHECK: SVN wcdb" curl -I echo "CHECK: SVN wcdb https" curl -k -I done<$1 http://$p/.svn/entries https://$p/.svn/entries http://$p/.svn/wc.db https://$p/.svn/wc.db
  15. 15. ANY QUESTIONS
  16. 16. ANANT SHRIVASTAVA Information Security Consultant Admin - Dev - Security null + OWASP + G4H and @anantshri Trainer : Blackhat USA, NullCon, g0s, c0c0n, RootConf Speaker : Nullcon, c0c0n, ClubHack, RootConf http://anantshri.info        

×