1. Background and leakage channels
Usually we will back up the data. For example, when we publish the website, we will back up the version to be replaced. When we modify important files, we also need to back them up. If we do not manage the backed up or cached files or information well, it can easily lead to the leakage of our sensitive information.
Then there are many ways to leak information in network security, including: website source code, bak file, vim cache, .DS_Store, etc.
Common website information Leakage is like this: when a developer backs up the source code in an online environment, and the developer conveniently places the backup file in the web directory, it will cause the website source code to be leaked.
2. Discovery of leaked information
How do we know what information was leaked? Usually we can use some tools:
2.1 Scanning website information
For website information, we can use the dirsearch tool
python3 dirsearch.py -u url -e *
You can perform directory scanning on specific URL websites to find some hidden directories.
2.2 Scanning git information for version management
For our commonly used version management tool git, we can use GitHacker to detect whether there is hidden information
python3 GitHacker.py url/.git
Common git commands to view hidden information are:
git log to view git submission information
git reset --hard git submission id'< /span>
git stash pop stash is the stack area of git
2.3 For version management svn
SVN leaks will have a .svn folder
Use dirsearch to scan
git clone https://github.com/kost/dvcs-ripper
Use dvcs-ripper
script: ./rip-svn.pl -v -u url/.svn/
2.4 For distributed version tool hg
hg leaked, hg is a distributed version control tool, Mercurial distributed version control system, the main program name is hg, so it is called hg for short, it is based on python
./ rip-hg.pl -v -u url/.hg
2.5 Hiding information for files
To view the information hidden and leaked by the file, in addition to directly viewing the document content, we can also use the foremost tool, which is a method to see whether other files are hidden in the file.
3. Take precautions before things happen
From Chapter 2, we can conclude that information leakage is divided into two situations:unintentional and intentional. Unintentional means careless, because The tool used is cached, or the tool records submission information. The other is intentional, which is to pass information out for a certain purpose, such as hiding another resource in a word document. So in the process of preventing information leakage, on the one hand, we must standardize the tool usage process and usage requirements to avoid information leakage due to tools. On the other hand, we must strengthen personnel education, standardize operations and information tracking to prevent personnel from deliberately leaking information.
4. Summary
Safety and protection are like the contest between a spear and a shield. "The way is higher and the devil is higher." There is no end point at all. Today we shared some of the ways in which information is leaked. These ways of leaking information are relatively hidden and require certain technical capabilities to track them.