CTFHub_ Skill Tree_Web Information Leakage-"Git Leak"-"Log", "Stash", "Index"

Others 2020-10-29 11:26:47 views: null

Article Directory

1. "Log"
- Method one, git reset
- Method two, git diff
2. "Stash"
3. "Index"
Finish

1. "Log"

Open environment

Insert picture description here
Scan with dirsearch and found git leak

python dirsearch.py -u <url> -e *

Insert picture description here
Clone the directory with Githack

Note that you need python2 environment and Git installation

python2 Githack.py <url>

Insert picture description here

Insert picture description here
Now that the log is prompted, check the log record

git log

Insert picture description here
Found that there are records with added flags.
There are two ideas at this time

Method one, git reset

Use git resetrollback to the previous version to get the flag file

git reset --hard <commit>

Insert picture description here

Method two, git diff

Use git diffthe difference between the current version and the previous version to get the flag

git diff <commit>

Insert picture description here

2. "Stash"

Similarly, clone to local

Insert picture description here
Open ./.gitfound stash file

stash can be understood as a cache file of git

Insert picture description here
Use notepad++ to open to get the version number information

Insert picture description here
Then you can get the flag by using rollback or comparison

Insert picture description here

3. "Index"

The flag can be obtained directly after cloning to the local

Insert picture description here

Finish

Welcome to leave a message in the comment area.
Thanks for browsing

Guess you like

Origin blog.csdn.net/Xxy605/article/details/109283778

CTFHub_ Skill Tree_Web Information Leakage-"Git Leak"-"Log", "Stash", "Index"

CTFHub Skill Tree Information Leakage——PHPINFO

CTFHub_ skill tree _ file upload

ctfhub skill tree - leaked information - backup file download -.DS_Store

ctfhub skill tree -web pre-skills -http agreement -Cookie

CTFHub skill tree -Web- file upload - no verification

CTFHub skill tree -Web- file upload -.htaccess

CTFHub skill tree -Web- truncated file upload -00

ctfhub skill tree -sql injection - the injection character

ctfhub skill tree -sql inject injection -Cookie

CTFHub- skill tree - command execution

CTFHub Skill Tree HTTP Protocol - Basic Authentication

git - stash

ctfhub skill tree - file upload - front-end verification

CTFHub skill tree backup file download - website source code

CTFHub skill tree backup file download——.DS_Store

CTFHub skill tree backup file download - vim cache

Skill tree

skill tree

skill tree

Record git skill tree learning (1)

Git stash and solving Git stash conflicts

git- git stash

git stash command in git

git stash git pull

Use git stash of

git stash operation

git stash use

git branch stash

git stash command to use

Recommended

Ranking

Linux关机和重启详解（shutdown、halt、poweroff、reboot、init）

Netty work notes 0007---NIO's three core component relationships

Knife4j tutorial

2021.10.29，内容:什么时候用接口和抽象类

How to solve the problem that changing the memory frequency causes the computer to become unusable?

SpringMVC Tutorial - Controller

linux learning skills -Linux 25 transport Vega paid special privileges and facl extension

Financial quarterly report evaluation report data automatic generation 1.0

Agile Development Series - The Values of Agile Development

scrapy achieve browsercookie Middleware

Daily

More

2024-05-19(0)

2024-05-18(31)

2024-05-17(6)

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)